Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Heavy Drain to CPU - I think the culprit might be IDM [Closed]


  • This topic is locked This topic is locked

#1
Jesssta

Jesssta

    Member

  • Member
  • PipPip
  • 21 posts

HI 

My laptop has started running extremely hot and loud thanks to fans going crazy, and the CPU drain from IDM (Internet Download Manager) is steady at around 20%. I cannot understand this. I am not downloading anything. I am not playing intense games which may cause it to heat up like it is. It is almost too hot to even touch!!. I have a 4th gen core i7 - surely IDM should not be using 20% of the CPU when it is just idle. 

 

It is a cracked version of IDM, and I performed an update on it just last week.

That is when the issue started. 

I have not had any errors pop up, and my antivirus has not detected anything either. 

I am hoping someone can help me identify a problem and eliminate it. 

Thanks in advance for any help provided..!!

 

 

OTL logfile created on: 18/10/2014 7:24:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jess\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
7.89 Gb Total Physical Memory | 5.32 Gb Available Physical Memory | 67.52% Memory free
9.82 Gb Paging File | 6.97 Gb Available in Paging File | 70.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 558.56 Gb Total Space | 289.40 Gb Free Space | 51.81% Space Free | Partition Type: NTFS
Drive D: | 817.25 Gb Total Space | 817.01 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive G: | 20.01 Gb Total Space | 19.87 Gb Free Space | 99.28% Space Free | Partition Type: NTFS
 
Computer Name: JESSS-PC | User Name: Jess | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/18 19:23:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jess\Downloads\OTL.exe
PRC - [2014/10/18 18:30:01 | 001,084,704 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2014/10/09 22:46:41 | 003,882,576 | R--- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2014/10/09 22:46:41 | 000,513,048 | R--- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMGrHlp.exe
PRC - [2014/10/04 17:44:13 | 002,463,552 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/10/04 17:44:03 | 001,796,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/10/01 19:59:26 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014/09/13 11:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/05/09 00:48:48 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/18 16:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/04/06 22:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/04/03 22:19:10 | 001,473,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2014/03/27 23:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/03/24 12:32:54 | 000,821,600 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
PRC - [2013/11/18 15:36:38 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
PRC - [2013/11/07 22:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/10/17 16:27:02 | 000,166,912 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2013/09/24 06:29:48 | 000,019,256 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2013/08/30 10:11:08 | 019,646,544 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2013/08/30 10:01:56 | 000,602,936 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnWMI.exe
PRC - [2013/08/30 10:01:56 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnSrv.exe
PRC - [2013/08/17 09:20:30 | 002,278,168 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
PRC - [2013/07/05 16:22:36 | 000,327,432 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
PRC - [2013/07/05 16:22:34 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
PRC - [2013/06/24 14:06:06 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/06/24 14:05:26 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/06/24 14:05:26 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/05/31 08:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/05/30 11:11:48 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/05/22 03:50:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/03/19 23:08:24 | 000,142,960 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
PRC - [2013/02/28 20:15:32 | 000,074,864 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
PRC - [2013/01/16 10:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/05/29 04:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/22 08:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2010/09/08 10:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/18 19:02:31 | 000,043,008 | ---- | M] () -- c:\users\jess\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu6awrd.dll
MOD - [2014/09/13 11:20:58 | 003,610,624 | ---- | M] () -- C:\Users\Jess\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/03/24 12:32:54 | 000,821,600 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
MOD - [2013/08/24 06:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Jess\AppData\Roaming\Dropbox\bin\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/04 17:44:02 | 001,149,760 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/10/04 17:43:58 | 019,440,960 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/09/11 11:31:03 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/16 14:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 11:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 11:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/08/12 01:56:36 | 002,428,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/07/24 18:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/04/06 22:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/03/24 13:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 13:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 17:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 16:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 18:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/23 02:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 20:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 20:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 20:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 20:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 18:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/30 10:01:56 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\P4G\InsOnSrv.exe -- (ASUS InstantOn)
SRV:64bit: - [2013/08/22 22:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 22:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 22:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 22:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 22:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 21:36:01 | 000,321,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2013/08/22 21:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 21:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 21:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 20:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 20:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 20:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 20:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 20:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 20:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 20:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 20:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/05/27 22:18:52 | 000,156,032 | ---- | M] (Fuji Xerox Co., Ltd.) [Auto | Running] -- C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPWDN.EXE -- (FXSMAPPWD)
SRV:64bit: - [2013/05/12 11:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/12 11:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/11/12 21:14:36 | 000,344,000 | ---- | M] (Fuji Xerox Co., Ltd.) [Auto | Running] -- C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPSDBN.EXE -- (FXSMAPSDB)
SRV:64bit: - [2012/08/29 15:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2010/09/08 10:42:42 | 000,288,256 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2014/10/18 18:30:01 | 002,283,296 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014/10/17 08:16:20 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/04 17:44:03 | 001,796,928 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/08/16 14:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/09 00:48:48 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/18 16:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/04/03 22:19:10 | 001,473,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2014/03/27 23:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/03/14 17:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/18 15:36:38 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/10/17 16:27:02 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2013/10/01 14:02:42 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 14:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 13:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/07/05 16:22:36 | 000,327,432 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe -- (CyberLink PowerDVD 13 Media Server Service)
SRV - [2013/07/05 16:22:34 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe -- (CyberLink PowerDVD 13 Media Server Monitor Service)
SRV - [2013/06/24 14:06:06 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/06/24 14:05:26 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/06/24 14:05:26 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/03/19 23:08:24 | 000,142,960 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe -- (Start8)
SRV - [2013/02/28 20:15:32 | 000,074,864 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe -- (ModernMix)
SRV - [2013/01/16 10:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/22 08:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/09/08 10:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/09/08 10:44:42 | 000,485,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/04 17:43:58 | 000,020,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/10/01 17:19:10 | 000,180,136 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2014/09/05 06:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/08/15 11:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/25 02:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/25 02:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 22:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/02 00:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/28 07:33:30 | 000,599,240 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2014/04/18 16:01:56 | 000,237,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/03/31 17:06:48 | 000,274,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2014/03/31 17:06:26 | 000,130,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/03/27 23:14:26 | 000,192,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/03/27 23:14:24 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/03/27 23:07:10 | 000,236,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/03/27 23:05:02 | 000,324,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/03/27 23:03:16 | 000,032,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/24 13:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 13:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 13:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 14:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 19:18:42 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2014/03/13 23:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/09 07:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/28 21:20:14 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/02/28 21:20:14 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/02/28 21:20:14 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/02/23 03:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/23 02:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/23 02:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/23 02:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/23 02:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 23:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/02/09 05:34:51 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/12/27 10:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/05 05:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/14 18:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 18:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 18:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 18:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/10/17 16:27:02 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2013/10/01 14:02:30 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013/09/24 06:30:02 | 000,070,416 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013/09/05 20:18:42 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/30 10:01:54 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Program Files\ASUS\P4G\PLCTRL.sys -- (plctrl)
DRV:64bit: - [2013/08/23 09:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/23 00:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/23 00:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 23:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 23:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 23:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 23:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 23:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 23:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 23:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 23:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 23:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 23:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 23:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 23:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 23:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 23:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 23:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 23:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 23:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 23:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 23:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 23:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 23:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 23:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 23:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 23:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 23:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 23:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 23:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 22:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 22:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 22:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 22:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 22:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 22:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 22:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 22:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 22:38:30 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013/08/22 22:38:26 | 000,032,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthHfAud.sys -- (BthHFAud)
DRV:64bit: - [2013/08/22 22:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 22:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 22:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 22:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 22:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 22:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 22:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 22:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 22:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 22:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 22:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 22:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 22:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 22:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 19:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/14 04:42:44 | 003,837,440 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/13 10:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 11:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/09 13:31:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/06 20:29:56 | 000,019,256 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/08/06 16:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/07/31 05:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 06:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/24 14:05:26 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/06/19 01:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/18 10:53:10 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/02 14:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012/06/15 16:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/03/09 05:08:36 | 000,121,800 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HtcVComV64.sys -- (HtcVCom32)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/07/06 00:48:36 | 000,130,320 | ---- | M] (CyberLink Corp.) [2014/02/09 01:40:48] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl -- ({09F57980-3432-4AFC-957D-27AC45FAE1F5})
DRV - [2011/09/08 03:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/03 11:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014/08/18 18:18:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Jess\AppData\Roaming\IDM\idmmzcc5 [2014/10/10 00:11:33 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng\1.5.18_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.21.11_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck\3.1.4_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_3\
 
O1 HOSTS File: ([2013/12/01 19:38:58 | 000,001,805 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [FXAPQLU] C:\Program Files\Fuji Xerox\Printer Software for AP\FXAPQLUZ.EXE (Fuji Xerox Co., Ltd.)
O4:64bit: - HKLM..\Run: [FXSMAPPSP] C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPSPZ.EXE (Fuji Xerox Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PowerDVD13Agent] C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [932D3A574877A989C6486A019F6EC41F8773E465._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_1AA9E1AA13FE1121DDB57E2F582E6B7E] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23B45F83-A2AE-4728-B532-09E836BB9628}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/18 19:26:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/10/18 19:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/10/18 18:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014/10/09 23:25:52 | 000,000,000 | ---D | C] -- C:\Users\Jess\AppData\Roaming\IDM
[2014/10/09 23:25:30 | 000,000,000 | ---D | C] -- C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/10/09 23:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/10/09 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\Jess\AppData\Local\etax2014
[2014/10/09 09:36:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\etax2014
[2014/10/03 18:08:50 | 000,180,136 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\SysNative\drivers\idmwfp.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/18 19:09:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/10/18 19:04:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/18 19:01:33 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/18 19:00:40 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/18 18:59:30 | 000,008,192 | ---- | M] () -- C:\WINDOWS\SysWow64\WDPABKP.dat
[2014/10/18 18:58:37 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/18 18:58:37 | 2478,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/18 18:56:46 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Jess.job
[2014/10/18 18:29:50 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job
[2014/10/18 15:02:36 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/18 15:02:36 | 000,735,932 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/18 15:02:36 | 000,139,816 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/17 09:20:03 | 000,494,096 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/10/09 22:33:12 | 000,002,301 | ---- | M] () -- C:\Users\Jess\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/01 17:19:10 | 000,180,136 | ---- | M] (Tonec Inc.) -- C:\WINDOWS\SysNative\drivers\idmwfp.sys
[2014/09/19 16:05:22 | 000,001,102 | ---- | M] () -- C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
 
========== Files Created - No Company Name ==========
 
[2014/10/18 18:30:24 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Jess.job
[2014/10/17 08:16:20 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/10/15 06:39:30 | 000,388,729 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/08/13 21:00:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\IFinst27.exe
[2014/04/12 14:52:39 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 11:34:28 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/28 02:27:41 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/02/27 11:53:37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysWow64\WDPABKP.dat
[2014/02/24 00:04:38 | 000,857,144 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/01/18 23:24:53 | 000,000,272 | ---- | C] () -- C:\Users\Jess\AppData\Roaming\.backup.dm
[2013/12/02 23:44:33 | 000,007,613 | ---- | C] () -- C:\Users\Jess\AppData\Local\resmon.resmoncfg
[2013/10/01 14:02:30 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/01 14:02:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/01 14:02:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/23 02:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 02:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/23 01:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 18:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 14:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 10:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 10:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/12 11:17:52 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2013/05/01 20:34:24 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2013/05/01 20:34:24 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2013/05/01 20:34:24 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/16 15:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/16 14:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 20:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 13:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 20:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/12/01 17:23:13 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\ASUS
[2013/12/01 17:23:09 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\ASUS WebStorage
[2014/08/06 18:38:54 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\AVG
[2013/12/03 00:50:58 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\AVG2014
[2014/04/05 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\Blackboard
[2014/10/18 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\DMCache
[2014/10/18 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\Dropbox
[2014/02/26 22:23:08 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\HorizonWimba
[2014/05/08 14:58:19 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\HTC
[2014/10/15 10:26:59 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\IDM
[2014/02/16 22:43:28 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\iFunBox.NXGen
[2014/09/13 12:21:40 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\iFunbox_UserCache
[2013/12/01 19:49:35 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\IObit
[2014/02/09 02:03:55 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\ProductData
[2013/12/02 21:41:36 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\Rainmeter
[2014/02/27 14:01:14 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\SanDisk SecureAccess
[2014/09/11 12:59:39 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\SolidDocuments
[2014/08/06 18:47:27 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\TuneUp Software
[2014/10/18 19:32:17 | 000,000,000 | ---D | M] -- C:\Users\Jess\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 199 bytes -> C:\Users\Jess\SkyDrive:ms-properties
 
< End of report >
 

  • 0

Advertisements


#2
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi and :welcome:
 

It is a cracked version of IDM, and I performed an update on it just last week.

With regards, but you are using illegally obtained software.
 
Let me remind you the terms of use you agreed to abide when becoming the member of this forum:

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.

 
If you decide to remove all illegal software and wish to continue, please PM me or any other staff member to re-open your topic. I'm closing it now.


  • 0

#3
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

User returned


  • 0

#4
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.



ckscanner.jpg Scan with CKScanner

Download CKScanner by askey127 and save it to your desktop.

  • Right-click on ckscanner.jpg icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • click Search For Files.
  • When finished, click Save List To File.
  • Remember to run this tool once only, if not asked to run it again.

Please include the content of CKFiles.txt in your next reply.


