Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow Boot Time and Browser Pop up issues [Solved]

Systems Slow response browser

  • This topic is locked This topic is locked

#46
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by Nigel on Tue 10/21/2014 at  5:44:06.52.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nigel\Desktop\zoek.exe    [Scan all users] [Script inserted]

==== System Restore Info ======================

10/21/2014 5:48:49 AM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

æTorrent 
Adobe AIR 
Adobe Community Help 
Adobe Creative Cloud 
Adobe Flash Player 15 ActiveX 
Adobe Flash Player 15 Plugin 
AMD APP SDK Runtime 
AMD Catalyst Control Center 
AMD Catalyst Install Manager 
AMD Drag and Drop Transcoding 
AMD Fuel 
AMD Media Foundation Decoders 
Apple Application Support 
Apple Mobile Device Support 
Apple Software Update 
Bing Bar 
Bing Desktop 
BlueStacks App Player 
Bonjour 
Canon Easy-WebPrint EX 
Canon MG2100 series MP Drivers 
Canon MG2100 series On-screen Manual 
Canon MG2100 series User Registration 
Canon MP Navigator EX 5.0 
Canon My Image Garden 
Canon My Image Garden Design Files 
Canon My Printer 
Canon Solution Menu EX 
Catalyst Control Center - Branding 
Catalyst Control Center Core Implementation 
Catalyst Control Center Graphics Full Existing 
Catalyst Control Center Graphics Full New 
Catalyst Control Center Graphics Light 
Catalyst Control Center Graphics Previews Common 
Catalyst Control Center Graphics Previews Vista 
Catalyst Control Center InstallProxy 
Catalyst Control Center Localization All 
ccc-core-static 
ccc-utility64 
CCC Help Chinese Standard 
CCC Help Chinese Traditional 
CCC Help Czech 
CCC Help Danish 
CCC Help Dutch 
CCC Help English 
CCC Help Finnish 
CCC Help French 
CCC Help German 
CCC Help Greek 
CCC Help Hungarian 
CCC Help Italian 
CCC Help Japanese 
CCC Help Korean 
CCC Help Norwegian 
CCC Help Polish 
CCC Help Portuguese 
CCC Help Russian 
CCC Help Spanish 
CCC Help Swedish 
CCC Help Thai 
CCC Help Turkish 
Cisco EAP-FAST Module 
Cisco LEAP Module 
Cisco PEAP Module 
Cloud System Booster 
DC-Bass Source 1.3.0 
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition 
DirectVobSub 2.40.4209 
DivX Setup 
DMG Extractor 
ffdshow v1.1.4399 [2012-03-22] 
Google Talk (remove only) 
Google Talk Plugin 
Google Toolbar for Internet Explorer 
Google Update Helper 
iCloud 
ImTOO iPhone Photo Transfer 
ImTOO iPhone SMS Backup 
IObit Apps Toolbar v8.3 
iPhone Backup Extractor 
iPhoneBrowser 
iTunes 
Java 7 Update 67 
Java 7 Update 72 (64-bit) 
Java 8 Update 25 
Java Auto Updater 
JMicron 1394 Filter Driver 
Lagarith Lossless Codec (1.3.27) 
LAME v3.99.3 (for Windows) 
Malwarebytes Anti-Malware version 2.0.3.1025 
Marvell Miniport Driver 
Microsoft .NET Framework 4.5.1 
Microsoft .NET Framework 4.5.1 (CSY) 
Microsoft .NET Framework 4.5.1 (RUS) 
Microsoft ASP.NET MVC 4 Runtime 
Microsoft Mouse and Keyboard Center 
Microsoft Office Access MUI (English) 2010 
Microsoft Office Access Setup Metadata MUI (English) 2010 
Microsoft Office Excel MUI (English) 2010 
Microsoft Office Groove MUI (English) 2010 
Microsoft Office InfoPath MUI (English) 2010 
Microsoft Office Language Pack 2010 - English 
Microsoft Office O MUI (English) 2010 
Microsoft Office Office 32-bit Components 2010 
Microsoft Office OneNote MUI (English) 2010 
Microsoft Office Outlook MUI (English) 2010 
Microsoft Office PowerPoint MUI (English) 2010 
Microsoft Office Professional Plus 2010 
Microsoft Office Proof (English) 2010 
Microsoft Office Proof (French) 2010 
Microsoft Office Proof (Spanish) 2010 
Microsoft Office Proofing (English) 2010 
Microsoft Office Publisher MUI (English) 2010 
Microsoft Office Shared 32-bit MUI (English) 2010 
Microsoft Office Shared MUI (English) 2010 
Microsoft Office Shared Setup Metadata MUI (English) 2010 
Microsoft Office SharePoint Designer MUI (English) 2010 
Microsoft Office Word MUI (English) 2010 
Microsoft Office X MUI (English) 2010 
Microsoft Security Client 
Microsoft Security Essentials 
Microsoft Silverlight 
Microsoft Silverlight 5 Toolkit December 2011 
Microsoft Visual C++ 2005 Redistributable (x64) 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 
Microsoft Windows Debugging Symbols 
Microsoft WSE 3.0 Runtime 
Microsoft_VC80_ATL_x86 
Microsoft_VC80_ATL_x86_x64 
Microsoft_VC80_CRT_x86 
Microsoft_VC80_CRT_x86_x64 
Microsoft_VC80_MFC_x86 
Microsoft_VC80_MFC_x86_x64 
Microsoft_VC80_MFCLOC_x86 
Microsoft_VC80_MFCLOC_x86_x64 
Microsoft_VC90_ATL_x86 
Microsoft_VC90_ATL_x86_x64 
Microsoft_VC90_CRT_x86 
Microsoft_VC90_CRT_x86_x64 
Microsoft_VC90_MFC_x86 
Microsoft_VC90_MFC_x86_x64 
Microsoft_VC90_MFCLOC_x86 
Microsoft_VC90_MFCLOC_x86_x64 
Mozilla Firefox 18.0.2 (x86 en-US) 
Mozilla Maintenance Service 
MSXML 4.0 SP2 (KB954430) 
MSXML 4.0 SP2 (KB973688) 
Notification Center 
NVIDIA 3D Vision Controller Driver 340.50 
NVIDIA 3D Vision Driver 340.52 
NVIDIA Control Panel 340.52 
NVIDIA GeForce Experience 2.1.2 
NVIDIA GeForce Experience Service 
NVIDIA Graphics Driver 340.52 
NVIDIA HD Audio Driver 1.3.30.1 
NVIDIA Install Application 
NVIDIA LED Visualizer 1.0 
NVIDIA Network Service 
NVIDIA PhysX 
NVIDIA PhysX System Software 9.13.1220 
NVIDIA ShadowPlay 16.13.42 
NVIDIA Stereoscopic 3D Driver 
NVIDIA Update 16.13.42 
NVIDIA Update Core 
NVIDIA Virtual Audio 1.2.25 
OpenSource Flash Video Splitter 1.0.0.5 
PE988 
Picasa 3 
QuickShare 
QuickTime 7 
RealDownloader 
RealNetworks - Microsoft Visual C++ 2008 Runtime 
RealNetworks - Microsoft Visual C++ 2010 Runtime 
RealPlayer Cloud 
Realtek High Definition Audio Driver 
RealUpgrade 1.1 
Recuva 
RocketDock 1.3.5 
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) 
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition 
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition 
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition 
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition 
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition 
Security Update for Microsoft Word 2010 (KB2883013) 64-Bit Edition 
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition 
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition 
SHIELD Streaming 
SHIELD Wireless Controller Driver 
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition 
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition 
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition 
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition 
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2553092) 
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition 
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition 
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition 
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition 
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition 
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition 
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition 
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition 
UpdateService 
VC80CRTRedist - 8.0.50727.6195 
VideoDownloaderUltimate 
Visual Studio 2010 x64 Redistributables 
Visual Studio 2012 x64 Redistributables 
Visual Studio 2012 x86 Redistributables 
VLC media player 2.1.3 
Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179) 
Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2) 
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500) 
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800) 
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077) 
Windows Resource Kit Tools - SubInAcl.exe 
WinZip 18.5 
XBMC 
Xvid Video Codec 