  • 0

#5
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

First.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by Jess (administrator) on JESSS-PC on 23-10-2014 11:13:29
Running from C:\Users\Jess\Downloads
Loaded Profile: Jess (Available profiles: Jess)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Fuji Xerox Co., Ltd.) C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPSDBN.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Fuji Xerox Co., Ltd.) C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPWDN.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_64.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Jess\Downloads\CKScanner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [FXAPQLU] => C:\Program Files\Fuji Xerox\Printer Software for AP\FXAPQLUZ.EXE [1152960 2012-11-12] (Fuji Xerox Co., Ltd.)
HKLM\...\Run: [FXSMAPPSP] => C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPSPZ.EXE [1147776 2013-05-27] (Fuji Xerox Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-08-28] (ASUS)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-11-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-09] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Run: [932D3A574877A989C6486A019F6EC41F8773E465._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [911176 2014-10-10] (Google Inc.)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Run: [uTorrent] => C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-01] (BitTorrent Inc.)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Policies\Explorer: [NoLogOff] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148528 2014-02-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
Startup: C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-08-18]
 
Chrome: 
=======
CHR HomePage: Default -> chrome://apps/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Profile: C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]
CHR Extension: (Facebook) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-12-01]
CHR Extension: (Google Search) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]
CHR Extension: (Hola Better Internet) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-08-02]
CHR Extension: (Dropbox) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-12-01]
CHR Extension: (IDM Integration Module) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-10-10]
CHR Extension: (eBay Extension for Google Chrome™) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2013-12-01]
CHR Extension: (Google Wallet) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-01]
CHR Extension: (Gmail) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jess\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-09]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-30] (ASUS)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473280 2014-04-03] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 FXSMAPPWD; C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPWDN.EXE [156032 2013-05-27] (Fuji Xerox Co., Ltd.)
R2 FXSMAPSDB; C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPSDBN.EXE [344000 2012-11-12] (Fuji Xerox Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-24] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-18] (IObit)
R2 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288256 2010-09-08] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-24] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-05] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-30] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-23 11:06 - 2014-10-23 11:06 - 00001723 _____ () C:\Users\Jess\Downloads\ckfiles.txt
2014-10-23 10:16 - 2014-10-23 10:16 - 00468480 _____ () C:\Users\Jess\Downloads\CKScanner.exe
2014-10-23 10:07 - 2014-10-23 11:14 - 00033783 _____ () C:\Users\Jess\Downloads\FRST.txt
2014-10-23 10:07 - 2014-10-23 11:13 - 00000000 ____D () C:\FRST
2014-10-23 10:06 - 2014-10-23 10:06 - 02112000 _____ (Farbar) C:\Users\Jess\Downloads\FRST64.exe
2014-10-20 09:24 - 2014-10-20 09:24 - 00296904 _____ () C:\WINDOWS\Minidump\102014-43843-01.dmp
2014-10-18 19:35 - 2014-10-18 19:35 - 00149822 _____ () C:\Users\Jess\Downloads\OTL.Txt
2014-10-18 19:35 - 2014-10-18 19:35 - 00071806 _____ () C:\Users\Jess\Downloads\Extras.Txt
2014-10-18 19:23 - 2014-10-18 19:23 - 00602112 _____ (OldTimer Tools) C:\Users\Jess\Downloads\OTL.exe
2014-10-18 19:09 - 2014-10-18 19:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-18 18:30 - 2014-10-23 11:13 - 00000294 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jess.job
2014-10-18 18:30 - 2014-10-18 18:30 - 00002392 _____ () C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Jess
2014-10-18 18:30 - 2014-10-18 18:30 - 00001270 _____ () C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-18 18:29 - 2014-10-18 18:29 - 17084704 _____ (IObit) C:\Users\Jess\Downloads\iobituninstaller.exe
2014-10-17 08:16 - 2014-10-23 11:09 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-17 08:16 - 2014-10-17 08:16 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-15 06:41 - 2014-09-28 09:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 06:41 - 2014-09-04 11:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 06:41 - 2014-09-04 10:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 06:41 - 2014-09-04 10:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 06:40 - 2014-09-26 09:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 06:40 - 2014-09-26 09:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 06:40 - 2014-09-19 13:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 06:40 - 2014-09-19 12:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 06:40 - 2014-09-19 12:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 06:40 - 2014-09-19 12:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 06:40 - 2014-09-19 12:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 06:40 - 2014-09-19 11:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 06:40 - 2014-09-19 11:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 06:40 - 2014-09-19 11:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 06:40 - 2014-09-19 11:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 06:40 - 2014-09-19 10:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 06:40 - 2014-09-19 10:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 06:40 - 2014-09-08 14:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 06:40 - 2014-09-08 12:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 06:40 - 2014-09-08 12:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 06:40 - 2014-09-08 11:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 06:40 - 2014-09-08 11:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 06:40 - 2014-09-08 11:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 06:40 - 2014-09-08 11:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 06:40 - 2014-09-08 11:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 06:40 - 2014-09-08 11:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 06:40 - 2014-09-08 11:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 06:40 - 2014-09-08 10:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 06:40 - 2014-09-08 10:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 06:40 - 2014-09-08 10:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 06:40 - 2014-09-08 10:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 06:39 - 2014-09-26 09:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 06:39 - 2014-09-26 09:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 06:39 - 2014-09-26 09:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 06:39 - 2014-09-26 09:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 06:39 - 2014-09-19 12:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 06:39 - 2014-09-19 12:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 06:39 - 2014-09-19 12:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 06:39 - 2014-09-19 12:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 06:39 - 2014-09-19 12:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 06:39 - 2014-09-19 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 06:39 - 2014-09-19 11:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 06:39 - 2014-09-19 11:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 06:39 - 2014-09-19 11:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 06:39 - 2014-09-19 11:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 06:39 - 2014-09-19 11:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 06:39 - 2014-09-19 10:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 06:39 - 2014-09-19 10:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 06:39 - 2014-09-13 17:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 06:39 - 2014-09-13 16:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 06:39 - 2014-09-04 11:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 06:39 - 2014-09-04 11:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 06:39 - 2014-08-29 12:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 06:39 - 2014-08-29 10:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 06:39 - 2014-08-29 10:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 06:39 - 2014-08-16 15:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 06:39 - 2014-08-16 15:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 06:39 - 2014-08-16 15:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 06:39 - 2014-08-16 14:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 06:39 - 2014-08-16 14:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 06:39 - 2014-08-16 14:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 06:39 - 2014-08-16 14:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 06:39 - 2014-08-16 14:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 06:39 - 2014-08-16 14:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 06:39 - 2014-08-16 12:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 06:39 - 2014-08-16 12:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 06:39 - 2014-08-16 11:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 06:39 - 2014-08-16 11:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 06:39 - 2014-08-16 11:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 06:39 - 2014-08-16 11:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 06:39 - 2014-08-16 11:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 06:39 - 2014-08-16 11:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 06:39 - 2014-08-16 11:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 06:39 - 2014-08-16 11:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 06:39 - 2014-08-16 11:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 06:39 - 2014-08-16 11:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 06:39 - 2014-08-16 11:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 06:39 - 2014-08-16 11:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 06:39 - 2014-08-16 11:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 06:39 - 2014-08-16 11:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 06:39 - 2014-08-16 11:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 06:39 - 2014-08-16 11:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 06:39 - 2014-08-16 11:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 06:39 - 2014-08-16 11:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 06:39 - 2014-08-16 11:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 06:39 - 2014-08-16 11:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 06:39 - 2014-08-16 11:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 06:39 - 2014-08-16 11:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 06:39 - 2014-08-16 11:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 06:39 - 2014-08-01 10:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 06:38 - 2014-09-13 17:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 06:38 - 2014-09-13 16:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-12 10:35 - 2014-10-04 17:42 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-10-12 10:35 - 2014-10-04 17:41 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-10-12 10:35 - 2014-09-05 06:14 - 00038048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-10-12 10:35 - 2014-09-05 06:14 - 00032416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-10-09 09:36 - 2014-10-18 18:42 - 00000000 ____D () C:\Program Files (x86)\etax2014
2014-10-09 09:36 - 2014-10-09 09:36 - 00000000 ____D () C:\Users\Jess\AppData\Local\etax2014
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-23 11:13 - 2013-12-01 20:04 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\uTorrent
2014-10-23 11:10 - 2013-12-01 17:29 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 11:09 - 2013-12-01 17:29 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-630687064-2654820733-4038575442-1002
2014-10-23 11:06 - 2013-11-20 20:26 - 00000000 ____D () C:\Users\Jess\Documents\Outlook Files
2014-10-23 11:05 - 2013-12-01 19:47 - 00000000 ____D () C:\Users\Jess\Documents\Installers
2014-10-23 11:00 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-23 10:54 - 2013-12-03 00:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-23 10:32 - 2014-08-15 21:07 - 00000000 ____D () C:\Users\Jess\Documents\eBooks
2014-10-23 10:29 - 2013-11-14 18:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-23 09:42 - 2014-02-28 02:28 - 01857139 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 09:23 - 2013-11-20 20:26 - 00000000 ____D () C:\Users\Jess\Documents\Important Random Stuff
2014-10-23 09:22 - 2013-12-01 20:47 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\vlc
2014-10-23 09:10 - 2013-12-01 17:28 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 09:05 - 2013-12-01 17:29 - 00003896 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 09:05 - 2013-12-01 17:28 - 00003660 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 09:26 - 2013-12-16 23:03 - 00000000 ___RD () C:\Users\Jess\Dropbox
2014-10-20 09:26 - 2013-12-16 22:56 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\Dropbox
2014-10-20 09:25 - 2014-05-08 14:39 - 00000000 ____D () C:\Users\Jess\AppData\Local\HTC MediaHub
2014-10-20 09:25 - 2014-02-28 02:35 - 00000000 ____D () C:\Users\Jess
2014-10-20 09:25 - 2014-02-27 11:53 - 00008192 _____ () C:\WINDOWS\SysWOW64\WDPABKP.dat
2014-10-20 09:24 - 2014-02-28 02:47 - 1000820170 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-20 09:24 - 2014-02-28 02:47 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-20 09:24 - 2013-08-23 01:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-20 00:03 - 2013-12-01 19:49 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-20 00:01 - 2014-02-27 11:30 - 00000000 ____D () C:\ProgramData\Western Digital
2014-10-20 00:01 - 2014-01-29 21:03 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-10-20 00:01 - 2013-11-14 18:20 - 00083234 _____ () C:\WINDOWS\PFRO.log
2014-10-19 23:59 - 2013-12-01 20:41 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\DMCache
2014-10-18 19:26 - 2013-12-16 23:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-18 19:10 - 2012-07-26 18:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-18 18:57 - 2013-08-23 00:25 - 07077888 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-18 18:54 - 2013-12-01 17:20 - 00000000 ____D () C:\Users\Jess\AppData\Local\Packages
2014-10-18 18:54 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-18 18:41 - 2013-12-18 11:23 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-10-18 18:41 - 2013-08-23 02:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-18 18:38 - 2014-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\Blackboard
2014-10-18 18:35 - 2013-12-03 00:46 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-18 18:29 - 2014-02-09 02:03 - 00000294 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2014-10-18 17:45 - 2013-08-23 00:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-17 12:17 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-17 09:56 - 2014-02-28 09:59 - 00000000 ___RD () C:\Users\Jess\SkyDrive
2014-10-17 09:20 - 2013-08-23 01:44 - 00494096 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-16 21:15 - 2013-12-02 08:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 21:11 - 2013-12-02 08:09 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 13:14 - 2013-08-23 01:46 - 00327123 _____ () C:\WINDOWS\setupact.log
2014-10-13 10:19 - 2013-12-23 22:49 - 00000000 ____D () C:\Users\Jess\AppData\Local\Microsoft Help
2014-10-12 10:36 - 2014-02-28 02:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-12 10:36 - 2014-01-10 08:35 - 00000000 ____D () C:\Users\Jess\AppData\Local\NVIDIA Corporation
2014-10-12 10:35 - 2014-02-28 02:27 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-12 10:35 - 2014-02-28 02:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 22:50 - 2013-11-14 18:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-09 22:50 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-08 21:26 - 2013-12-09 00:02 - 00497152 ___SH () C:\Users\Jess\Downloads\Thumbs.db
2014-10-04 17:42 - 2013-12-18 12:02 - 02197680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-10-04 17:41 - 2013-12-18 12:02 - 02800296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-09-30 09:45 - 2014-08-17 10:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-30 09:45 - 2014-08-17 10:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 22:32 - 2013-01-08 19:48 - 00000000 ____D () C:\Users\Jess\Documents\Jailbreak Utilities
2014-09-28 21:55 - 2014-08-29 01:42 - 00000000 ____D () C:\Users\Jess\AppData\Local\pangu
2014-09-24 19:19 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\Jess\AppData\Local\Temp\bassmod.dll
C:\Users\Jess\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpttokb6.dll
C:\Users\Jess\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jess\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jess\AppData\Local\Temp\GLF6ADE.EXE
C:\Users\Jess\AppData\Local\Temp\GLF6CD3.EXE
C:\Users\Jess\AppData\Local\Temp\GLFBF43.EXE
C:\Users\Jess\AppData\Local\Temp\GLFC35B.EXE
C:\Users\Jess\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Jess\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Jess\AppData\Local\Temp\promote-upx.exe
C:\Users\Jess\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jess\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Jess\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Jess\AppData\Local\Temp\vlc-2.1.5-win64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-23 04:41
 
==================== End Of Log ============================
 
 
 