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\BlueStacks\HD-Service.exe
C:\Program Files (x86)\BlueStacks\HD-Network.exe
C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Nigel\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Services (whitelist) ======================
Powered by E Dev

R2 - [ AnviStartupTime] -  AnviStartupTime - C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
R2 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - C:\Windows\system32\atiesrxx.exe
R2 - [AnviCsbSvc] - Anvi Cloud System Booster Speed Service - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
R2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"
R2 - [BstHdAndroidSvc] - BlueStacks Android Service - "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
R2 - [MBAMScheduler] - MBAMScheduler - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
R2 - [MBAMService] - MBAMService - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
R2 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
R2 - [MsMpSvc] - Microsoft Antimalware Service - "C:\Program Files\Microsoft Security Client\MsMpEng.exe"
R2 - [NfsClnt] - Client for NFS - C:\Windows\system32\nfsclnt.exe
R2 - [NvNetworkService] - NVIDIA Network Service - "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
R2 - [NvStreamSvc] - NVIDIA Streamer Service - "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
R2 - [nvsvc] - NVIDIA Display Driver Service - "C:\Windows\system32\nvvsvc.exe"
R2 - [SNMP] - SNMP Service - C:\Windows\System32\snmp.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
R2 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
R3 - [MSMQ] - Message Queuing - C:\Windows\system32\mqsvc.exe
R3 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 - [LiveUpdateSvc] - LiveUpdate - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
S2 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V
S2 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 - [avgfws] - AVG Firewall -
S3 - [AVGIDSAgent] - AVGIDSAgent -
S3 - [avgwd] - AVG WatchDog -
S3 - [BBUpdate] - BBUpdate - "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe"
S3 - [BstHdLogRotatorSvc] - BlueStacks Log Rotator Service - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
S3 - [gusvc] - Google Software Updater - "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V
S3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSMQTriggers] - Message Queuing Triggers - C:\Windows\system32\mqtgsvc.exe
S3 - [NisSrv] - Microsoft Network Inspection - "C:\Program Files\Microsoft Security Client\NisSrv.exe"
S3 - [ose64] - Office 64 Source Engine - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [osppsvc] - Office Software Protection Platform - "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe"
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
S3 - [WMSVC] - Web Management Service - C:\Windows\system32\inetsrv\wmsvc.exe
S4 - [BBSvc] - BingBar Service - "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe"
S4 - [BingDesktopUpdate] - Bing Desktop Update service - "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe"
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
S4 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe
S4 - [RealNetworks Downloader Resolver Service] - RealNetworks Downloader Resolver Service - "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
S4 - [RealPlayer Desktop Service] - RealPlayer Desktop Service - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
S4 - [RealPlayerUpdateSvc] - RealPlayer Update Service - "C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe"
S4 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S4 - [TlntSvr] - Telnet - C:\Windows\System32\tlntsvr.exe

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ----

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.GBDNSZEZXHQMJOADWNPC5WJ2XE\shell\open\command]
@="C:\\Users\\Nigel\\AppData\\Local\\Torch\\Application\\torch.exe"

==== Deleting Files \ Folders ======================

"C:\Windows\Installer\1aa557f1.msi" not found
C:\Users\Nigel\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\!vitruvian-autoenable.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\!vitruvian-csp.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\prefs.js deleted
C:\PROGRA~2\Mozilla Firefox\browser\defaults\preferences\!vitruvian-autoenable.js deleted
C:\PROGRA~2\Mozilla Firefox\browser\defaults\preferences\!vitruvian-csp.js deleted
C:\PROGRA~2\Constant Guard Protection Suite deleted
C:\PROGRA~2\LAVMediaCodec deleted
C:\Users\Nigel\AppData\Roaming\Other.ico deleted
C:\Users\Nigel\AppData\Roaming\Open Download Manager deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\PROGRA~3\VideoDownloaderUltimateWinApp deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Nigel\AppData\Local\cache deleted
C:\windows\SysNative\drivers\ssnfd.sys deleted
C:\Users\Guest\AppData\LocalLow\boost_interprocess deleted
C:\Users\Nigel\AppData\LocalLow\IObit Apps deleted
C:\Users\Nigel\AppData\LocalLow\Protect deleted
C:\Users\Nigel\AppData\LocalLow\{2C09954F-CDA8-4BD1-8794-1D543E050378} deleted
C:\Users\Nigel\AppData\LocalLow\ADSRemoval deleted
C:\Users\Nigel\AppData\LocalLow\BobyLyrics-16 deleted
C:\Users\Nigel\AppData\LocalLow\boost_interprocess deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\SysNative\tasks\YourFileDownloader Installer Starter deleted
C:\windows\SysNative\tasks\ss u helper-S-9665547 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged deleted
C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\jetpack deleted
C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\CT3281024 deleted
C:\Users\Nigel\Desktop\Video Downloader Ultimate.lnk deleted
C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected] deleted
C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\tho[email protected] deleted
"C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]" deleted
"C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]" deleted
"C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\extensions\[email protected]" deleted
"C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\extensions\[email protected]" deleted
"C:\PROGRA~3\7326f70cff8ae1e5\{F04D4328-4631-1CBE-1907-201B33FAF2E8}.20140922053317" deleted
"C:\PROGRA~3\7326f70cff8ae1e5\{F04D4328-4631-1CBE-1907-201B33FAF2E8}.20140922053555" deleted
"C:\PROGRA~3\7326f70cff8ae1e5" deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8192 MB
CPU Info: AMD Athlon™ 7450 Dual-Core Processor
CPU Speed: 2350.3 MHz
Sound Card: Speakers (Realtek High Definiti |
DTV-1 (NVIDIA High Definit |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce 8400GS | NVIDIA GeForce 8400GS | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Anchorfree HSS VPN Adapter #3 | Anchorfree HSS VPN Adapter #2 | Bluetooth Personal Area Network | Anchorfree HSS VPN Adapter | Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller
CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVDRAM GH40F     | E: Memorex DVD+-RAM 510L v1
Ports: COM8 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  298.1GB | K:  465.8GB
Hard Disks - Free: C:  140.9GB | K:  180.4GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 03/06/10 | ACRSYS - 20100306
Time Zone: Eastern Standard Time
Motherboard *: Gateway RS780
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Internet Explorer Version: 11.0.9600.17358
Mozilla Firefox version: 18.0.2 (x86 en-US)
Sun Java version: 1.8.0_25 (32-bit)
Sun Java version: 1.8.0_25 (64-bit)
Flash Player version: 15.0.0.152