 
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by Jess at 2014-10-23 11:14:32
Running from C:\Users\Jess\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.3 - ASUS)
Asus Drivers Download Utility 3.6.1 (HKLM\...\{3E7C8168-166F-33BC-D659-3B4CFF633E35}_is1) (Version: 3.6.1 - LionSea Software)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.5 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
CyberLink PowerDVD 13 (x32 Version: 13.0.3105.58 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Fuji Xerox Printer Software for Asia-Pacific (HKLM-x32\...\{014A135D-76A4-4A0C-A75A-7F769B8AA024}) (Version: 1.000.00.01 - Fuji Xerox)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 beta r2187 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Stardock ModernMix (HKLM\...\ModernMix_is1) (Version: 1.12 - Stardock Software, Inc.)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.20 - Stardock Software, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD Quick View (HKLM-x32\...\{507B1304-194A-4204-A9D9-9BAAF51EF760}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6F482C75-174D-42EB-A2CF-B00A1F354F7B}) (Version: 1.4.1.1 - Western Digital)
WD SmartWare (HKLM\...\{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{ba99df5b-3e46-419e-81e2-544352772fda}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
Windows Driver Package - ASUS (ATP) Mouse  (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
11-10-2014 23:35:48 Installed DirectX
16-10-2014 10:11:11 Windows Update
18-10-2014 07:32:06 Removed AVG PC TuneUp 2014
18-10-2014 07:33:34 Removed AVG PC TuneUp 2014 (en-US)
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 16:26 - 2013-12-01 19:38 - 00001805 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02414640-C828-4E2D-8156-D4A4C32CBE75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06315A76-08F3-4585-A09E-6D6666CF2E48} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {06F9A6A5-A39E-4440-A735-C433AC8D8849} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F724AC7-3B01-4CBF-90FB-D939906D6653} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-30] (ASUS)
Task: {139B8126-86B9-4CC7-886C-98FCD656AA30} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {1637DE62-DA25-4E5B-BFC9-4CAF299D96BB} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-18] (IObit)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {34E7FB8F-B39C-42EB-AC55-4F66D73FEE2C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3953997B-D243-4228-9436-EB6803653E93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47E5DEF8-45EF-45DD-938E-C1B47DDA5A0F} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6A515B65-59E6-4653-847C-724A1ECD9BE0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {94AD53B5-4DA7-41B3-8E49-746AF67B5AAD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A2D3A1C4-D3F0-4146-8D69-CFE79DC108C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {A5F5AB6C-7537-4AA5-BD0A-FE464C755F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {A6574A68-1291-46D0-8F85-0D9D3E631C31} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {A73A82B5-A7F7-4873-A006-2AC23869F920} - System32\Tasks\Uninstaller_SkipUac_Jess => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-18] (IObit)
Task: {A7519D81-1503-4DCF-82B3-84820A12B3C5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-30] (ASUSTek Computer Inc.)
Task: {AE6B9FB1-383F-408B-8579-C93611E91C7B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {BD8DECBC-D3B2-4F72-9A2C-186210452EF6} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-09-23] (AsusTek)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D281DEC7-2748-4E9E-87C8-BFFD113A752D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCD8A985-C762-411E-B098-8FDAB61F4B15} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {DE297C57-AE34-4F0A-B357-2FAFA38FB107} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {E4B457C2-25CF-4C43-88FE-BE86EBCB4382} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9F9306F-FE96-4A83-86A2-D637CA66E782} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-08-17] (ASUSTek Computer Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jess.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-23 23:40 - 2014-02-09 05:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-28 02:28 - 2014-02-09 04:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 23:23 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-09-08 10:45 - 2010-09-08 10:45 - 01034752 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
2010-09-08 10:44 - 2010-09-08 10:44 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
2013-08-30 10:01 - 2013-08-30 10:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-10-18 19:20 - 2014-09-10 01:59 - 08896160 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-11-11 03:51 - 2013-11-11 03:51 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-11-11 03:51 - 2013-11-11 03:51 - 00804536 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 01366856 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 10578760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 01859400 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 26714952 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
2014-10-23 10:16 - 2014-10-23 10:16 - 00468480 _____ () C:\Users\Jess\Downloads\CKScanner.exe
2014-04-23 17:05 - 2014-04-23 17:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-24 12:31 - 2014-03-24 12:31 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-24 12:34 - 2014-03-24 12:34 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-03-24 12:36 - 2014-03-24 12:36 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\System.Data.SQLite.dll
2014-10-20 09:25 - 2014-10-20 09:25 - 00043008 _____ () c:\users\jess\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpttokb6.dll
2013-08-24 06:01 - 2013-08-24 06:01 - 25100288 _____ () C:\Users\Jess\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-30 11:27 - 2013-06-24 14:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-06-17 06:47 - 2014-09-26 05:07 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-02-23 23:40 - 2014-02-09 05:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-09 00:49 - 2014-05-09 00:49 - 03989888 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2014-10-18 19:17 - 2014-10-18 19:19 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2014-10-18 19:20 - 2014-09-10 00:12 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-10-18 19:21 - 2014-08-19 19:46 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Jess\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\Run: => "FXAPQLU"
HKLM\...\StartupApproved\Run: => "FXSMAPPSP"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKCU\...\StartupApproved\Run: => "iFunBox Price Watch"
HKCU\...\StartupApproved\Run: => "pronto"
HKCU\...\StartupApproved\Run: => "GoogleDriveSync"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-630687064-2654820733-4038575442-500 - Administrator - Disabled)
Guest (S-1-5-21-630687064-2654820733-4038575442-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-630687064-2654820733-4038575442-1008 - Limited - Enabled)
Jess (S-1-5-21-630687064-2654820733-4038575442-1002 - Administrator - Enabled) => C:\Users\Jess
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/23/2014 09:10:01 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (10/23/2014 09:10:00 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (10/23/2014 08:56:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/23/2014 08:45:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14268953
 
Error: (10/23/2014 08:45:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14268953
 
Error: (10/23/2014 08:45:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 08:45:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14267875
 
Error: (10/23/2014 08:45:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14267875
 
Error: (10/23/2014 08:45:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 08:45:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14266781
 
 
System errors:
=============
Error: (10/23/2014 08:57:19 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/23/2014 08:56:49 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/23/2014 04:46:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 13 Media Server Service service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (10/23/2014 04:42:40 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/23/2014 04:42:10 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/22/2014 04:49:21 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/22/2014 04:48:51 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/21/2014 04:52:55 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/21/2014 04:52:25 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/20/2014 00:06:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 13 Media Server Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (10/23/2014 09:10:01 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (10/23/2014 09:10:00 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (10/23/2014 08:56:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (10/23/2014 08:45:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14268953
 
Error: (10/23/2014 08:45:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14268953
 
Error: (10/23/2014 08:45:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 08:45:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14267875
 
Error: (10/23/2014 08:45:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14267875
 
Error: (10/23/2014 08:45:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 08:45:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14266781
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 80%
Total physical RAM: 8075.18 MB
Available physical RAM: 1572.3 MB
Total Pagefile: 16267.18 MB
Available Pagefile: 3258.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:558.56 GB) (Free:300.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:817.25 GB) (Free:817.01 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1863.01 GB) (Free:1205 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:20.01 GB) (Free:19.87 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 5B98F280)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00025262)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
ckfiles.txt
 
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\asus\atk package\atk hotkey\atkmsgctrl.exe
c:\users\jess\documents\recipes\mars bar christmas crackles recipe.docx
hosts 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
hosts 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
hosts 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
hosts 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
hosts 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
hosts 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
hosts 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
hosts 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net crl.verisign.net ood.opsource.net
hosts 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net crl.verisign.net ood.opsource.net
scanner sequence 3.CH.11.OMEMG0
 ----- EOF ----- 
 

  • 0

#6
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Are you running also pirated Adobe?  :blink:


  • 0

#7
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

No, I uninstalled that, too.

Want me to run those scans again or something? I no longer have adobe acrobat installed. 


  • 0

#8
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I used iobit uninstaller to get it off the system, but it didn't work (or so it seems). I have used the conventional method of removing the programs (add/remove programs), and I have just re-run the scans.

 

First.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014

Ran by Jess (administrator) on JESSS-PC on 23-10-2014 22:29:01
Running from C:\Users\Jess\Downloads
Loaded Profile: Jess (Available profiles: Jess)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Fuji Xerox Co., Ltd.) C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPSDBN.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_64.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(BitTorrent Inc.) C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [FXAPQLU] => C:\Program Files\Fuji Xerox\Printer Software for AP\FXAPQLUZ.EXE [1152960 2012-11-12] (Fuji Xerox Co., Ltd.)
HKLM\...\Run: [FXSMAPPSP] => C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPSPZ.EXE [1147776 2013-05-27] (Fuji Xerox Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-08-28] (ASUS)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-11-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Run: [932D3A574877A989C6486A019F6EC41F8773E465._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [911176 2014-10-10] (Google Inc.)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Run: [uTorrent] => C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-01] (BitTorrent Inc.)
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-630687064-2654820733-4038575442-1002\...\Policies\Explorer: [NoLogOff] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148528 2014-02-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
Startup: C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&#38;pc=ASU2JS
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> chrome://apps/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Profile: C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]
CHR Extension: (Facebook) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-12-01]
CHR Extension: (Google Search) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]
CHR Extension: (Hola Better Internet) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-08-02]
CHR Extension: (Dropbox) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-12-01]
CHR Extension: (IDM Integration Module) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-10-10]
CHR Extension: (eBay Extension for Google Chrome™) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2013-12-01]
CHR Extension: (Google Wallet) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-01]
CHR Extension: (Gmail) - C:\Users\Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jess\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-30] (ASUS)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473280 2014-04-03] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
S2 FXSMAPPWD; C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPWDN.EXE [156032 2013-05-27] (Fuji Xerox Co., Ltd.)
R2 FXSMAPSDB; C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPSDBN.EXE [344000 2012-11-12] (Fuji Xerox Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-24] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-18] (IObit)
R2 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288256 2010-09-08] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-24] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-05] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-30] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-23 10:16 - 2014-10-23 10:16 - 00468480 _____ () C:\Users\Jess\Downloads\CKScanner.exe
2014-10-23 10:07 - 2014-10-23 22:29 - 00030901 _____ () C:\Users\Jess\Downloads\FRST.txt
2014-10-23 10:07 - 2014-10-23 22:29 - 00000000 ____D () C:\FRST
2014-10-23 10:06 - 2014-10-23 10:06 - 02112000 _____ (Farbar) C:\Users\Jess\Downloads\FRST64.exe
2014-10-20 09:24 - 2014-10-20 09:24 - 00296904 _____ () C:\WINDOWS\Minidump\102014-43843-01.dmp
2014-10-18 19:35 - 2014-10-18 19:35 - 00149822 _____ () C:\Users\Jess\Downloads\OTL.Txt
2014-10-18 19:35 - 2014-10-18 19:35 - 00071806 _____ () C:\Users\Jess\Downloads\Extras.Txt
2014-10-18 19:23 - 2014-10-18 19:23 - 00602112 _____ (OldTimer Tools) C:\Users\Jess\Downloads\OTL.exe
2014-10-18 19:09 - 2014-10-18 19:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-18 18:30 - 2014-10-23 11:13 - 00000294 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jess.job
2014-10-18 18:30 - 2014-10-18 18:30 - 00002392 _____ () C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Jess
2014-10-18 18:30 - 2014-10-18 18:30 - 00001270 _____ () C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-18 18:29 - 2014-10-18 18:29 - 17084704 _____ (IObit) C:\Users\Jess\Downloads\iobituninstaller.exe
2014-10-17 08:16 - 2014-10-23 19:09 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-17 08:16 - 2014-10-17 08:16 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-15 06:41 - 2014-09-28 09:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 06:41 - 2014-09-04 11:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 06:41 - 2014-09-04 10:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 06:41 - 2014-09-04 10:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 06:40 - 2014-09-26 09:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 06:40 - 2014-09-26 09:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 06:40 - 2014-09-19 13:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 06:40 - 2014-09-19 12:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 06:40 - 2014-09-19 12:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 06:40 - 2014-09-19 12:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 06:40 - 2014-09-19 12:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 06:40 - 2014-09-19 11:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 06:40 - 2014-09-19 11:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 06:40 - 2014-09-19 11:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 06:40 - 2014-09-19 11:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 06:40 - 2014-09-19 10:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 06:40 - 2014-09-19 10:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 06:40 - 2014-09-08 14:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 06:40 - 2014-09-08 12:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 06:40 - 2014-09-08 12:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 06:40 - 2014-09-08 11:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 06:40 - 2014-09-08 11:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 06:40 - 2014-09-08 11:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 06:40 - 2014-09-08 11:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 06:40 - 2014-09-08 11:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 06:40 - 2014-09-08 11:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 06:40 - 2014-09-08 11:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 06:40 - 2014-09-08 10:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 06:40 - 2014-09-08 10:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 06:40 - 2014-09-08 10:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 06:40 - 2014-09-08 10:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 06:39 - 2014-09-26 09:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 06:39 - 2014-09-26 09:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 06:39 - 2014-09-26 09:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 06:39 - 2014-09-26 09:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 06:39 - 2014-09-19 12:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 06:39 - 2014-09-19 12:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 06:39 - 2014-09-19 12:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 06:39 - 2014-09-19 12:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 06:39 - 2014-09-19 12:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 06:39 - 2014-09-19 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 06:39 - 2014-09-19 11:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 06:39 - 2014-09-19 11:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 06:39 - 2014-09-19 11:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 06:39 - 2014-09-19 11:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 06:39 - 2014-09-19 11:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 06:39 - 2014-09-19 10:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 06:39 - 2014-09-19 10:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 06:39 - 2014-09-13 17:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 06:39 - 2014-09-13 16:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 06:39 - 2014-09-04 11:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 06:39 - 2014-09-04 11:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 06:39 - 2014-08-29 12:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 06:39 - 2014-08-29 10:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 06:39 - 2014-08-29 10:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 06:39 - 2014-08-16 15:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 06:39 - 2014-08-16 15:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 06:39 - 2014-08-16 15:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 06:39 - 2014-08-16 14:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 06:39 - 2014-08-16 14:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 06:39 - 2014-08-16 14:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 06:39 - 2014-08-16 14:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 06:39 - 2014-08-16 14:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 06:39 - 2014-08-16 14:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 06:39 - 2014-08-16 12:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 06:39 - 2014-08-16 12:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 06:39 - 2014-08-16 11:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 06:39 - 2014-08-16 11:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 06:39 - 2014-08-16 11:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 06:39 - 2014-08-16 11:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 06:39 - 2014-08-16 11:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 06:39 - 2014-08-16 11:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 06:39 - 2014-08-16 11:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 06:39 - 2014-08-16 11:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 06:39 - 2014-08-16 11:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 06:39 - 2014-08-16 11:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 06:39 - 2014-08-16 11:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 06:39 - 2014-08-16 11:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 06:39 - 2014-08-16 11:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 06:39 - 2014-08-16 11:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 06:39 - 2014-08-16 11:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 06:39 - 2014-08-16 11:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 06:39 - 2014-08-16 11:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 06:39 - 2014-08-16 11:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 06:39 - 2014-08-16 11:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 06:39 - 2014-08-16 11:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 06:39 - 2014-08-16 11:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 06:39 - 2014-08-16 11:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 06:39 - 2014-08-16 11:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 06:39 - 2014-08-01 10:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 06:38 - 2014-09-13 17:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 06:38 - 2014-09-13 16:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-12 10:35 - 2014-10-04 17:42 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-10-12 10:35 - 2014-10-04 17:41 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-10-12 10:35 - 2014-09-05 06:14 - 00038048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-10-12 10:35 - 2014-09-05 06:14 - 00032416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-10-09 09:36 - 2014-10-18 18:42 - 00000000 ____D () C:\Program Files (x86)\etax2014
2014-10-09 09:36 - 2014-10-09 09:36 - 00000000 ____D () C:\Users\Jess\AppData\Local\etax2014
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-23 22:28 - 2013-12-01 20:04 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\uTorrent
2014-10-23 22:23 - 2013-11-20 20:26 - 00000000 ____D () C:\Users\Jess\Documents\Important Random Stuff
2014-10-23 22:19 - 2013-12-03 00:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-23 22:17 - 2013-11-20 20:26 - 00000000 ____D () C:\Users\Jess\Documents\Outlook Files
2014-10-23 22:13 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-23 18:10 - 2013-12-01 17:29 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 17:18 - 2014-02-28 02:28 - 01863257 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 11:32 - 2013-12-01 17:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-630687064-2654820733-4038575442-1002
2014-10-23 11:26 - 2013-12-01 19:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-23 11:26 - 2013-12-01 19:40 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-23 11:05 - 2013-12-01 19:47 - 00000000 ____D () C:\Users\Jess\Documents\Installers
2014-10-23 10:32 - 2014-08-15 21:07 - 00000000 ____D () C:\Users\Jess\Documents\eBooks
2014-10-23 10:29 - 2013-11-14 18:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-23 09:22 - 2013-12-01 20:47 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\vlc
2014-10-23 09:10 - 2013-12-01 17:28 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 09:05 - 2013-12-01 17:29 - 00003896 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 09:05 - 2013-12-01 17:28 - 00003660 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 09:26 - 2013-12-16 23:03 - 00000000 ___RD () C:\Users\Jess\Dropbox
2014-10-20 09:26 - 2013-12-16 22:56 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\Dropbox
2014-10-20 09:25 - 2014-05-08 14:39 - 00000000 ____D () C:\Users\Jess\AppData\Local\HTC MediaHub
2014-10-20 09:25 - 2014-02-28 02:35 - 00000000 ____D () C:\Users\Jess
2014-10-20 09:25 - 2014-02-27 11:53 - 00008192 _____ () C:\WINDOWS\SysWOW64\WDPABKP.dat
2014-10-20 09:24 - 2014-02-28 02:47 - 1000820170 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-20 09:24 - 2014-02-28 02:47 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-20 09:24 - 2013-08-23 01:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-20 00:03 - 2013-12-01 19:49 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-20 00:01 - 2014-02-27 11:30 - 00000000 ____D () C:\ProgramData\Western Digital
2014-10-20 00:01 - 2014-01-29 21:03 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-10-20 00:01 - 2013-11-14 18:20 - 00083234 _____ () C:\WINDOWS\PFRO.log
2014-10-19 23:59 - 2013-12-01 20:41 - 00000000 ____D () C:\Users\Jess\AppData\Roaming\DMCache
2014-10-18 19:26 - 2013-12-16 23:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-18 19:10 - 2012-07-26 18:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-18 18:57 - 2013-08-23 00:25 - 07077888 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-18 18:54 - 2013-12-01 17:20 - 00000000 ____D () C:\Users\Jess\AppData\Local\Packages
2014-10-18 18:54 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-18 18:41 - 2013-12-18 11:23 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-10-18 18:41 - 2013-08-23 02:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-18 18:38 - 2014-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\Blackboard
2014-10-18 18:35 - 2013-12-03 00:46 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-18 18:29 - 2014-02-09 02:03 - 00000294 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2014-10-18 17:45 - 2013-08-23 00:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-17 12:17 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-17 09:56 - 2014-02-28 09:59 - 00000000 ___RD () C:\Users\Jess\SkyDrive
2014-10-17 09:20 - 2013-08-23 01:44 - 00494096 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-17 09:16 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-16 21:15 - 2013-12-02 08:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 21:11 - 2013-12-02 08:09 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 13:14 - 2013-08-23 01:46 - 00327123 _____ () C:\WINDOWS\setupact.log
2014-10-13 10:19 - 2013-12-23 22:49 - 00000000 ____D () C:\Users\Jess\AppData\Local\Microsoft Help
2014-10-12 10:36 - 2014-02-28 02:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-12 10:36 - 2014-01-10 08:35 - 00000000 ____D () C:\Users\Jess\AppData\Local\NVIDIA Corporation
2014-10-12 10:35 - 2014-02-28 02:27 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-12 10:35 - 2014-02-28 02:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 22:50 - 2013-11-14 18:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-09 22:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-09 22:50 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-08 21:26 - 2013-12-09 00:02 - 00497152 ___SH () C:\Users\Jess\Downloads\Thumbs.db
2014-10-04 17:42 - 2013-12-18 12:02 - 02197680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-10-04 17:41 - 2013-12-18 12:02 - 02800296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-09-30 09:45 - 2014-08-17 10:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-30 09:45 - 2014-08-17 10:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 22:32 - 2013-01-08 19:48 - 00000000 ____D () C:\Users\Jess\Documents\Jailbreak Utilities
2014-09-28 21:55 - 2014-08-29 01:42 - 00000000 ____D () C:\Users\Jess\AppData\Local\pangu
2014-09-24 19:19 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\Jess\AppData\Local\Temp\bassmod.dll
C:\Users\Jess\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpttokb6.dll
C:\Users\Jess\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jess\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jess\AppData\Local\Temp\GLF6ADE.EXE
C:\Users\Jess\AppData\Local\Temp\GLF6CD3.EXE
C:\Users\Jess\AppData\Local\Temp\GLFBF43.EXE
C:\Users\Jess\AppData\Local\Temp\GLFC35B.EXE
C:\Users\Jess\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Jess\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Jess\AppData\Local\Temp\promote-upx.exe
C:\Users\Jess\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jess\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Jess\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Jess\AppData\Local\Temp\vlc-2.1.5-win64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-23 04:41
 