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-10-14 23:02:50 932E3437D850E8F68C8E480CEBF9A28E 585 ----a-w- C:\Windows\w32dasm8.ini
====== C:\Users\Nigel\AppData\Local\Temp ====
2014-10-20 19:47:14 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\libiconv2.dll
2014-10-20 19:47:14 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\libintl3.dll
2014-10-20 19:47:14 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\pcre3.dll
2014-10-20 19:47:14 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\regex2.dll
2014-10-20 19:47:14 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-10-20 16:17:00 C80DB840AC2597B988E1C88B5D7015F2 2266800 ----a-w- C:\Users\Nigel\AppData\Local\Temp\2lfiem2t.pnr.exe
2014-10-19 15:08:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Nigel\AppData\Local\Temp\bs.exe
2014-10-19 04:17:03 C80DB840AC2597B988E1C88B5D7015F2 2266800 ----a-w- C:\Users\Nigel\AppData\Local\Temp\upwhpipm.mwl.exe
2014-10-12 16:54:48 E17B30D3B06DBC63E9E94DAE70290A35 787968 ----a-w- C:\Users\Nigel\AppData\Local\Temp\sqlite3.dll
====== Java Cache =====
2014-10-20 16:06:30 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Nigel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-77673dee
2014-10-20 16:06:25 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Nigel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-55000ee6
2014-10-20 16:06:25 68A0D936AD0F07F890D32160DE1AF93B 424 ----a-w- C:\Users\Nigel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2014-10-20 16:33:04 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Nigel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\3602b4d3-7173acff
2014-10-20 16:06:26 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Nigel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-6496eef8
====== C:\Windows\SysWOW64 =====
2014-10-14 21:19:02 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll
2014-10-14 21:18:59 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll
2014-10-14 21:18:58 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll
2014-10-14 21:18:57 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll
2014-10-14 21:18:39 2C5D7D6C3C3E998306F0BFD7FF7114B9 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll
2014-10-14 21:18:36 C1140AAB50F59C68394CE4C4046A9A8D 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 21:18:31 089236B6EC2E6C52A1864B79A09D7690 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 21:18:29 152FCD9B979D70FDB703A28152B634EA 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll
2014-10-14 21:18:25 F50F1EBD832CA070E1717C2044806ECF 3208704 ----a-w- C:\Windows\SysWOW64\mf.dll
2014-10-14 21:18:25 1858EF9B8A1E334AC1262D664367F451 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 21:18:24 9153F819C855EBD72417DAE7C176CF50 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 21:18:21 776DBF61BA3E8FA64FFA052559A29174 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 21:18:20 FDA08BEB01B0B0E372088DC21CBA73F3 3970488 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 21:18:18 623E143F2DF17C0106A9988F5D7DC878 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 21:18:17 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2014-10-14 21:18:16 B18B9BD51C8D86596110B9ABD138B92F 3914680 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 21:18:15 F8028D69DE63F180623D4444A39BAB3E 489984 ----a-w- C:\Windows\SysWOW64\evr.dll
2014-10-14 21:18:14 6BB12A7CA8779D96334B258548B071F5 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll
2014-10-14 21:18:14 5C3BA07E215B4F693E7D78D6F4980D98 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll
2014-10-14 21:18:14 454BF1E3B844306E764ADC0EA7B6E64C 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2014-10-14 21:18:13 8C147D67D4E75882DA88206DF098229A 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll
2014-10-14 21:18:11 77F95AE51E834BAFE903912F7EBE825B 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 21:18:11 6B07EE9C7668D2C704563DA838026828 81408 ----a-w- C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 21:18:09 534177269B23D1999DD1FCA50A396611 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll
2014-10-14 21:18:08 4BA17820B97F1CAED69E5BE5F1BC7C96 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 21:18:07 60FBCF033FF42A40C916C01A962A8802 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 21:18:06 20257A0BFB824B49055A6EEC29C72C03 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll
2014-10-14 21:18:03 4F1FCBB6A312825B9A84F813E5093AE9 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll
2014-10-14 21:18:00 D17954CA6343F43B62637F51996B4E95 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 21:17:57 9590D4F5699C176217A8CA2330E54D8A 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2014-10-14 21:17:54 E637A7187CAFB3EEEED0540CBEF27C8B 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll
2014-10-14 21:17:54 A7DD5C1F29877A473265D4B98B3495ED 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 21:17:54 73AC4B12E706CD7D0447976507E50DBE 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 21:17:54 73AC4B12E706CD7D0447976507E50DBE 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 21:17:54 52096F5F476733F2E2725CF346FF373B 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll
2014-10-14 21:16:15 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll
2014-10-14 21:14:47 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 21:14:47 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 21:14:47 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-10-14 21:14:47 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 21:14:46 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 21:14:46 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 21:14:46 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-10-14 21:14:45 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-10-14 21:14:45 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 21:14:45 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 21:14:44 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 21:14:43 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-10-14 21:14:43 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 21:14:43 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-10-14 21:14:42 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 21:14:41 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 21:14:41 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-10-14 21:14:40 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-10-14 21:14:38 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 21:14:38 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 21:14:37 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 21:14:37 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-10-14 21:14:37 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-10-14 21:14:37 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-10-14 21:14:36 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 21:14:36 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-10-14 21:14:24 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll
2014-10-14 21:14:03 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll
2014-10-14 21:14:03 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 21:14:01 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2014-10-14 21:10:29 0C9988BDA3CEC3C421B773982C5E2EC6 5703168 ----a-w- C:\Windows\SysWOW64\mstscax.dll
====== C:\Windows\SysWOW64\drivers =====
2014-10-17 17:50:40 AE38A32B618A2918EE49E68B89457DED 384 ----a-w- C:\Windows\SysWOW64\drivers\kgpfr2.cfg
====== C:\Windows\Sysnative =====
2014-10-20 17:24:22 70FF956FDDF481ADF7843E10A8817A9D 319912 ----a-w- C:\Windows\Sysnative\javaws.exe
2014-10-20 17:23:57 FB35B4AF77CFF25D3C6EAFF229BBFF87 189352 ----a-w- C:\Windows\Sysnative\javaw.exe
2014-10-20 17:23:57 AF91428609DF62ACA3424E23B560E637 189352 ----a-w- C:\Windows\Sysnative\java.exe
2014-10-20 17:23:57 50E4FB6625C82882F2563251D9948437 111016 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll
2014-10-19 20:25:28 D3A818A224BDA559B987A1308B6870BA 4968456 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2014-10-15 19:50:19 6A33E7AC6F12E9C1F4A09266FA4C5B89 6948 ----a-w- C:\Windows\Sysnative\ScanResults.xml
2014-10-15 19:41:50 406E76BE63C65E0BF4B263156320254E 464 ----a-w- C:\Windows\Sysnative\ScannerSettings
2014-10-14 21:19:02 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll
2014-10-14 21:18:58 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll
2014-10-14 21:18:58 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll
2014-10-14 21:18:58 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll
2014-10-14 21:18:39 2F5AF776A7B24C6B82D20B5F3179B235 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll
2014-10-14 21:18:38 EF86A7118A3950F03B364FAC93A08E96 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll
2014-10-14 21:18:33 73D3B2408952890DE8157EAA014B9A52 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll
2014-10-14 21:18:32 FE4ABDE0BC70BF9F82531FDB416C4B4E 4120576 ----a-w- C:\Windows\Sysnative\mf.dll
2014-10-14 21:18:31 868FE3B478D05A225D27A28E933CE33C 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll
2014-10-14 21:18:30 87222A707545E783D9FAE7940645A2C3 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll
2014-10-14 21:18:26 5807843607013D16EEEDC15DA4AA83E7 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll
2014-10-14 21:18:24 999A7FD4D9F8B1656F1167D94743E50A 457400 ----a-w- C:\Windows\Sysnative\ci.dll
2014-10-14 21:18:23 84396ACFCF981E2CBFACD084DF1271B9 616352 ----a-w- C:\Windows\Sysnative\winresume.efi
2014-10-14 21:18:23 00B454421642EF68B7A17D2C153920E2 693176 ----a-w- C:\Windows\Sysnative\winload.efi
2014-10-14 21:18:22 DA9AF4793B4874BE0BE28170DB890CDF 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll
2014-10-14 21:18:22 C2664AA33B7127C737FC5612EBEB4DE9 619056 ----a-w- C:\Windows\Sysnative\winload.exe
2014-10-14 21:18:22 8F3FE4C327D30629266F1F0650C2E910 1574400 ----a-w- C:\Windows\Sysnative\quartz.dll
2014-10-14 21:18:21 D382414098819BA8A0C2A5F362A710DC 5551032 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2014-10-14 21:18:21 7FC292D1527EDFEBA2576B6789DE6AB5 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll
2014-10-14 21:18:21 73D81B5B4B2655CB1B5662E770F755D5 532176 ----a-w- C:\Windows\Sysnative\winresume.exe
2014-10-14 21:18:21 19D511CC455C19DE1ADF60E6C39C85B6 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2014-10-14 21:18:20 F06D511B37BB101A7951A1837224B7A5 631808 ----a-w- C:\Windows\Sysnative\evr.dll
2014-10-14 21:18:19 6B381E24EC6A6519DC0A67F1DF5EF82C 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll
2014-10-14 21:18:18 08835F1772B58DE4C3AAF604760276A5 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll
2014-10-14 21:18:17 C92075D9FFC8429E6CA1279EA8D25722 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll
2014-10-14 21:18:17 81A2008198A6E450E4BC7EF361154C8A 1069056 ----a-w- C:\Windows\Sysnative\cryptui.dll
2014-10-14 21:18:16 2C1B6A64294F2182DC4999F923873974 679424 ----a-w- C:\Windows\Sysnative\audiosrv.dll
2014-10-14 21:18:15 4BE4D8091FBE4DE496B3EFBA206F29AE 432128 ----a-w- C:\Windows\Sysnative\mfplat.dll
2014-10-14 21:18:13 724EE88C7003974720087A4344331FC1 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2014-10-14 21:18:13 256390425414F90FCBC12F525A84EB11 188416 ----a-w- C:\Windows\Sysnative\pcasvc.dll
2014-10-14 21:18:12 D9A61370B40ABAA9F509113504CD8425 82432 ----a-w- C:\Windows\Sysnative\cryptsp.dll
2014-10-14 21:18:11 6F86A81133E8D468DDBE74E2A96CEA03 641024 ----a-w- C:\Windows\Sysnative\msscp.dll
2014-10-14 21:18:09 F71CA01C24FC3798A717B5A6F682F9AD 32256 ----a-w- C:\Windows\Sysnative\appidsvc.dll
2014-10-14 21:18:09 F4F4D51214FEC718D798CA4FF7629FC5 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2014-10-14 21:18:09 D179B4872554CFFD5621FD76E4469C81 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll
2014-10-14 21:18:09 01C98E5902E428D5C7EA136895FAEF4C 58880 ----a-w- C:\Windows\Sysnative\appidapi.dll
2014-10-14 21:18:08 A8DDFADCA566D4EA38C9DA928D14A658 126464 ----a-w- C:\Windows\Sysnative\audiodg.exe
2014-10-14 21:18:08 68E09E7CD4DC52F132A4B492ACE8C243 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe
2014-10-14 21:18:06 9797A23F773C0782A0D91BEC44054166 206848 ----a-w- C:\Windows\Sysnative\mfps.dll
2014-10-14 21:18:02 D79539E35A0F4A1A6E5DC9A268696DC5 146944 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe
2014-10-14 21:18:02 AB2EB93A982A2C26BA3E4D2D65328804 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe
2014-10-14 21:18:01 C15F3DF9122C70F42AC6D66CBC90918B 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll
2014-10-14 21:17:59 310A2A61A5588D932002F83651188C9E 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2014-10-14 21:17:57 B86AE91A441FA81CFFF2B53F2A1BF123 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe
2014-10-14 21:17:54 855056F06F3677063DB2CC51899BC216 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx
2014-10-14 21:17:54 855056F06F3677063DB2CC51899BC216 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll
2014-10-14 21:17:54 63578DB847FCC40883CB8F303E785D46 2048 ----a-w- C:\Windows\Sysnative\mferror.dll
2014-10-14 21:17:54 5C90E1F072AF0579620B500DA14588C3 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll
2014-10-14 21:17:53 71EF970D853661A6BAFBD45C36714FEC 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2014-10-14 21:16:16 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll
2014-10-14 21:14:46 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-10-14 21:14:46 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-10-14 21:14:46 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-10-14 21:14:46 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-10-14 21:14:46 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-10-14 21:14:43 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-10-14 21:14:43 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-10-14 21:14:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-10-14 21:14:42 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-10-14 21:14:41 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-10-14 21:14:41 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-10-14 21:14:40 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-10-14 21:14:39 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-10-14 21:14:39 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-10-14 21:14:36 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-10-14 21:14:35 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-10-14 21:14:35 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-10-14 21:14:35 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-10-14 21:14:34 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-10-14 21:14:34 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-10-14 21:14:34 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-10-14 21:14:33 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-10-14 21:14:33 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-10-14 21:14:33 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-10-14 21:14:33 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-10-14 21:14:32 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-10-14 21:14:31 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-10-14 21:14:31 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-10-14 21:14:31 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-10-14 21:14:30 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-10-14 21:14:24 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll
2014-10-14 21:14:05 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll
2014-10-14 21:14:04 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll
2014-10-14 21:14:03 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2014-10-14 21:14:03 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll
2014-10-14 21:14:01 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2014-10-14 21:12:40 974F83636F841739FEA5CC6219BFB241 276480 ----a-w- C:\Windows\Sysnative\generaltel.dll
2014-10-14 21:12:39 510D5492BCA9E63E10E3CE0285965722 507392 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-10-14 21:12:37 767D478BB4B2F84B47B3C0956E6A5A05 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll
2014-10-14 21:12:19 E9CB5F138943D383DB67F29AAB60453F 3179520 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2014-10-14 21:10:59 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-10-14 21:10:32 6DD73E4E947DB3B0608321AE13210D94 6584320 ----a-w- C:\Windows\Sysnative\mstscax.dll
====== C:\Windows\Sysnative\drivers =====
2014-10-17 17:50:33 E45A796BE8D820EEA181F7E8CC6F7802 1680 ----a-w- C:\Windows\Sysnative\drivers\kgpcpy.cfg
2014-10-14 21:18:24 946010CDFA91469351B22E2620CEBCD8 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys
2014-10-14 21:18:08 80B9412C4DE09147581FC935FB4C97AB 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys
2014-10-14 21:14:03 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
2014-10-14 21:14:00 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
2014-09-24 16:44:36 1AF619620613869C07F9C147BC37520F 38048 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys
====== C:\Windows\Tasks ======
2014-10-14 23:02:24 66901008CCF4771F81DDB7DF112946BF 3218 ----a-w- C:\Windows\Sysnative\Tasks\{E593581A-1EAB-4FD9-B360-D63A08BB6A7B}
2014-09-22 10:05:20 C59EF89471028574556D97FD793BD8CC 3350 ----a-w- C:\Windows\Sysnative\Tasks\Eakona Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-20 17:22:34 -------- d-----w- C:\Program Files\Java
======= C:\PROGRA~2 =====
2014-10-14 22:06:33 -------- d-----w- C:\PROGRA~2\Microsoft ASP.NET
======= C: =====
====== C:\Users\Nigel\AppData\Roaming ======
2014-10-20 17:38:36 -------- d-----w- C:\Users\Nigel\AppData\Local\Deployment
2014-10-20 15:51:44 -------- d-sh--w- C:\Users\Nigel\AppData\Locallow\EmieUserList
2014-10-20 15:51:44 -------- d-sh--w- C:\Users\Nigel\AppData\Locallow\EmieSiteList
2014-10-19 15:49:14 E254EF9C131D6F28412AD6054616FE38 110136 ----a-w- C:\Users\Nigel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 05:18:53 -------- d-----w- C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-19 03:10:06 -------- d-----w- C:\Users\Nigel\AppData\Local\Apple Inc
2014-09-29 15:51:51 -------- d-----w- C:\Users\Nigel\AppData\Local\DDMSettings
2014-09-26 05:13:02 -------- d-----w- C:\Users\Nigel\AppData\Local\pangu
2014-09-22 16:22:49 -------- d-----w- C:\Users\Nigel\AppData\Roaming\uTorrent
2014-09-22 09:32:41 -------- d-----w- C:\Users\Nigel\AppData\Local\Comodo
2014-09-22 09:32:41 -------- d-----w- C:\Users\Guest\AppData\Local\Comodo
2014-09-22 09:32:41 -------- d-----w- C:\Users\fbwuser\AppData\Local\Comodo
2014-09-22 09:32:41 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo
2014-09-22 09:32:40 -------- d-----w- C:\Users\fbwuser\AppData\Local\Google
2014-09-22 09:32:40 -------- d-----w- C:\Users\Administrator\AppData\Local\Google
====== C:\Users\Nigel ======
2014-10-20 20:50:37 590AE97695A21AE8FA5B419BE3E13452 1976320 ----a-w- C:\Users\Nigel\Desktop\AdwCleaner.exe
2014-10-20 19:03:08 3F5D9D75F6523CB30924999EDFDAD28B 1705698 ----a-w- C:\Users\Nigel\Desktop\JRT.exe
2014-10-20 18:02:19 9F27F27D5A7A8867A1326C3B8A32AD0A 2111488 ----a-w- C:\Users\Nigel\Desktop\FRST64.exe
2014-10-20 16:42:01 17C1F28D430B9EB4D117A574354DAA4E 31029672 ----a-w- C:\Users\Nigel\Downloads\jre-7u71-windows-x64 (1).exe
2014-10-20 16:41:59 17C1F28D430B9EB4D117A574354DAA4E 31029672 ----a-w- C:\Users\Nigel\Downloads\jre-7u71-windows-x64.exe
2014-10-20 16:41:25 E667907E4A46C1FCE7E695E13EE2AD2C 31036328 ----a-w- C:\Users\Nigel\Downloads\jre-7u72-windows-x64.exe
2014-10-20 16:23:42 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Nigel\Downloads\chromeinstall-8u25 (2).exe
2014-10-20 16:21:01 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Nigel\Downloads\chromeinstall-8u25 (1).exe
2014-10-20 16:07:23 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Nigel\Downloads\chromeinstall-8u25.exe
2014-10-19 20:38:49 -------- d-----w- C:\ProgramData\Office Genuine Advantage
2014-10-19 03:10:07 -------- d-----r- C:\Users\Nigel\iCloudDrive
2014-10-04 15:31:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-22 09:32:40 -------- d-----w- C:\Users\fbwuser\AppData
2014-09-22 09:32:40 -------- d-----w- C:\Users\Administrator\AppData

====== C: exe-files ==
2014-10-20 17:38:56 A2FC3671E02728D4DF4C86A741D39D80 10120 ------w- C:\Users\Nigel\AppData\Local\Apps\2.0\YPK0PLB7.026\Q4QTYBHT.7D9\goog...app_4fe91ede9f9bdca3_0001.0003_14e64c9d5e3094de\clickonce_bootstrap.exe
2014-10-20 17:38:56 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Users\Nigel\AppData\Local\Apps\2.0\YPK0PLB7.026\Q4QTYBHT.7D9\goog...app_4fe91ede9f9bdca3_0001.0003_14e64c9d5e3094de\GoogleUpdateSetup.exe
2014-10-20 17:38:56 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Users\Nigel\AppData\Local\Apps\2.0\YPK0PLB7.026\Q4QTYBHT.7D9\clic...exe_4fe91ede9f9bdca3_0001.0003_none_e0b66a25f1dbb47c\GoogleUpdateSetup.exe
2014-10-20 17:23:02 9DE71CCB18AFFB5F5F5B222BBAA172B2 180648 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2014-10-20 17:23:02 6B379D3F02F7948E9034EEA0C1254499 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2014-10-20 17:23:01 E493CF64762B31E321DDE4389A3A32FA 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2014-10-20 17:23:01 B35C7CFBAF75AE91C805A1ABDD1F1763 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2014-10-20 17:23:01 85729F41036DF6F046764D61694473BD 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2014-10-20 17:23:01 5DFB5D5BF958C6439535A9DE428A53AE 65448 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2014-10-20 17:23:01 2A2B90622417EC36D82097E242A14075 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2014-10-20 17:23:01 24885BF04D2BD4A8DF00DBEFB80EDB05 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2014-10-20 17:23:01 0F6982E10F352B6E06AE203B39C2798E 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2014-10-20 17:23:00 BDE2E6791216EEBB4BFECA8B8D15F98D 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe
2014-10-20 17:23:00 781C8DD895C3D7BF3F2073C66FBD86A4 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2014-10-20 17:22:59 F652D744C65A9B9C18EEF9800A5AF9F2 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2014-10-20 17:22:59 B77A66B340D0AE70B62877FB9D3B6D0D 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2014-10-20 17:22:58 5360E6C6923711C65DEC1AE5A064A18D 98216 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2014-10-20 17:22:57 70FF956FDDF481ADF7843E10A8817A9D 319912 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2014-10-20 17:22:56 FCC4FBBFF806C0F24000263C0251AC30 76200 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2014-10-20 17:22:56 FB35B4AF77CFF25D3C6EAFF229BBFF87 189352 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2014-10-20 17:22:55 F931367A59205A7F7D43ECF8E76AE212 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2014-10-20 17:22:55 C54693238EEB76472679C6AF68D6A5B4 55720 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2014-10-20 17:22:55 AF91428609DF62ACA3424E23B560E637 189352 ----a-w- C:\Program Files\Java\jre7\bin\java.exe
2014-10-20 16:29:47 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe
2014-10-20 16:29:46 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe
2014-10-20 16:29:46 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe
2014-10-20 16:29:08 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe
2014-10-20 16:29:07 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe
2014-10-20 16:29:06 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe
2014-10-20 16:29:06 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe
2014-10-20 16:29:05 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe
2014-10-20 16:29:05 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe
2014-10-20 16:29:04 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe
2014-10-20 16:29:04 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe
2014-10-20 16:29:04 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe
2014-10-20 16:29:02 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe
2014-10-20 16:29:02 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe
2014-10-20 16:29:02 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe
2014-10-20 16:29:02 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe
2014-10-20 16:29:01 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe
2014-10-20 16:29:00 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe
2014-10-20 16:28:59 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe
2014-10-20 16:28:58 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
2014-10-20 16:28:58 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe
2014-10-20 16:28:57 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe
2014-10-20 16:28:57 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe
2014-10-20 16:28:56 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe
2014-10-14 21:17:57 D5F60B28FB5F9210AD9827FEB47B1AF2 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-10-14 21:17:57 0786D45A6F41F075E20A18E2F7285BA0 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-10-14 21:17:56 E017E313FB86FDD356D3F15A7024B4F2 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe
2014-10-14 21:17:56 AC3B58FFD38D515DE923C63C2ACDFD54 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2014-10-14 21:17:56 686A215E51F5FF66B529AF7AA940EAE3 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe
2014-10-14 21:17:54 B56E64D20C205B219C717496E00303D0 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2014-10-14 21:14:46 6B9FDB34A5A490FF6A7EDE280062626A 810680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-10-14 21:14:46 54C9747BB0A64F4D9D401E4648363386 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-10-14 21:14:44 F9F310F9FB7F294F00ABDD03453D8CEE 812736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-10-14 21:14:43 649E8F572EC0D929F4EED13A53AC0475 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-10-14 21:14:43 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-10-14 21:14:39 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
=== C: other files ==
2014-10-20 19:47:13 FC1F36A7844235BACFE12DF3FD486026 14957 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\get.bat
2014-10-20 19:47:13 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\prelim.bat
2014-10-20 19:47:13 E5E1041DE1DBDDF20D704BA894BEAD05 183929 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\misc.bat
2014-10-20 19:47:13 E01FF880FC345F56C61E80C91FA03687 9384 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\runvalues.bat
2014-10-20 19:47:13 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\TDL4.bat
2014-10-20 19:47:13 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\medfos.bat
2014-10-20 19:47:13 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\surfvox.bat
2014-10-20 19:47:13 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\searchlnk.bat
2014-10-20 19:47:13 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\firefox.bat
2014-10-20 19:47:13 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\ev_clear.bat
2014-10-20 19:47:13 4D80C7010E2CE44AB25FA25B013649E4 8085 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\mws.bat
2014-10-20 19:47:13 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\ask.bat
2014-10-20 19:47:13 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\iexplore.bat
2014-10-20 19:47:13 1EFD82B5DDC672FE3D2AFE731898BAF4 14044 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\chrome.bat
2014-10-20 19:47:13 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Nigel\AppData\Local\Temp\jrt\delfolders.bat
2014-10-20 17:23:06 F6607AD20B39115ABC83875077CF21AF 18619 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
2014-10-20 16:29:10 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip
2014-10-19 15:27:36 CFBC8554DC72E8CF82BC69FD75530E35 3492429 ----a-w- C:\Users\Nigel\Downloads\iPhone Related\iPhone Software\iTools0520E.zip
2014-10-19 15:27:18 81D445724B0B9709F1C4AC4D88046496 4104796 ----a-w- C:\Users\Nigel\Downloads\iPhone Related\iPhone Software\Cydia7.zip
2014-10-19 14:53:35 7EEAADDA815681B811C0A5A90E5C033C 712779 ----a-w- C:\Users\Nigel\Downloads\iPhone Related\Evasi0n\Evasion7_1.0.8.zip
2014-10-19 09:26:22 8F4BD1B8E76099FB242FB5AABCFE5205 4984425 ----a-w- C:\Users\Nigel\Downloads\iPhone Related\iFaith\ifaith-v1.5.9.zip
2014-10-17 13:09:38 75EA177638D9A3AEB0D214B0FBE1A3CC 3382 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-425073729-1472267466-4260431720-1000\$RD2NZD6\Backup\_Analyzed.zip
2014-10-17 12:57:08 635DF0103DA0C2177A9F270F07C9F235 16955453 ----a-w- C:\Users\Nigel\Downloads\iPhone Related\Evasi0n\evasi0n7-win-1.0.8-ccb6ff816eb8789bf039cf3ca00edbedc199464f.zip
2014-10-14 21:18:24 946010CDFA91469351B22E2620CEBCD8 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys
2014-10-14 21:18:08 80B9412C4DE09147581FC935FB4C97AB 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2014-10-14 21:14:03 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-10-14 21:14:00 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-10-14 21:10:59 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart"