==================== End Of Log ============================
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by Jess at 2014-10-23 22:29:59
Running from C:\Users\Jess\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.3 - ASUS)
Asus Drivers Download Utility 3.6.1 (HKLM\...\{3E7C8168-166F-33BC-D659-3B4CFF633E35}_is1) (Version: 3.6.1 - LionSea Software)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.5 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
CyberLink PowerDVD 13 (x32 Version: 13.0.3105.58 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Fuji Xerox Printer Software for Asia-Pacific (HKLM-x32\...\{014A135D-76A4-4A0C-A75A-7F769B8AA024}) (Version: 1.000.00.01 - Fuji Xerox)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 beta r2187 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Stardock ModernMix (HKLM\...\ModernMix_is1) (Version: 1.12 - Stardock Software, Inc.)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.20 - Stardock Software, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD Quick View (HKLM-x32\...\{507B1304-194A-4204-A9D9-9BAAF51EF760}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6F482C75-174D-42EB-A2CF-B00A1F354F7B}) (Version: 1.4.1.1 - Western Digital)
WD SmartWare (HKLM\...\{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{ba99df5b-3e46-419e-81e2-544352772fda}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
Windows Driver Package - ASUS (ATP) Mouse  (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-630687064-2654820733-4038575442-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jess\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
16-10-2014 10:11:11 Windows Update
18-10-2014 07:32:06 Removed AVG PC TuneUp 2014
18-10-2014 07:33:34 Removed AVG PC TuneUp 2014 (en-US)
23-10-2014 00:24:38 Removed Adobe Acrobat XI Pro.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 16:26 - 2013-12-01 19:38 - 00001805 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02414640-C828-4E2D-8156-D4A4C32CBE75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06315A76-08F3-4585-A09E-6D6666CF2E48} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {06F9A6A5-A39E-4440-A735-C433AC8D8849} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F724AC7-3B01-4CBF-90FB-D939906D6653} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-30] (ASUS)
Task: {139B8126-86B9-4CC7-886C-98FCD656AA30} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {1637DE62-DA25-4E5B-BFC9-4CAF299D96BB} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-18] (IObit)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {34E7FB8F-B39C-42EB-AC55-4F66D73FEE2C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35A9445E-4F32-442E-A584-773C28A67A6B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {3953997B-D243-4228-9436-EB6803653E93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47E5DEF8-45EF-45DD-938E-C1B47DDA5A0F} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6A515B65-59E6-4653-847C-724A1ECD9BE0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {94AD53B5-4DA7-41B3-8E49-746AF67B5AAD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A5F5AB6C-7537-4AA5-BD0A-FE464C755F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {A6574A68-1291-46D0-8F85-0D9D3E631C31} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {A73A82B5-A7F7-4873-A006-2AC23869F920} - System32\Tasks\Uninstaller_SkipUac_Jess => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-18] (IObit)
Task: {A7519D81-1503-4DCF-82B3-84820A12B3C5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-30] (ASUSTek Computer Inc.)
Task: {AE6B9FB1-383F-408B-8579-C93611E91C7B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {BD8DECBC-D3B2-4F72-9A2C-186210452EF6} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-09-23] (AsusTek)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D281DEC7-2748-4E9E-87C8-BFFD113A752D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCD8A985-C762-411E-B098-8FDAB61F4B15} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {DE297C57-AE34-4F0A-B357-2FAFA38FB107} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {E4B457C2-25CF-4C43-88FE-BE86EBCB4382} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9F9306F-FE96-4A83-86A2-D637CA66E782} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-08-17] (ASUSTek Computer Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jess.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-23 23:40 - 2014-02-09 05:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-28 02:28 - 2014-02-09 04:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 23:23 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-09-08 10:45 - 2010-09-08 10:45 - 01034752 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
2010-09-08 10:44 - 2010-09-08 10:44 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
2013-08-30 10:01 - 2013-08-30 10:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-10-18 19:20 - 2014-09-10 01:59 - 08896160 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-11-11 03:51 - 2013-11-11 03:51 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-11-11 03:51 - 2013-11-11 03:51 - 00804536 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 01366856 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 10578760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 01859400 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-15 13:05 - 2014-10-10 12:31 - 26714952 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
2014-04-23 17:05 - 2014-04-23 17:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-24 12:31 - 2014-03-24 12:31 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-24 12:32 - 2014-03-24 12:32 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-24 12:34 - 2014-03-24 12:34 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-03-24 12:36 - 2014-03-24 12:36 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\System.Data.SQLite.dll
2014-10-20 09:25 - 2014-10-20 09:25 - 00043008 _____ () c:\users\jess\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpttokb6.dll
2013-08-24 06:01 - 2013-08-24 06:01 - 25100288 _____ () C:\Users\Jess\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-30 11:27 - 2013-06-24 14:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-06-17 06:47 - 2014-09-26 05:07 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-02-23 23:40 - 2014-02-09 05:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-18 19:17 - 2014-10-18 19:19 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2014-10-18 19:20 - 2014-09-10 00:12 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-10-18 19:21 - 2014-08-19 19:46 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Jess\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\Run: => "FXAPQLU"
HKLM\...\StartupApproved\Run: => "FXSMAPPSP"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKCU\...\StartupApproved\Run: => "iFunBox Price Watch"
HKCU\...\StartupApproved\Run: => "pronto"
HKCU\...\StartupApproved\Run: => "GoogleDriveSync"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-630687064-2654820733-4038575442-500 - Administrator - Disabled)
Guest (S-1-5-21-630687064-2654820733-4038575442-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-630687064-2654820733-4038575442-1008 - Limited - Enabled)
Jess (S-1-5-21-630687064-2654820733-4038575442-1002 - Administrator - Enabled) => C:\Users\Jess
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/23/2014 07:10:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14609
 
Error: (10/23/2014 07:10:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14609
 
Error: (10/23/2014 07:10:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 07:10:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13234
 
Error: (10/23/2014 07:10:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13234
 
Error: (10/23/2014 07:10:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 07:09:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11953
 
Error: (10/23/2014 07:09:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11953
 
Error: (10/23/2014 07:09:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 07:09:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10578
 
 
System errors:
=============
Error: (10/23/2014 07:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 13 Media Server Service service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (10/23/2014 08:57:19 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/23/2014 08:56:49 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/23/2014 04:46:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 13 Media Server Service service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (10/23/2014 04:42:40 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/23/2014 04:42:10 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/22/2014 04:49:21 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/22/2014 04:48:51 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/21/2014 04:52:55 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/21/2014 04:52:25 AM) (Source: DCOM) (EventID: 10010) (User: JESSS-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office Sessions:
=========================
Error: (10/23/2014 07:10:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14609
 
Error: (10/23/2014 07:10:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14609
 
Error: (10/23/2014 07:10:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 07:10:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13234
 
Error: (10/23/2014 07:10:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13234
 
Error: (10/23/2014 07:10:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 07:09:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11953
 
Error: (10/23/2014 07:09:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11953
 
Error: (10/23/2014 07:09:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/23/2014 07:09:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10578
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 74%
Total physical RAM: 8075.18 MB
Available physical RAM: 2075.13 MB
Total Pagefile: 16267.18 MB
Available Pagefile: 3967.5 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:558.56 GB) (Free:303.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:817.25 GB) (Free:817.01 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:20.01 GB) (Free:19.87 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 5B98F280)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
CKFiles.txt
 
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\asus\atk package\atk hotkey\atkmsgctrl.exe
c:\users\jess\documents\recipes\mars bar christmas crackles recipe.docx
hosts 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
hosts 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
hosts 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
hosts 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
hosts 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
hosts 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
hosts 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
hosts 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net crl.verisign.net ood.opsource.net
hosts 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net crl.verisign.net ood.opsource.net
scanner sequence 3.CH.11.UOFAH0
 ----- EOF ----- 
 

  • 0

#9
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

OK, please run this one as it will provide me some more info:


51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    process;
    services-list;
    systemspecs;
    startupall;
    skipfix-iedefaults;
    firefoxlook;
    chromelook;
    filesrcm;
    installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!