[HKEY_USERS\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"
"CloudSystemBooster"="C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe  /hide /autorun"
"Google Update"="C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"uTorrent"="C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe  -osboot"
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="2014-10-04T08:45:41"
"IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart"
"Acrobat Assistant 8.0"="2014-10-04T08:45:42"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"
"CloudSystemBooster"="C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe  /hide /autorun"
"Google Update"="C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"uTorrent"="C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"Appinit_Dlls"=""

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud]
"command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true"
"hkey"="HKLM"
"item"="Adobe Creative Cloud"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"command"="c:\\program files (x86)\\common files\\adobe\\oobe\\pdapp\\uwa\\updaterstartuputility.exe"
"hkey"="HKLM"
"item"="AdobeAAMUpdater-1.0"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin"
"hkey"="HKLM"
"item"="AdobeCS5.5ServiceManager"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apoint]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Apoint"
"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bench Communicator Watcher]
"hkey"="HKLM"
"item"="Bench Communicator Watcher"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bench Settings Cleaner]
"hkey"="HKLM"
"item"="Bench Settings Cleaner"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BService]
"hkey"="HKLM"
"item"="BService"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BService64]
"hkey"="HKLM"
"item"="BService64"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IObit Malware Fighter]
"hkey"="HKLM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IObit Malware Fighter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mmonitor]
"command"="C:\\Program Files (x86)\\Anvisoft\\Cloud System Booster\\extentions\\toolbox\\Anvi RAM Booster\\Anvi_RAM_Booster.exe hide=1"
"hkey"="HKCU"
"item"="Anvi_RAM_Booster"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess]
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\MSOSYNC.EXE\""
"hkey"="HKCU"
"item"="MSOSYNC"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtection]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SearchProtection"
"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"command"="c:\\program files (x86)\\google\\googletoolbarnotifier\\googletoolbarnotifier.exe"
"hkey"="HKCU"
"item"="swg"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"
"hkey"="HKLM"
"item"="SwitchBoard"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Users\\Nigel\\AppData\\Roaming\\uTorrent\\uTorrent.exe\"  /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloaderUltimate]
"command"="C:\\ProgramData\\VideoDownloaderUltimateWinApp\\VideoDownloaderUltimate.exe /repair"
"hkey"="HKCU"
"item"="VideoDownloaderUltimate"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wd]
"hkey"="HKLM"
"item"="Wd"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WRSVC]
"hkey"="HKLM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WRSVC"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk]
"item"="Install Webroot IE RunOnce"
"backupExtension"=".CommonStartup"
"command"="C:\\Program Files (x86)\\Common Files\\wruninstall.exe"
"backup"="C:\\Windows\\pss\\Install Webroot IE RunOnce.lnk.CommonStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk]
"item"="LaunchU3.exe"
"backupExtension"=".CommonStartup"
"backup"="C:\\Windows\\pss\\LaunchU3.exe.lnk.CommonStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A1Clean.lnk]
"item"="A1Clean"
"backupExtension"=".Startup"
"backup"="C:\\Windows\\pss\\A1Clean.lnk.Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk]
"item"="JustCloud"
"backupExtension"=".Startup"
"command"="C:\\Program Files (x86)\\JustCloud\\JustCloud.exe"
"backup"="C:\\Windows\\pss\\JustCloud.lnk.Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk]
"backup"="C:\\Windows\\pss\\Microsoft SharePoint Workspace.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\MICROS~1\\Office14\\GROOVE.EXE /TrayOnly"
"item"="Microsoft SharePoint Workspace"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASCAntivirusSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth Device Monitor]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth Media Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth OBEX Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\btwdins]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabSearch]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hshld]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HssTrayService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HssWd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IMFservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RealNetworks Downloader Resolver Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RealPlayer Desktop Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RealPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WRSVC]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/24/2014 04:33 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job --a------ C:\Users\Nigel\AppData\LoC:al\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job --a------ C:\Users\Nigel\AppData\LoC:al\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\ReclaimerUpdateFiles_Nigel.job --a------ C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [09/20/2014 09:49 AM]
C:\Windows\tasks\ReclaimerUpdateXML_Nigel.job --a------ C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [09/20/2014 09:49 AM]
C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Nigel.job --a------ C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [09/20/2014 09:49 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Nigel-PC-Nigel" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\ASO-RegistryCleaner" [C:\Program Files (x86)\Advanced System Optimizer 3\RegClean.exe]
"C:\Windows\SysNative\tasks\ASO-RegistryOptimizer" [C:\Program Files (x86)\Advanced System Optimizer 3\RegistryOptimizer.exe]
"C:\Windows\SysNative\tasks\ASO-System Protector" [C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe]
"C:\Windows\SysNative\tasks\Chrome Launcher" [C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe]
"C:\Windows\SysNative\tasks\Csb_IdleScan_Task" [C:/Program Files (x86)/Anvisoft/Cloud System Booster/CloudSystemBooster.exe]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Nigel)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\DriverBoost-RTMRules" [C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe]
"C:\Windows\SysNative\tasks\DriverBoost-RTMScan" [C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe]
"C:\Windows\SysNative\tasks\DriverBoost-RTMUpdater" [C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe]
"C:\Windows\SysNative\tasks\Eakona Update" [C:\ProgramData\Eakona\update15.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core" [C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA" [C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GPUpdateCheck" ["C:\Program Files (x86)\GetPrivate\gpup.exe"]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\ReclaimerUpdateFiles_Nigel" [C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe]
"C:\Windows\SysNative\tasks\ReclaimerUpdateXML_Nigel" [C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe]
"C:\Windows\SysNative\tasks\RNUpgradeHelperLogonPrompt_Nigel" [C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe]
"C:\Windows\SysNative\tasks\RNUpgradeHelperResumePrompt_Nigel" [C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\SmartDefrag_Schedule" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe]
"C:\Windows\SysNative\tasks\Test TimeTrigger" [C:\Users\Nigel\AppData\Local\Temp\Runner.exe]
"C:\Windows\SysNative\tasks\{077AA7A5-1BD3-4EFA-ABDB-DFB6174D3071}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{0F35E7D5-B3FA-4E4F-B3C2-695339938076}" [C:\Users\Public\Documents\ATISetup.exe]
"C:\Windows\SysNative\tasks\{10054E13-B4D2-4038-A149-7D7CD286D5BC}" [C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe]
"C:\Windows\SysNative\tasks\{11B3F5B9-1B08-4582-8226-996CDA70793D}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{154733BA-4DA3-4301-AD83-0230D0C5461D}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{1A248453-EA28-4123-BDBE-21B643214981}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{1BB641A5-4C01-461B-A3CA-3EE7A8AFC753}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{1C9473D9-9587-4262-BED4-CE9A0A5B7132}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{1D1A5A4A-8E61-4697-AC2F-51D7EE009786}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{1F60F57D-30CA-4034-BC06-941D7B6CD9F0}" [C:\Program Files (x86)\FVD Player\FVD Player.exe]
"C:\Windows\SysNative\tasks\{21766169-89C2-49F6-BB8F-AB224E395A1B}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{25E512C9-6BF5-4F04-AD7A-771D90B5EA74}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{28980DF0-B3B8-477B-B624-7B366C1E9F82}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{2A23BB18-DE5C-43BD-BC52-72961C9849D3}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{2C7ACBC0-7276-4542-8CD7-529B4D9AA8CC}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{2D439E47-B377-4F2A-84A7-1FFFB9315E27}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{3809E01F-7D74-419D-A04E-475AC9AC0104}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{3A0372C4-11E7-4A9F-97D8-DA624D7A58FD}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{3CED81EB-75E9-4886-9345-6F8A59F71133}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{48E4D8DA-0C19-4658-B79C-C5078590BEEF}" [C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe]
"C:\Windows\SysNative\tasks\{4A2DD742-0F4E-41E5-8164-8C4079E1D14C}" [C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe]
"C:\Windows\SysNative\tasks\{4AACEB05-CFC0-4279-9403-CC99773EDDCF}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{4BD65B01-0AE9-4A43-B2F7-CF6128EA21A9}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{50FFBF50-AA52-4ED1-B6A2-ABE0AB7A1FA8}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{52EC31A4-035C-4281-B156-1FFA146BEFB5}" [C:\Program Files (x86)\FVD Player\FVD Player.exe]
"C:\Windows\SysNative\tasks\{544F44BF-F291-4E18-8BF3-60C0E38A8E9D}" [C:\Program Files (x86)\FVD Player\FVD Player.exe]
"C:\Windows\SysNative\tasks\{5F84FB09-08A8-499F-B17F-7CCCA4EE158D}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{5FB22839-DCD7-44B2-8A12-F735271B7366}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{621D54F1-F962-49FF-80F3-E4901E48F97F}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{698C9EF4-C460-4000-8D89-333C6772CA58}" [C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe]
"C:\Windows\SysNative\tasks\{6B57D0FB-0777-475C-BA43-6C289D187EFD}" [C:\Program Files (x86)\iTunes\iTunes.exe]
"C:\Windows\SysNative\tasks\{6D7101B6-EC94-4CD8-9786-A08EE5E54F8F}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{6F328AA4-E7BC-4E55-8580-8DD694CC3ADB}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{6FCAAA83-1380-4B01-827E-618BDC4C8749}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{72C600E9-A2FB-4A6C-8EDB-4B7FD35F3BE0}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{73825FD6-27E8-44E3-A92D-5506AD1B97FA}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{73CE8116-3FE9-4BB0-9ECF-FF9EF71B71CC}" [C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe]
"C:\Windows\SysNative\tasks\{74F22C14-D49E-46A3-89CB-999F91FAE2D9}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{7B644DAF-35C5-439A-952A-E355469DEE4A}" [C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe]
"C:\Windows\SysNative\tasks\{7DB33574-0FEC-4FC6-92B5-1663FE05B401}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{81C5B8D4-8F2D-4A27-9184-EED41C281D3E}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{84129D00-A527-4272-9EAF-734B4C1137A6}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{8571D682-9355-4007-A9C8-52B226CC06A8}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{87D481AC-6BB3-4473-B7AD-3607DCEA8756}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{881571A8-9200-4CB5-B498-2A83A9E86DA6}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{8F6CAC86-F380-4C50-8006-36939E72777D}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{924020A1-5A40-46D8-ADE0-8DF0D267C4CA}" [C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe]
"C:\Windows\SysNative\tasks\{9B93F1C1-BAE0-4547-A7F4-436DCB981174}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{9ED700B8-ECDA-427C-B8E3-2791A2E2DCD7}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{9FAA2EAA-5333-4F67-897D-042DC1118AEF}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{9FBD2980-03DB-418A-8BE2-EFEF5DFC542B}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{A2992F5E-09C1-403A-B59B-A743630AD888}" [C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{AE34398D-666B-4CCE-BC8F-DB48148EA13F}" [C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe]
"C:\Windows\SysNative\tasks\{AEE3B048-B798-479B-B577-03A229A26271}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{B131A943-7DB1-4BDE-BC30-41E193340652}" [C:\Program Files (x86)\iTunes\iTunes.exe]
"C:\Windows\SysNative\tasks\{B15A5C3F-6909-4D9D-AEEA-7873D50CBFC1}" [C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe]
"C:\Windows\SysNative\tasks\{BAF80243-FBA1-4E89-95EB-C0D3AA496914}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{C174E770-DDA8-43A4-B145-1DDB63E80EFB}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{C1FD0AF3-F142-4A98-8F71-C27459CCC326}" [C:\Users\Public\Documents\ATISetup.exe]
"C:\Windows\SysNative\tasks\{C418A8B2-9255-49E4-A6E9-4D7CA82ADDD3}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{C6D7FCF8-E7B1-4703-8194-D75C03B4DF37}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{CC0FD0E2-776D-4B23-B75B-DA619AA69C1B}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{D8FD28E2-15C2-4D62-A60C-F8B55E46DD86}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{DA2D6784-B468-41D6-A9C3-E6456F0ECEDC}" [C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe]
"C:\Windows\SysNative\tasks\{DA4D9551-C22C-46DA-8B62-5524A325411B}" [C:\Program Files (x86)\iTunes\iTunes.exe]
"C:\Windows\SysNative\tasks\{DAE296A8-D8A2-4199-8500-2224FE88CDAF}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{DCD6F798-3E9A-4E0B-BD8F-4F1A56C6E1A5}" [C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe]
"C:\Windows\SysNative\tasks\{E053BCD8-88B4-40F6-B0E9-54B4C0E2DB24}" [C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe]
"C:\Windows\SysNative\tasks\{E400AB86-5A44-4228-A3CE-AF605BA9AF62}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{E9D746C0-8108-4D3F-856F-0B8E88844D63}" [C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe]
"C:\Windows\SysNative\tasks\{EC9BF912-F05C-4B56-B200-82F74A037AD0}" [C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe]
"C:\Windows\SysNative\tasks\{F153F805-2E31-4E5B-97C7-FD71BC0BEB55}" [C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe]
"C:\Windows\SysNative\tasks\{F42A0C80-5557-42CB-8465-6164EBAD88A8}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{F565868D-6352-46C1-9D78-ACC152BA5AFC}" [C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe]
"C:\Windows\SysNative\tasks\{F92FDF9D-A098-4E5B-A8B0-BFD8B84ACFF9}" [C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe]
"C:\Windows\SysNative\tasks\{FB5E2E38-F3B5-4A82-9033-18D3A4773C95}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\{FC2419A3-3ADC-4196-AAA4-5A5977A662CF}" [C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe]
"C:\Windows\SysNative\tasks\{FE23A538-ED0A-40E0-87B2-0FA07139C608}" [C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\AVG\PC Tuneup\Integrator\Scan and Repair" [C:\Program Files (x86)\AVG PC TuneUp 10.0.0.27 PreCracked\BoostSpeed.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
- TinyWallet - %ProfilePath%\extensions\[email protected]
- QuickShare Widget - %ProfilePath%\extensions\{78f95c9b-16b5-4f71-a733-87632abd4c0c}
- Universal Downloader - %ProfilePath%\extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}
- PutLocker Downloader - %ProfilePath%\extensions\[email protected]
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- WordOv - %AppDir%\extensions\[email protected]
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
C10124951491578DDFDF44B33CA41C6F - C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
CE936F5D5A19A82627DBC3381658CD2F - C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
9C06DBC403F91D518ED117E460F03F85 - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility for IJ