  • 0

#10
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
 
Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by Jess on Thu 23/10/2014 at 23:47:12.49.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jess\Downloads\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
23/10/2014 11:49:21 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Installed Programs ======================
 
???  
????  
æTorrent  
Adobe Digital Editions 3.0  
Adobe Flash Player 15 Plugin  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ASUS Console  
Asus Drivers Download Utility 3.6.1  
ASUS Instant Key  
ASUS Power4Gear Hybrid  
ASUS Screen Saver  
ASUS Smart Gesture  
ASUS USB Charger Plus  
ATK Package  
AVG 2014  
BlackVue HD  
Bonjour  
CyberLink PowerDVD 13  
D3DX10  
Dropbox  
Fuji Xerox Printer Software for Asia-Pacific  
Galer¡a de fotos  
Galerie de photos  
Google Chrome  
Google Drive  
Google Update Helper  
HTC Driver Installer  
HTC Sync Manager  
iFunbox (v2.8.2414.748), iFunbox DevTeam  
Intel® Management Engine Components  
Intel® Processor Graphics  
Intel© Trusted Connect Service Client  
IObit Uninstaller  
IPTInstaller  
iTunes  
Java 7 Update 51 (64-bit)  
Java 7 Update 67  
Java Auto Updater  
Microsoft Application Error Reporting  
Microsoft ASP.NET MVC 4 Runtime  
Microsoft Office Professional Plus 2013 - en-us  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Movie Maker  
MSVCRT  
MSVCRT110  
MSVCRT110_amd64  
NVIDIA Control Panel 334.89  
NVIDIA GeForce Experience 2.1.3  
NVIDIA GeForce Experience Service  
NVIDIA Graphics Driver 334.89  
NVIDIA Install Application  
NVIDIA LED Visualizer 1.0  
NVIDIA Network Service  
NVIDIA Optimus Update 16.13.56  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.13.1220  
NVIDIA ShadowPlay 16.13.56  
NVIDIA Update 16.13.56  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.25  
Office 15 Click-to-Run Extensibility Component  
Office 15 Click-to-Run Licensing Component  
Office 15 Click-to-Run Localization Component  
Photo Common  
Photo Gallery  
Qualcomm Atheros Client Installation Program  
QuickTime 7  
Rainmeter  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
Realtek USB 2.0 Card Reader  
Shared C Run-time for x64  
SHIELD Streaming  
SHIELD Wireless Controller Driver  
Stardock ModernMix  
Stardock Start8  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player  
WD Quick View  
WD SmartWare  
WD SmartWare Installer  
Windows Driver Package - ASUS (ATP) Mouse  (09/17/2013 1.0.0.186)  
Windows Live  
Windows Live ???  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Installer  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
WinFlash  
WinRAR 5.01 (64-bit)  
 
==== Running Processes ======================
 
C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\ASUS\P4G\InsOnSrv.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\P4G\InsOnWMI.exe
C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Jess\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Jess\Downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
 
==== Services (whitelist) ======================
Powered by E Dev
 
R2 - [ASLDRService] - ASLDR Service - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
R2 - [ASUS InstantOn] - ASUS InstantOn Service - C:\Program Files\ASUS\P4G\InsOnSrv.exe
R2 - [AtherosSvc] - AtherosSvc - C:\WINDOWS\system32\AdminService.exe
R2 - [ATKGFNEXSrv] - ATKGFNEX Service - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
R2 - [avgfws] - AVG Firewall - "C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
R2 - [AVGIDSAgent] - AVGIDSAgent - "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
R2 - [avgwd] - AVG WatchDog - "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"
R2 - [ClickToRunSvc] - Microsoft Office ClickToRun Service - "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
R2 - [FXSMAPSDB] - FX SimpleMonitor Status Database for AP - C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPSDBN.EXE
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
R2 - [HTCMonitorService] - HTCMonitorService - "C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
R2 - [Intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
R2 - [Intel® ME Service] - Intel® ME Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"
R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
R2 - [LMS] - Intel® Management and Security Application Local Management Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
R2 - [ModernMix] - Stardock ModernMix - C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
R2 - [NvNetworkService] - NVIDIA Network Service - "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
R2 - [NvStreamSvc] - NVIDIA Streamer Service - "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
R2 - [nvsvc] - NVIDIA Display Driver Service - "C:\WINDOWS\system32\nvvsvc.exe"
R2 - [PassThru Service] - Internet Pass-Through Service - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
R2 - [Start8] - Stardock Start8 - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
R2 - [WDBackup] - WD Backup - "C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
R2 - [WDDMService] - WDDMService - "C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
R2 - [WDDriveService] - WD Drive Manager - "C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
R2 - [WDFME] - WD File Management Engine - "C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe"
R2 - [WDSC] - WD File Management Shadow Engine - "C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe"
R2 - [WSearch] - Windows Search - C:\WINDOWS\system32\SearchIndexer.exe /Embedding
R3 - [VSS] - Volume Shadow Copy - C:\WINDOWS\system32\vssvc.exe
S2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
S2 - [CyberLink PowerDVD 13 Media Server Monitor Service] - CyberLink PowerDVD 13 Media Server Monitor Service - "C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe"
S2 - [CyberLink PowerDVD 13 Media Server Service] - CyberLink PowerDVD 13 Media Server Service - "C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe"
S2 - [FXSMAPPWD] - FX SimpleMonitor Status Watcher for AP - C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPWDN.EXE
S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
S2 - [LiveUpdateSvc] - LiveUpdate - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
S2 - [sppsvc] - Software Protection - C:\WINDOWS\system32\sppsvc.exe
S2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [ALG] - Application Layer Gateway Service - C:\WINDOWS\System32\alg.exe
S3 - [COMSysApp] - COM+ System Application - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [cphs] - Intel® Content Protection HECI Service - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
S3 - [Fax] - Fax - C:\WINDOWS\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\WINDOWS\system32\IEEtwCollector.exe /V
S3 - [Intel® Capability Licensing Service TCP IP Interface] - Intel® Capability Licensing Service TCP IP Interface - "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe"
S3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\WINDOWS\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\WINDOWS\system32\msiexec.exe /V
S3 - [ose] - Office  Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [PerfHost] - Performance Counter DLL Host - C:\WINDOWS\SysWow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\WINDOWS\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\WINDOWS\System32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\WINDOWS\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\WINDOWS\System32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - "C:\WINDOWS\system32\wbengine.exe"
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - "C:\Program Files\Windows Defender\NisSrv.exe"
S3 - [WinDefend] - Windows Defender Service - "C:\Program Files\Windows Defender\MsMpEng.exe"
S3 - [wmiApSrv] - WMI Performance Adapter - C:\WINDOWS\system32\wbem\WmiApSrv.exe
 
==== System Specs ======================
 
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8076 MB
CPU Info: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
CPU Speed: 2398.2 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | NVIDIA GeForce GT 750M
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Bluetooth Device (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Microsoft Hosted Network Virtual Adapter | Qualcomm Atheros AR9485WB-EG Wireless Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (E: | ) E: MATSHITABD-CMB UJ162
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  558.6GB | D:  817.2GB | G:  20.0GB
Hard Disks - Free: C:  303.5GB | D:  817.0GB | G:  19.9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | _ASUS_ - 1072009
Time Zone: AUS Eastern Standard Time
Motherboard *: ASUSTeK COMPUTER INC. N550JV
Country: Australia 
Language: ENA 
 
==== System Specs (Software) ======================
 
Anti-Virus: AVG Internet Security 2014 On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG Internet Security 2014 disabled (Outdated)
Firewall: AVG Internet Security 2014 disabled
Default Browser: Google Chrome 38.0.2125.104
Internet Explorer Version: 11.0.9600.17351 
Google Chrome version: 38.0.2125.104
Sun Java version: 1.7.0_67 (32-bit) 
Sun Java version: 1.7.0_51 (64-bit) 
Flash Player version: 15.0.0.189
 