==== Deleted Firefox Extensions ======================

C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\extensions\[email protected] deleted
C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\extensions\{78f95c9b-16b5-4f71-a733-87632abd4c0c} deleted

==== Chromium Look ======================

TinyWallet - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - fbwuser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - fbwuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - fbwuser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
Advanced SystemCare Surfing Protection - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
TinyWallet - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
TinyWallet - Nigel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
Google Slides - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Video downloader pro - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem
Video Downloader professional - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil
Google Sheets - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Video Downloader - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo
Google Wallet - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
TinyWallet - Nigel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc
Google Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Speed Analysis 2 - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
uTorrentControl_v2 - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Advanced SystemCare Surfing Protection - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
DivX Plus Web Player HTML5 \u003Cvideo\u003E - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
Webroot - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab
Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
DivX Browser Bar - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho

==== Chromium Startpages ======================

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences
d":true,"name":"DivX Plus Web Player"},{"enabled":true,"name":"DivX VOD Helper Plug-in"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Java™"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"QuickTime Player"},{"enabled":true,"name":"RealPlayer"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"VLC Web Plugin"},{"enabled":true,"name":"iTunes Application Detector"}],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"is_managed":false,"name":"First user"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"urls_to_restore_on_startup":["http://www.google.co..._allowed":false}}

==== Chromium Fix ======================

C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage-journal deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hnmpgleggfcndpeflbjhpjfckfmojnpo_0.localstorage deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hnmpgleggfcndpeflbjhpjfckfmojnpo_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\fbwuser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\fbwuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\fbwuser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Nigel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully
C:\Users\Nigel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfjhbopkljfnapfipfodnnepobhaohlc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft....k/?LinkId=54896"
"Search Bar"="http://go.microsoft....k/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft....k/?LinkId=54896"
"Search Bar"="http://go.microsoft....k/?LinkId=54896"
"Start Page"="http://go.microsoft....k/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft....k/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft....k/?LinkId=54896"
"Search Bar"="http://go.microsoft....k/?LinkId=54896"
"Start Page"="http://go.microsoft....k/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft....k/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft....k/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn...st/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...Box&FORM=IE8SRC"
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google  Url="http://www.google.co...{outputEncoding?}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F15D41BF44F77D4680D77D7C66B2C53 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B14D51F5-F44F-4D77-86D0-777D6CB6C235} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5F15D41BF44F77D4680D77D7C66B2C53 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bench Communicator Watcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bench Settings Cleaner deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BService deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BService64 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloaderUltimate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wd deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WRSVC deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Classic .NET AppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\CLASSI~1.NET\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1264 folders=244 154715988 bytes)

==== Empty Temp Folders ======================

C:\Users\Classic .NET AppPool\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp emptied successfully
C:\Users\Nigel\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\TEMP\AppData\Local\temp emptied successfully
C:\Users\CLASSI~1.NET\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nigel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 10/21/2014 at  8:50:26.89 ======================


  • 0

Advertisements


#47
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
ZOEK removed next amount of junk. Let's see where are we now.



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.


I won't be able to respond today anymore (most probably will be visiting from mobile). Should be here tomorrow morning of my time.
  • 0

#48
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

OK..... Hope you have a good day

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Nigel (administrator) on NIGEL-PC on 21-10-2014 11:35:00
Running from C:\Users\Nigel\Desktop
Loaded Profile: Nigel (Available profiles: Nigel & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoSharedDocuments] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-18\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM-x32 - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo_ff.xml
FF Extension: TinyWallet - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-10-12]
FF Extension: Universal Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2014-10-12]
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-