==== Files Recently Created / Modified ======================
 
====== C:\WINDOWS ====
====== C:\Users\Jess\AppData\Local\Temp ====
2014-10-19 22:25:54 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Jess\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpttokb6.dll
2014-10-11 23:34:08 DC020D73B6091EEB332D507FEF97741C 15680 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2SystemService32.sys
2014-10-11 23:34:08 DA3BA2A914391F4B342D0B806D35FF42 115008 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ja-JP\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 D87F90317C64D0EC5ACB9C29745692EC 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\pl-PL\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 D2E5E35D300FB1AC38FFD5B6BB003AB6 855360 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\twitchsdk64.dll
2014-10-11 23:34:08 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\NVSWCFilter32.sys
2014-10-11 23:34:08 BB128B93F770BD6035C011644E0D8EDA 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\sk-SK\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 B313B7CD5A8759AFC2FE0B213D697E43 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\fr-FR\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 AF5B671826EC586CFDA217609FC897A6 870720 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Yeast.Core.dll
2014-10-11 23:34:08 ACBD4B497D5FA8D52ABA18C025654FD4 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\es-ES\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 A9970042BE512C7981B36E689C5F3F9F 1461992 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\WdfCoInstaller0100932.dll
2014-10-11 23:34:08 9A6C4E20CADB146B8C29DA7FC5C9A9C6 16704 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2SystemService64.sys
2014-10-11 23:34:08 98A36AD68833E5EE5A89CA0779DCC19E 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\zh-CHT\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 95A173B875114DAC273CBB33F3E8E15C 116032 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ru-RU\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 9324BFCA483707785DF152FDF654F4BE 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\nb-NO\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 80E1F8B3FE39A86B4CB12FDE3B041DC1 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ko-KR\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 804A55C2B039B610360F7BC4055F9B60 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\fi-FI\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 788CF35DA7A8EDA0EC7E61DCAB5D91C2 32928 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NvVAD\nvvad32v.sys
2014-10-11 23:34:08 77E2B38D50C7157DF68A465A0D9D3BCF 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\pt-BR\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 6B2CFB1BF233F6946F293B5B30FD599A 20288 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2014-10-11 23:34:08 61EF76C48A65250038487719F273A6AE 236864 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Xml.Schema.Linq.dll
2014-10-11 23:34:08 5FD631D797A4CAEA42DC60F5D11856C5 20288 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2014-10-11 23:34:08 5D5F51E9F9A2378925DE529F55B50707 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\hu-HU\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 5B80BFAC1116956C76F398F7DE3FC614 113472 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\zh-CHS\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 546C60FD42C5EFA1B8BBCCD87E48DE93 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\it-IT\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 4E22329654E09EB8396A35DFFBA2F352 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\pt-PT\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 4DA5DA193E0E4F86F6F8FD43EF25329A 1721576 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\WdfCoInstaller0100964.dll
2014-10-11 23:34:08 4A770613AF45242DD6113D9308EE16CD 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\sv-SE\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 3C3C401FCF5DC1FA942FD1F975301DEC 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\es-MX\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 2912C818511CF7F1804379EB358F5B2E 737088 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\twitchsdk32.dll
2014-10-11 23:34:08 286129657ACBB102AE7BD449FB2036DB 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\he-IL\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 27BF04C8AC56DC8D769F383065671084 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\tr-TR\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 232B93F1A068EA16838BA5517EBAD967 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\nl-NL\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 207672E398298E2FC000A80A5BEBB918 117056 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\th-TH\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 1AF619620613869C07F9C147BC37520F 38048 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NvVAD\nvvad64v.sys
2014-10-11 23:34:08 188D427D6A238BFF621A18AB8DBCF445 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\sl-SI\Touchstone.Resources.resources.dll
2014-10-11 23:34:08 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\NVSWCFilter64.sys
2014-10-11 23:34:08 0E46FB82867280979ACD3B23BBF9B5E5 931136 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\UpdateCoreExt.dll
2014-10-11 23:34:07 FD4C63C43CE395C8D3DE392E3F97BF8C 854680 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\rxinput.dll
2014-10-11 23:34:07 F89CC93D334114B86D2465FA32E3C5D5 3072320 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdt64.dll
2014-10-11 23:34:07 F7895853799B52886C96B22D41A47CD6 278336 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.ComponentModel.Composition.dll
2014-10-11 23:34:07 F5892EA8AF52B88C0BB5C7EE2B5F8236 816448 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\NvStreamSrvExt.dll
2014-10-11 23:34:07 F53E6008A261B424EE5F83A4E04BA0D9 116544 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\el-GR\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 ECF50E0BD8976443F5FB5B9203A1235C 27968 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Threading.Tasks.dll
2014-10-11 23:34:07 EA8E4566A6BABDA182084E4C55DABD7D 801600 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\ShadowPlayExt.dll
2014-10-11 23:34:07 E3F4A3941FDA412F8FDEFF8C2248D3C9 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\da-DK\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 E0E9B13ADA18705656879BBE0AC85CFE 250176 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.Providers.dll
2014-10-11 23:34:07 D895C9BBE2AE3573DD8AE1FF3E8F4CCD 833856 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Display.Optimus\OptimusUpdateExt.dll
2014-10-11 23:34:07 D7F156361D38412F73BF93C84FCFA0FC 163648 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ReactiveUI.dll
2014-10-11 23:34:07 D36BE3DC0B01C866149EC8710118A011 47936 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.ComponentModel.Composition.Registration.dll
2014-10-11 23:34:07 D2617905B98A08EFCDECD0C729BD2E3F 1054528 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\nvsteamsupport.dll
2014-10-11 23:34:07 C47F9AC34221F19B00C4A1726D2AF604 509248 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Web.Mvc.dll
2014-10-11 23:34:07 C372CEE65F21DC800FCE5B353D72DAF6 982336 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdtrXP32.dll
2014-10-11 23:34:07 A9ADD865955066E43BCDD1B2F2221C47 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\en-GB\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 A4E19813E41319148309FC6504FCEC81 106304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\steam_api.dll
2014-10-11 23:34:07 A0F349CE26D7AB236B019CF3ABB43D40 78144 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reflection.Context.dll
2014-10-11 23:34:07 9E3241A4E195FBA9ADF745ECCD095118 192832 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\protobuf-net.dll
2014-10-11 23:34:07 9D13AAE49EE6DF2D5990CEFA8903270F 17216 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.Interfaces.dll
2014-10-11 23:34:07 95213D97B011E61999B4D35A55B620A6 30528 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.PlatformServices.dll
2014-10-11 23:34:07 84852CA0558CB6E31608925DB3A2A644 190784 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Touchstone.Infrastructure.dll
2014-10-11 23:34:07 82F17C0637F0B7558B2636A229B0BB51 317248 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ShadowPlay.dll
2014-10-11 23:34:07 7F8B59907B81B1FD0AC867868AB1A837 114496 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\de-DE\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 7C1FAF11216925A0601987E25E7007C0 2457408 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdtXP32.dll
2014-10-11 23:34:07 7B1BB7C5428F824B2FCE40B74419DAA0 71488 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ReactiveUI.Xaml.dll
2014-10-11 23:34:07 72912FED551DA517911EA546F8E9B00F 117056 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\en-US\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 6BEFD168F73F6F38497D8A98B4DFF3D0 982848 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdtr64.dll
2014-10-11 23:34:07 607CCB5AFB0108D3274484EFAFC847A8 767808 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\ReleaseHighlights.dll
2014-10-11 23:34:07 5C9890EC4F0BC9673DE5C5E80904E828 982336 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdtr32.dll
2014-10-11 23:34:07 56ED838B332AB6AAAB45DB420D3637D7 115520 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ar-AE\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 550293E1ADF97CA0375748FF24C9EBCA 802680 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\rxinput.dll
2014-10-11 23:34:07 54127EBB3CBBD22EA3FFD69C58CDBB35 21824 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.Windows.Threading.dll
2014-10-11 23:34:07 50B13051CCC397263983459D7CD88E35 1323840 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\nvsteamsupport.dll
2014-10-11 23:34:07 4F1F3FD9024C2863B508993CC592D161 18752 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.Runtime.Remoting.dll
2014-10-11 23:34:07 47CBE5E5E12F88E1365EE8484C088B90 366912 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Touchstone.Accounts.dll
2014-10-11 23:34:07 473BFE3A7D556FD2FCBCA0B086FD125D 1338176 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\ShieldWirelessController64.dll
2014-10-11 23:34:07 3E767392308854421800E70CD2327790 3071808 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdtXP64.dll
2014-10-11 23:34:07 3E630F79A8A39BA740E2AAFD1B449DBF 16704 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Touchstone.Resources.dll
2014-10-11 23:34:07 3C761DD1A9BA02CBFE50D0B6B25A0B1C 113984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\cs-CZ\Touchstone.Resources.resources.dll
2014-10-11 23:34:07 34EFE0E9D45399DC69AC7D12234C84FD 48960 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Windows.Interactivity.dll
2014-10-11 23:34:07 2DCA85D3B9331569D2FB8D46FE7F652B 982848 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdtrXP64.dll
2014-10-11 23:34:07 24E4C3C86BC628EF47907BF9D96E6DAB 679744 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.Linq.dll
2014-10-11 23:34:07 216435B673BA89C11993059ECF45135C 2458432 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\nvupdt32.dll
2014-10-11 23:34:07 1E20929623B3091752B4764B0055E690 15168 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Runtime.dll
2014-10-11 23:34:07 17D469EF2711E2FA2FF56A574E0FD1D2 121152 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\steam_api64.dll
2014-10-11 23:34:07 15220A3E426245EFE4F4F70E6B350017 1037632 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\ShieldWirelessController32.dll
2014-10-11 23:34:07 0E40C64213BFBEA633E10F77243E2D8B 97088 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\System.Reactive.Core.dll
2014-10-11 23:34:06 FD746D128C526FB4BFBD8EAF33CCCE26 28992 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\nb-NO\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 FCC9346D8D8E3C9A2D95AA02FAC466EC 109376 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\sv-SE\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 F2B8C99A860AAAA11719FF8F51879BE8 109888 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\nl-NL\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 ED79F92D7C973ADC813EF699534DEC76 28480 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\zh-CHT\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 E172DE959212BDE42E9334A4FC5ADC14 27792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\pt-PT\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 DEE1DAB1B95F556D0EBFF086AA6A898E 945472 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVNetworkServiceAPI.dll
2014-10-11 23:34:06 DE7E258F3871E35F14A3E9A99039A833 28488 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\ko-KR\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 DB80DC73D65E42BE66930460B65E745D 92480 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NVIDIA.Win32Api.dll
2014-10-11 23:34:06 D8B5C8178E7F6C433AE2DF069D6CF9AD 31048 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\ru-RU\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 D867662801FD59DF900DBF2B315076CE 29328 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\ja-JP\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 D723D449393017F63F9CB910DEA10514 34624 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\th-TH\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 D52C7E593E4ADC6EAC7E6137F7D2962D 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\hu-HU\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 D13F8C85F0957C4DA0BE660B712DDA1C 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\sk-SK\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 C494BF1A29B3B48EE30F2892288D19B1 36160 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\en-US\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 BCCEF57B49802983F55B5628654D60F2 1715224 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\nvspbridge64.dll
2014-10-11 23:34:06 BA44DBD60FD4E0B2BBAED909D6B857D3 111936 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\pl-PL\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 B37117444ACD89001BE44B1B70842C62 118080 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\he-IL\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 AEA19C365DB0A5FEFD9300FE0D51D090 27792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\cs-CZ\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 AAA086C7C85328218BEAFF4F3DB46CB0 2197680 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\nvspcap.dll
2014-10-11 23:34:06 A8CA2B827BB150581A737AABF87D4E21 110400 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\tr-TR\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 A6303FAAA2EEE1CB4D259A74DCCDE4CC 129344 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ru-RU\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 A4613B3ADFACF61E4DB441ECFE4C7E04 1291280 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\nvspbridge.dll
2014-10-11 23:34:06 A1A18EFFAFFD1EF630F777487B04EA68 18576 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\NvLedVisualizerControl.dll
2014-10-11 23:34:06 9FF460552DECD102747DF8B17E005647 623944 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\en-US\NvLedVisualizer.resources.dll
2014-10-11 23:34:06 9E85372B1204904005FADDF6ADEB1AD8 27976 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\sv-SE\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 8B952D9F7E5E6452ED3727C2F062E403 2800296 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\nvspcap64.dll
2014-10-11 23:34:06 873DA2F3F28743F32B92C9736CB1BB20 108352 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\nb-NO\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 8253435E4CD0F477B137758E6BEDC8E3 110912 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\it-IT\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 7A9E8FF8484762C4121A5B2F9543C45C 109888 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\sl-SI\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 6F9F875BEEF84E5D75C1C1D3CD97094F 105280 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\zh-CHS\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 6EB1610E1A56D5E9EC4CC8A9AE6AF1B7 112448 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ko-KR\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 6DC41A0668162E0E418776979873E16D 111936 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\sk-SK\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 6A0EE502BB6584A5BA4C199B60A8B4B8 945472 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Network.Service\NVNetworkServiceAPI.dll
2014-10-11 23:34:06 68AC172D90558A6A9FE42E50E4441FE8 27464 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\zh-CHS\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 657110A8A0E862D6A4552ECD04E89DB9 24896 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NVIDIA.Settings.Properties.dll
2014-10-11 23:34:06 640CC5CD366E9BE7B24F30F2ACAF65EB 112960 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\hu-HU\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 635FD48E92C22743A7DD5DE1A3D4D37F 144704 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\th-TH\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 5FB9A48FBAAA1483C5D77ADCC108FD1B 28816 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\fr-FR\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 588DACBCF6EACF64EFD7EE2E90A71A95 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\fi-FI\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 51A6139DCAFD8D7C6114591E29886387 1352000 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Network.Service\NVNetworkServiceAPI64.dll
2014-10-11 23:34:06 4D66EF9486683C1789DF87FE07DAB38E 110400 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\pt-BR\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 4795059663222F875C774195DE35576A 43840 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NVIDIA.Settings.dll
2014-10-11 23:34:06 3F20E46E982C028DAAEA91A352EC12E9 28304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\tr-TR\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 36C459A48C061F762D0726D4589C564A 27464 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\en-GB\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 36AF24A29A83F9E7485F26643D67FE0F 1534784 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVPrxy64.dll
2014-10-11 23:34:06 3405A708772E4B4271F9F34CD121A77C 29000 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\he-IL\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 2DAD832F006E8A3CD901BBF0D8BE79A4 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\es-ES\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 291CA719183CFD0ADACA4B43BEF9366E 27792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\nl-NL\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 27A4F92F49A3111B52633A0DD14D89C0 106304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\zh-CHT\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 25A5D4B9D51BAFF634386BDDF4724194 111936 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\pt-PT\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 24206F8FF82D144A06A0D5FE67E94D33 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\it-IT\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 20074C9137F2164786230A2927857211 119616 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ja-JP\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:06 1C479694ABABA9CF5A458FB4404414A4 28488 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\pl-PL\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 1BACEC27352D3EAEECC9B2710BA5EC7D 41792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\NvLedServiceLib.dll
2014-10-11 23:34:06 12A8F17F64B5FF5B59B59FE07C7A3E8C 29840 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\ar-SA\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 1091AEE457D4C707AEA2D0B84FC10C89 30864 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\el-GR\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 0F5030D462FB31B8BCD77B29EC6B1D56 27976 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\da-DK\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 0D9DD47B401753611B03A26BF8615BBB 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\de-DE\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 0CFABCFB1D19F8E848251CEB0FF6BA63 881472 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVPrxy32.dll
2014-10-11 23:34:06 0C63323460FB70CBA2CFD80B541EBCE3 53056 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NVIDIA.UpdateService.dll
2014-10-11 23:34:06 0A258DF574B61D1DF09006676313A320 28488 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\es-MX\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 0792472CBF012B6B7F7D9B05C5B56B38 28992 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\pt-BR\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:06 069757C11423345C9C87CBCA1DFFBD4D 28304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\sl-SI\NvLedVisualizerControl.resources.dll
2014-10-11 23:34:05 FCE848A2D7B3234B8F4C40AF74FEB05E 336704 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.EnterpriseLibrary.Common.dll
2014-10-11 23:34:05 F9DA29B02F4401527C0F9569ADA1FC13 465216 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Newtonsoft.Json.dll
2014-10-11 23:34:05 F2B5B4E9D1C195AA373A73AEF5D38E1E 106304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\en-GB\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 F14343B7376DC7021226E7ED773A0DA8 110912 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\cs-CZ\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 EE0C54E894117BA878346C3EC7B29C69 92480 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GFExperience.WebService.dll
2014-10-11 23:34:05 EBDF169746F9D9A4248537816EF71320 897344 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVDownloader.dll
2014-10-11 23:34:05 E937B95E2AC5048AD9CF1812BBC263AF 26944 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Prism.UnityExtensions.dll
2014-10-11 23:34:05 E91B5BE9C319293EACC01C9E6E3B0B9A 1385792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPluginr64.dll
2014-10-11 23:34:05 E62DE41D1BC5737766CD1BFA578DD896 15680 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NVIDIA.GFExperience.Resources.Localization.dll
2014-10-11 23:34:05 E43C97C284DBC5FC420FA13189C252C5 29504 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.ServiceLocation.dll
2014-10-11 23:34:05 E1797604410B31EF0C73221A8F4798AD 3394880 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPluginXP32.dll
2014-10-11 23:34:05 E0BB1F886C01E56105EABC7FBB62A44A 81728 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GridService.dll
2014-10-11 23:34:05 D659FE8CCB912D5B6AC95B696808E678 941376 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\NVDeviceUtility64.dll
2014-10-11 23:34:05 D4E28145F9DF961216A81D67DD8C3E8E 109376 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\fi-FI\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 D29C44AA1B264B6E0FAC96CB18151DCC 108352 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\da-DK\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 CED20DCD00318B92386FDC9F13965617 134976 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\el-GR\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 CC998FA4DC19ADDEAFA48031FC4EAEC2 811840 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2DownloaderExt.DLL
2014-10-11 23:34:05 CB580F836A54AF1945B7E5A5CB7866D7 20800 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\InstallerService.dll
2014-10-11 23:34:05 CA7EE7DBFD5F7C032149104F50F19A70 1172288 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ExtensionLoader.dll
2014-10-11 23:34:05 CA363CF15D2B6E74781DC9732435DB96 23368 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\NvDashBoardControls.dll
2014-10-11 23:34:05 C9E3B814B8FE4F97BD20B583D667F228 239424 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GFExperienceControls.dll
2014-10-11 23:34:05 C7B888A495F48A9490685AA60E9B4D74 1015616 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\DisplayCplExt.dll
2014-10-11 23:34:05 BD1E5243F2218B847FC2A9B9C790FBC6 1385792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPluginr32.dll
2014-10-11 23:34:05 B583246D881FBBEC8258EA4BC8061B20 98624 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\DSETUP.dll
2014-10-11 23:34:05 B2BB2D11C4C2D832656B9BCA277470EA 52544 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Interop.Shell32.dll
2014-10-11 23:34:05 B267947CB16F1082481674EE6C036DF7 649536 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\gamecaster32.dll
2014-10-11 23:34:05 B1FEDD78C24AD426CD979075BE30CCC5 1540256 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NvVAD\nvgenco64.dll
2014-10-11 23:34:05 AF61FA9F40A346E33A8D9668A7338F02 1385792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPluginrXP32.dll
2014-10-11 23:34:05 AE01D1D7F9C0C797FACEE44C050FF203 112960 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\fr-FR\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 AC7B49988A5ECF86F574F36C087B817F 161088 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Prism.dll
2014-10-11 23:34:05 AC14EB294FE2FACAF1F0D944075B9B60 34976 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NvVAD\nvaudcap64v.dll
2014-10-11 23:34:05 A864CA7CB53B6D165CB29B4AFECFED53 4671296 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPlugin64.dll
2014-10-11 23:34:05 A10BCBCC90A9B5F08F8791C5CBD653B0 52544 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\flame.core.dll
2014-10-11 23:34:05 9E373761D316DB1B0995FBB8C3F1FD13 906912 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NvVAD\nvgenco32.dll
2014-10-11 23:34:05 9C3968919FF2810D9E38245FBE18138E 1385792 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPluginrXP64.dll
2014-10-11 23:34:05 99CDCD4EF45E9EEF94BDDFA7464072A8 49984 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Prism.MefExtensions.dll
2014-10-11 23:34:05 9924840BB7B3D1F2473397EB4F1C81FF 13120 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\detoured.dll
2014-10-11 23:34:05 97E05C086DE2BC11A46338EA69E845AD 147776 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GFExperienceCore.dll
2014-10-11 23:34:05 9513BCEC01D62869EF955ED5F3016C8E 1321280 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\NvGfeServiceBridge.dll
2014-10-11 23:34:05 941329C556A3427D079DBC63DE600CD7 69440 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\flame.Accounts.dll
2014-10-11 23:34:05 925E7BF03AAB036FE98215010158BCC2 126272 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Unity.dll
2014-10-11 23:34:05 868EB62B8A65F17CD0247E89BD93C5E0 19264 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Prism.Interactivity.dll
2014-10-11 23:34:05 7F4D7A8C90F70A2A7592BEAF7D9795AF 520512 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\nvFBC.dll
2014-10-11 23:34:05 79F3B7DCE02D062A6F7DB6E9635C4C28 4552512 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2.dll
2014-10-11 23:34:05 794A90003496ABEB466F3ABA7D0B98E0 298304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\cudart64_55.dll
2014-10-11 23:34:05 782328B10E8E60042AF1901813410775 621200 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\NvGpuInterface.dll
2014-10-11 23:34:05 7232801F6EC2E1B33CA425624BE29C5D 13120 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\detoured.dll
2014-10-11 23:34:05 7014B35FF872707895A7D4A06CAE1289 112448 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\de-DE\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 6A57DDA3A13E8C89663FA4AB08642812 1153344 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GFExperienceExt.dll
2014-10-11 23:34:05 6078FFCAD65C9C35AC549FAFF803F5A3 1443648 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2UI.dll
2014-10-11 23:34:05 589A70A13A4DCE8CE00C9351E1C5F150 1215296 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\dbghelp.dll
2014-10-11 23:34:05 4F883CDB1B39B644DCF032C0140C38C0 111936 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\es-MX\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 4ED873B0451CC692238BEF7F81C01B8C 749888 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShieldWirelessController\NVDeviceUtility32.dll
2014-10-11 23:34:05 4EC31DA3C66A97D6F4B8E7C4B37B53B8 607552 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\nvFBC.dll
2014-10-11 23:34:05 4BE30DFAEC30EC73195FA39BCAF36EB9 1080640 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\NvGfeServiceBridge.dll
2014-10-11 23:34:05 4A407A702415FCA0A094CAB8B6E17666 31552 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\InstallerUIExtension.dll
2014-10-11 23:34:05 4919C5F95E698D80380CD4A8ABE0FA10 1569088 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\dsetup32.dll
2014-10-11 23:34:05 474DCC28414648BCFE5B5DC47A37EFA6 1239360 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\NvBackendAPI64.dll
2014-10-11 23:34:05 45755232347C7CF70610BF32D69A69B3 88896 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Unity.Configuration.dll
2014-10-11 23:34:05 452C2E51AA5C290D82D407B2CF1E1431 111936 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\es-ES\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 41A4638594E03595C3FDAD0AC4FFC8AB 120128 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ar-AE\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 40188B65464AC64D3465144A32DD4EE0 708416 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\gamecaster64.dll
2014-10-11 23:34:05 3D91A2535E9541F69D76A1D1F40EA897 33600 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GalaSoft.MvvmLight.Extras.WPF4.dll
2014-10-11 23:34:05 32E390954B2C6B1583A969ED0E7C8A9D 421200 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\msvcp100.dll
2014-10-11 23:34:05 329555204EF458B2C193E95D3F22BC75 30016 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.EnterpriseLibrary.Validation.Integration.WPF.dll
2014-10-11 23:34:05 2EC21BF591C90478FCCFAADCD9793A0F 127808 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\en-US\NVIDIA.GFExperience.Resources.Localization.resources.dll
2014-10-11 23:34:05 2B92A88E329F4845D31941967A3BAA90 768848 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\msvcr100.dll
2014-10-11 23:34:05 299AFAB9A13DB9B15B27EBAFFDF02B11 867648 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Display.Update\DisplayUpdateExt.dll
2014-10-11 23:34:05 27FA223B60B36476581ECB10EEF7E50D 32416 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NvVAD\nvaudcap32v.dll
2014-10-11 23:34:05 2154A9736C61099D4FA7DF5BD9B6F85C 4047680 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPluginXP64.dll
2014-10-11 23:34:05 20F081C6E8E1CD047145D67FB799E08A 875328 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\MS.NET\MSNetExt.dll
2014-10-11 23:34:05 1AF8E4CDDC5B099681967AC03843CB8D 863552 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\NvBackendAPI32.dll
2014-10-11 23:34:05 1A8A5EEE3D3610B66F75EB9F2B5D9375 37184 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GalaSoft.MvvmLight.WPF4.dll
2014-10-11 23:34:05 133FDCF32BA2F77CFC07A37D4BC99AA8 115008 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.WindowsAPICodePack.dll
2014-10-11 23:34:05 092DDC54072BF9016989B87FEADFA9EB 394560 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.EnterpriseLibrary.Validation.dll
2014-10-11 23:34:05 07F80F348AA6E5B4CA933326711134B3 127808 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.Practices.Unity.Interception.dll
2014-10-11 23:34:05 06739C51E691D5B95F092561178633BD 3750208 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\NvGFTrayPlugin32.dll
2014-10-11 23:34:05 06232793D40B55763A6D2CD28EE2555A 551744 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\Microsoft.WindowsAPICodePack.Shell.dll
2014-10-11 23:34:04 FCBB6EF971A8009CF6DEB77780675A65 249152 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\cudart32_55.dll
2014-10-11 23:34:04 E2F0B8DDBF2C3DD7BAFAF5AD3FA12855 197440 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\WLMerger.exe
2014-10-11 23:34:04 DA819B8E238F8057F30E2B50CCFA3572 4766528 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2014-10-11 23:34:04 D2DB4421EE5FD010EE48F06F1181189F 411976 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\setup.exe
2014-10-11 23:34:04 D2B807C8E99F346D8DBFE306AC12BF50 18045248 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2014-10-11 23:34:04 A8A8CC4E1E0A9ECBAF7E02B2BDC8DE39 298304 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\cudart64_55.dll
2014-10-11 23:34:04 77DB6643BEF192DE558FF4FCA7F7728D 249152 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\cudart32_55.dll
2014-10-11 23:34:04 2FAD0F3004D0CFEE5148CB36E6999DBD 19440960 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2014-10-11 23:34:04 2C1402785E4DB137704DE38B4CA29B07 3884864 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2014-10-11 23:34:03 E2D033A71AD79BAE071C5E4707180B5D 2831168 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\nvspcaps.exe
2014-10-11 23:34:03 D6DBF46C5CAE0EEDA1DF1BD080D6FE3B 2463552 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Update.Core\NvBackend.exe
2014-10-11 23:34:03 D503E2C306D46C121348C03DB7C77B49 637584 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2014-10-11 23:34:03 CF4905C5F3179F20DA550CD135EE90EE 1796928 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\Network.Service\NVNetworkService.exe
2014-10-11 23:34:03 C511B8331F7CCB3FD7902958C261CC85 1149760 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GfExperienceService\GfExperienceService64.exe
2014-10-11 23:34:03 A939918BABB1AB28047C7AE1808BFE46 521024 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\DXSETUP.exe
2014-10-11 23:34:03 9F3621FE07E5F0211712E10FA4DA26FA 916800 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GfExperienceService\GfExperienceService32.exe
2014-10-11 23:34:03 9D46284F85C7A0080DE0BB76A64EEA8A 4815168 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\GFExperience.exe
2014-10-11 23:34:03 9ADEAD3DB13524B5ED89948CBAAEC82C 1796928 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVNetworkService.exe
2014-10-11 23:34:03 8A4267781814CF60D612AB68F1CCD899 3679040 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\ShadowPlay\nvspcaps64.exe
2014-10-11 23:34:03 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\MS.NET\dotNetFx40_Full_setup.exe
2014-10-11 23:34:03 22DA4D75E70DA41F6CCB9675D9FF1CDD 596800 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\7z.exe
2014-10-11 23:34:03 1EB6E8B2752392052EE7DB024C5F2DD5 126096 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\NvLedVisualizer.exe
2014-10-11 23:34:03 1D2FCA1DEC304284AF197D7E94138D71 86344 ----a-w- C:\Users\Jess\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\LEDVisualizer\NvLedServiceHost.exe
2014-10-09 13:02:18 D5A0E0BAA5571B2E088802E9E40E2670 485376 ----a-w- C:\Users\Jess\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-10-14 19:41:05 CDB3123A2ABB34B830224B986568F4D4 626688 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-14 19:40:50 09ABB665890DDCB614974AE563F0D877 672256 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-14 19:40:49 B6D3D955FBB174081CDFB977B726D069 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-14 19:40:48 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-14 19:40:48 C2F6C71F5316DA478632B3B463B06E6D 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-14 19:40:11 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-14 19:40:03 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-14 19:40:02 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-14 19:40:00 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
2014-10-14 19:40:00 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-14 19:40:00 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-14 19:39:59 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-14 19:39:59 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-14 19:39:58 980D01CB48811552E09D9CFF397886C9 315904 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-14 19:39:56 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-14 19:39:56 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-14 19:39:56 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-14 19:39:55 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-14 19:39:55 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-14 19:39:44 CE9FDB173E3FDA974B9CC2596558EA47 68608 ----a-w- C:\WINDOWS\SysWOW64\packager.dll
2014-10-14 19:39:44 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\WINDOWS\SysWOW64\authui.dll
2014-10-14 19:39:42 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll
2014-10-14 19:39:37 F51B727AFF404ED8D730DFA069D88D7B 18722600 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
2014-10-14 19:39:37 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-14 19:39:36 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-14 19:39:33 A4E624F7658D08C1717542FA10E0A973 1467384 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-14 19:39:32 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-14 19:39:32 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-14 19:39:32 24B30DB8D1F8CF0F8C1AAAE319BC508E 838144 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-14 19:39:31 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll
2014-10-14 19:39:31 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-14 19:39:31 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-14 19:38:47 10F428429F7FF957B226E068A08B158A 3117568 ----a-w- C:\WINDOWS\SysWOW64\msi.dll
2014-10-11 23:35:45 A4613B3ADFACF61E4DB441ECFE4C7E04 1291280 ----a-w- C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-10-11 23:35:11 27FA223B60B36476581ECB10EEF7E50D 32416 ----a-w- C:\WINDOWS\SysWOW64\nvaudcap32v.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-10-14 19:41:36 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\WINDOWS\Sysnative\win32k.sys
2014-10-14 19:41:05 34B5290B8770A2FC578E3FEAD3FD7462 921600 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll
2014-10-14 19:41:02 8CBF1E2761816CFD9D32F8B32531D0FB 118272 ----a-w- C:\WINDOWS\Sysnative\winbici.dll
2014-10-14 19:40:50 9FDD8CD31F3FBA88F050318F32D640E2 3448320 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
2014-10-14 19:40:50 6D3FB811007A5330C6D85E182BCDFC85 839680 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll
2014-10-14 19:40:50 23C814333BDA6B07248E6E865D91B728 1702400 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll
2014-10-14 19:40:49 EEC80B8BF5B050D04DDCD88D03C9A771 59904 ----a-w- C:\WINDOWS\Sysnative\wups.dll
2014-10-14 19:40:49 65297383420B2C09A7D2838C76106CEE 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll
2014-10-14 19:40:49 5E89EC6165E545B77122227E1DFFA23A 54752 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe
2014-10-14 19:40:49 1D66D0788D7A398B4BF9030C45B5F71C 50688 ----a-w- C:\WINDOWS\Sysnative\wups2.dll
2014-10-14 19:40:49 1A941A83126E35782401E43C84FC90C7 388608 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2014-10-14 19:40:49 094D5D55C02FA2547A0B46A0ABC629D5 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll
2014-10-14 19:40:48 35D45C2646794C66EAAD8FE11944A714 35328 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe
2014-10-14 19:40:13 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
2014-10-14 19:40:08 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
2014-10-14 19:40:06 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
2014-10-14 19:40:01 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
2014-10-14 19:40:01 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
2014-10-14 19:40:00 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll
2014-10-14 19:40:00 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
2014-10-14 19:39:59 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl
2014-10-14 19:39:58 2A1C9DB3F9C09795D77E9F24C30BE423 363008 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll
2014-10-14 19:39:58 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
2014-10-14 19:39:57 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll
2014-10-14 19:39:56 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll
2014-10-14 19:39:56 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll
2014-10-14 19:39:56 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll
2014-10-14 19:39:55 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll
2014-10-14 19:39:55 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll
2014-10-14 19:39:44 F782575495709CD79F1A15EFD11D51E3 76288 ----a-w- C:\WINDOWS\Sysnative\packager.dll
2014-10-14 19:39:44 A00B916CD6A67984257DC53052350219 2646016 ----a-w- C:\WINDOWS\Sysnative\authui.dll
2014-10-14 19:39:44 7667B9D81EA8FD6540E6CF72F92161A6 109568 ----a-w- C:\WINDOWS\Sysnative\appinfo.dll
2014-10-14 19:39:42 25EE65F2FA154EDED0E87354311FB1E2 590336 ----a-w- C:\WINDOWS\Sysnative\rastls.dll
2014-10-14 19:39:39 34A16F6F9546595952C65003D9A4B474 21195616 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
2014-10-14 19:39:38 1676B06421492B439A9E60C55692A921 8757760 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll
2014-10-14 19:39:37 8A522BBE4E06586C57E5D9DC50FB88B0 6649344 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
2014-10-14 19:39:34 57CA779C19C2F224BE0C5EFC40F54B60 4758528 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll
2014-10-14 19:39:33 5053FE9043FB84D71B04EFC7D5DA13CF 1710184 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll
2014-10-14 19:39:33 37C1CBCB3F420C754E86E3EC313D436D 1112512 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll
2014-10-14 19:39:33 2ECA23663D13100032E09062C743C70D 1507648 ----a-w- C:\WINDOWS\Sysnative\propsys.dll
2014-10-14 19:39:33 10CE7F7704E293F6CC6E0AF51DBFD95A 1106432 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll
2014-10-14 19:39:32 ACFEE9487693C2BD573DFCA71D98E17C 914432 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll
2014-10-14 19:39:32 ABB028BAB78E7B4AFE374F8246F6CCB6 359424 ----a-w- C:\WINDOWS\Sysnative\Wldap32.dll
2014-10-14 19:39:32 30293301B14D0D11D086B09831F5FE0D 920064 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll
2014-10-14 19:39:31 FD4EA8E9232ADD51DC31C295DDEF2768 287744 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll
2014-10-14 19:39:31 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe
2014-10-14 19:39:31 E325BCD68EC0CF2E2EDD0AB7CC17C698 267776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll
2014-10-14 19:39:31 73F269436228D5625E83A1EAF3549F58 118272 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll
2014-10-14 19:39:31 66CBCDDEF429E5BA83C3288EEB0771A6 717824 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll
2014-10-14 19:39:31 5D4A403DAE434FBA11779496EAFBDDE8 75776 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll
2014-10-14 19:39:31 36F977EDAE6CEE96CE6409B2B16765B4 290816 ----a-w- C:\WINDOWS\Sysnative\ProximityService.dll
2014-10-14 19:39:31 3014CE5846A486C624E3E2CEB8C3290C 286208 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll
2014-10-14 19:39:31 0DD29E5328436D51517316CD6D3BACCA 286208 ----a-w- C:\WINDOWS\Sysnative\pcsvDevice.dll
2014-10-14 19:39:30 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml
2014-10-14 19:38:47 4C3A631A721A49324715717535633002 2779648 ----a-w- C:\WINDOWS\Sysnative\msi.dll
2014-10-11 23:35:46 BCCEF57B49802983F55B5628654D60F2 1715224 ----a-w- C:\WINDOWS\Sysnative\nvspbridge64.dll
====== C:\WINDOWS\Sysnative\drivers =====
2014-10-14 19:39:34 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-10-14 19:39:31 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2014-10-11 23:35:12 1AF619620613869C07F9C147BC37520F 38048 ----a-w- C:\WINDOWS\Sysnative\drivers\nvvad64v.sys
====== C:\WINDOWS\Tasks ======
2014-10-18 07:30:25 A26022A2A78A96F4B69E0B58CDFA464E 2392 ----a-w- C:\WINDOWS\Sysnative\Tasks\Uninstaller_SkipUac_Jess
2014-10-18 07:30:24 CE905B954B97B203CC6BA65DD89F38DE 294 ----a-w- C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jess.job
2014-10-16 21:16:20 462CE2051FC725D6CA835E6D62F9141D 3718 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater
2014-10-16 21:16:20 2EAEFB277BE3A19AEC75817B21E84421 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-10-18 08:09:55 -------- d-----w- C:\PROGRA~2\Microsoft ASP.NET
2014-10-08 22:36:04 -------- d-----w- C:\PROGRA~2\etax2014
======= C: =====
====== C:\Users\Jess\AppData\Roaming ======
2014-10-18 07:30:24 -------- d-----w- C:\Users\Jess\AppData\Locallow\IObit
2014-10-08 22:36:23 -------- d-----w- C:\Users\Jess\AppData\Local\etax2014
====== C:\Users\Jess ======
2014-10-22 23:16:28 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Jess\Downloads\CKScanner.exe
2014-10-22 23:06:33 0D34D472028442338A1D968045E2BA56 2112000 ----a-w- C:\Users\Jess\Downloads\FRST64.exe
2014-10-18 08:23:44 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Jess\Downloads\OTL.exe
2014-10-18 07:30:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2014-10-18 07:29:05 82FED426E8DD46BE4AD6436D92EE69C2 17084704 ----a-w- C:\Users\Jess\Downloads\iobituninstaller.exe
 
====== C: exe-files ==
2014-10-22 23:16:28 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Jess\Downloads\CKScanner.exe
2014-10-22 23:06:33 0D34D472028442338A1D968045E2BA56 2112000 ----a-w- C:\Users\Jess\Downloads\FRST64.exe
2014-10-22 22:05:16 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateBroker.exe
2014-10-22 22:05:16 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe
2014-10-22 22:05:16 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateSetup.exe
2014-10-22 22:05:15 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
2014-10-22 22:05:15 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdate.exe
2014-10-22 22:05:15 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe
2014-10-22 22:05:15 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
2014-10-22 22:05:14 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe
2014-10-22 13:05:52 97740A4960B2472BEDA2D07E259513F3 4227128 ----a-w- C:\Users\Jess\AppData\Local\NVIDIA\NvBackend\Packages\00006673\DAO.18991687.exe
2014-10-18 08:23:44 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Jess\Downloads\OTL.exe
2014-10-18 08:23:10 C615260B6C4086D8ABDA4CA0D1FA0978 705192 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\SPREADSHEETCOMPARE.EXE
2014-10-18 08:22:07 EF5CDAC3A3CE8B9A7F357805A96DB35D 207008 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msoxmled.exe
2014-10-18 08:21:53 E9429F79D6CB4A55507670848CB4C114 1092304 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe
2014-10-18 08:21:53 2E758A0977496EFA266A83D799C9DB8D 39576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe
2014-10-18 08:21:52 D30F6062378AC3841FB6DAB3BF8985BC 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe
2014-10-18 08:21:37 CB4DFF5A901C67427ADEE1D3BEC52950 5646032 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe
2014-10-18 08:21:37 5CD0D12DDEF5C55F7A64DCECFBDA69EF 81640 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
2014-10-18 08:21:36 BFE82F5FE97A17DD9123B5258B0FD254 474336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe
2014-10-18 08:21:36 368658067770F2D16144B14252BEBACE 217768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\msoxmled.exe
2014-10-18 08:21:36 026130F14E4B37D5C4301FDCEB57880B 842448 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe
2014-10-18 08:21:35 40217D2B91E975A2B0B1ABECD138609F 7683792 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe
2014-10-18 08:21:28 D1D5FC400F06B2E524BB47C5B516DB17 665248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe
2014-10-18 08:21:28 5E593E51508443A06C6D1CEAF337FEB7 528584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe
2014-10-18 08:21:28 261F4557C83373370330F2E48B9B7DFB 1923232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\winword.exe
2014-10-18 08:21:24 9AB01296A58B780E181879B3797AECC3 874152 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2014-10-18 08:21:24 10BE343895F94B7426A03DD84026DD64 480984 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe
2014-10-18 08:21:23 6CCAF0A53351077CA8E5EE0499ADB576 1846952 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe
2014-10-18 08:21:22 CDE3EEF1B73343A8C4DBC2CEC213A3B5 18945704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
2014-10-18 08:21:12 81527A17C053AF3E3727773D2C450BB3 569584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe
2014-10-18 08:21:11 9D47406C094F8B4FD1F0ADC102CE7F6D 1295568 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ocpubmgr.exe
2014-10-18 08:21:11 7576EBAE4823160E869E7BE0159A809B 1764512 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
2014-10-18 08:21:09 8165B35717D280000ECD14E76E910FE6 15518880 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe
2014-10-18 08:21:08 F710ED039556A1B99BDD2052897BE1A2 10773152 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\mspub.exe
2014-10-18 08:21:08 B303F05ACAC08E4C382CA0B304B36258 449208 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
2014-10-18 08:21:08 4AFE484AE31937293601AD30CDEBB9A9 497848 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msouc.exe
2014-10-18 08:21:07 F4FB4B084BF4272136DF34E40F62FF73 8615608 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\groove.exe
2014-10-18 08:21:07 366859731FF2E8D1B4335E33747CAB10 283304 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoia.exe
2014-10-18 08:21:06 42879BACF2DF7D581158789E394DA105 19038360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe
2014-10-18 08:21:05 B452F270F446C329BE486B6C7AE0A2CB 1784480 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\infopath.exe
2014-10-18 08:21:05 771A8E318EBBEA66973442B820B69063 6484640 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe
2014-10-18 08:21:03 C4DB721EDCD74219F5E0F02D5823597D 517360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe
2014-10-18 08:21:03 78203615303DCBDA99BA7E3FFDACC022 21930648 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2014-10-18 08:21:03 2F2A1441874F210ED25A1AA4683F218F 4522680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\graph.exe
2014-10-18 08:21:02 0384F9AD56CB8EFA5BC7165EF531A87A 991904 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe
2014-10-18 08:21:01 5B27F9BE01A48BD5AC13DFCF51419A41 25705112 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe
2014-10-18 08:20:59 9152AE0B52305D48C9E291936501823C 228536 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\clview.exe
2014-10-18 08:20:58 8E3F2CF6D8097E388A8448CF4BCA4585 33432 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\appsharinghookcontroller.exe
2014-10-18 08:20:52 8D7A1204CC0086FDE7C3C3A08D1840C9 6014120 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\onedrivesetup.exe
2014-10-18 08:20:06 DDBAA03A36620DA45135DDCC6AC8EBB7 281760 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\DATABASECOMPARE.EXE
2014-10-18 07:30:19 82FED426E8DD46BE4AD6436D92EE69C2 17084704 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
2014-10-18 07:30:18 6CF2370081D2E34B18FA5C4177321570 777504 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe
2014-10-18 07:30:03 A6B9902D2F24EADC87BBAAFC87F711F3 2151200 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitDownloader.exe
2014-10-18 07:30:03 A1EFEBEF966A397A6EC3362FFD23BF71 1169696 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\SendBugReportNew.exe
2014-10-18 07:30:01 4BC79604D8C806075CB3CB3AB64F7F27 1478432 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstall_Mitor.exe
2014-10-18 07:30:01 2253212D79080CCE4685A1CF20E31FB7 1084704 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
2014-10-18 07:29:05 82FED426E8DD46BE4AD6436D92EE69C2 17084704 ----a-w- C:\Users\Jess\Downloads\iobituninstaller.exe
2014-10-17 13:28:10 F33B2BAC968BE5A7AE84964B2B6465FD 423664 ----a-w- C:\Users\Jess\AppData\Local\NVIDIA\NvBackend\Packages\00006647\CoProc update.18983142.exe
=== C: other files ==
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-21-630687064-2654820733-4038575442-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"932D3A574877A989C6486A019F6EC41F8773E465._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"uTorrent"="C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"ASUS InstantKey"="C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"PowerDVD13Agent"="C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
"WD Quick View"="C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"932D3A574877A989C6486A019F6EC41F8773E465._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"uTorrent"="C:\Users\Jess\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3"
"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"FXAPQLU"="C:\Program Files\Fuji Xerox\Printer Software for AP\FXAPQLUZ.EXE /S"
"FXSMAPPSP"="C:\Program Files\Fuji Xerox\SimpleMonitor for AP\FXAPPSPZ.EXE"
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"
 
==== Startup Folders ======================
 
2014-05-17 23:38:34 1102 ----a-w- C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-12-02 10:41:27 1732 ----a-w- C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
2014-02-27 00:56:27 1320 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
 
==== Task Scheduler Jobs ======================
 
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/10/2014 08:16 AM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/12/2013 05:28 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/12/2013 05:28 PM]
C:\WINDOWS\tasks\Uninstaller_SkipUac_Jess.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [18/10/2014 06:29 PM]
 
==== Other Scheduled Tasks ======================
 
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Console" [C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe]
"C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files\ASUS\P4G\InsOnCfg.exe]
"C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Patch for Touch Panel" [C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Jess" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
 
==== Chromium Look ======================
 
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Jess\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[06/07/2014 05:07 PM]
 
Google Drive - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Facebook - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Google Search - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Hola Better Internet - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng
Dropbox - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl
IDM Integration Module - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
eBay Extension for Google Chrome - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck
Google Wallet - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jess\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IESR02"
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on Thu 23/10/2014 at 23:52:14.70 ======================

  • 0

Advertisements


#11
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)



TDSSKiller_Kaspersky.png Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.

  • Right-click on TDSSKiller_Kaspersky.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
  • Your machine may appear very slow and unusable after that - it's normal.
  • TDSSKiller will run automaticaly. Click on Change parameters and click OK.
  • Make sure that Verify driver digital signatures & Detect TDLFS File System are marked and click OK.
  • Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:

  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    > Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    > If Cure is not available, please choose Skip instead.
  • Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.



MbrScan.png Scan with MBRScan

Please download MbrScan by Eric_71 and save it to your desktop.

  • Right-click on MbrScan.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • First click Scan at the upper bar.
  • When the table will get filled with data, click Report.
  • A log (MbrScan.txt) will open in notepad.

Please include the contents of that file in your reply. Due to special formatting, post it directly and not attach!
There will be also a file named Dump_Hdd*_DR*.mbr on your desktop. Do not click on it or delete it!


  • 0

#12
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I have tried three times to post the content of the latest set of scans you wanted. 

Copy and pasted contents twice, and after no luck, I posted the TDSSKiller content using copy/paste and the MBRScan as a file attachment. 

Still no luck. 

I will try to attach all three as .txt files. 


  • 0

#13
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I am unable to attach the TDSSKiller files. I am getting an error message telling me the upload has been skipped. I cannot attach these files (there were two generated from one scan).

MBRScan log is attached.

Attached File  MbrScan.log   48.36KB   205 downloads


  • 0

#14
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

TDSSKiller file 1 - TDSSKiller.3.0.0.40_24.10.2014_14.34.32_log

 

14:34:32.0550 0x2af4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:34:32.0551 0x2af4  UEFI system
14:34:39.0271 0x2af4  ============================================================
14:34:39.0272 0x2af4  Current date / time: 2014/10/24 14:34:39.0271
14:34:39.0272 0x2af4  SystemInfo:
14:34:39.0272 0x2af4  
14:34:39.0272 0x2af4  OS Version: 6.2.9200 ServicePack: 0.0
14:34:39.0272 0x2af4  Product type: Workstation
14:34:39.0272 0x2af4  ComputerName: JESSS-PC
14:34:39.0272 0x2af4  UserName: Jess
14:34:39.0272 0x2af4  Windows directory: C:\WINDOWS
14:34:39.0272 0x2af4  System windows directory: C:\WINDOWS
14:34:39.0272 0x2af4  Running under WOW64
14:34:39.0272 0x2af4  Processor architecture: Intel x64
14:34:39.0272 0x2af4  Number of processors: 8
14:34:39.0272 0x2af4  Page size: 0x1000
14:34:39.0272 0x2af4  Boot type: Normal boot
14:34:39.0272 0x2af4  ============================================================
14:34:39.0517 0x2af4  KLMD registered as C:\WINDOWS\system32\drivers\96787564.sys
14:34:39.0880 0x2af4  System UUID: {2124EFAD-8368-264D-654D-783BE222052B}
14:34:40.0212 0x2af4  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:34:40.0216 0x2af4  ============================================================
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0:
14:34:40.0216 0x2af4  GPT partitions:
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {45BFF093-541A-4B82-8562-4CA1EC7D8AD5}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B9E7F4EF-AF0E-4833-8D18-8734083C2C23}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B82FFFF3-B989-4AD7-AC80-F29EBCCC3ABC}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FDC74074-4FB7-4D61-A5F6-9951D6BB7C75}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x45D20800
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8F0B6AD7-DC84-45C2-8F8B-1EDD96D68FF5}, Name: , StartLBA 0x45F55000, BlocksNum 0xAF000
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CAB30530-CF88-40CD-85E6-946BA149211B}, Name: Basic data partition, StartLBA 0x46004000, BlocksNum 0x6627E800
14:34:40.0216 0x2af4  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {34127F50-DE4D-4C48-8F80-0CFBB84EC71B}, Name: Basic data partition, StartLBA 0xAC282800, BlocksNum 0x2805000
14:34:40.0216 0x2af4  MBR partitions:
14:34:40.0216 0x2af4  ============================================================
14:34:40.0232 0x2af4  C: <-> \Device\Harddisk0\DR0\Partition4
14:34:40.0270 0x2af4  D: <-> \Device\Harddisk0\DR0\Partition6
14:34:40.0316 0x2af4  G: <-> \Device\Harddisk0\DR0\Partition7
14:34:40.0316 0x2af4  ============================================================
14:34:40.0316 0x2af4  Initialize success
14:34:40.0316 0x2af4  ============================================================
14:34:58.0574 0x1a08  KLMD registered as C:\WINDOWS\system32\drivers\81825692.sys
14:34:59.0691 0x1a08  Deinitialize success

  • 0

#15
Jesssta

Jesssta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I cannot post the second file

TDSSKiller.3.0.0.40_24.10.2014_14.37.12_log

 

It will not go, chrome is starting to crash when I paste the logged info. 

I have been trying for over an hour.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP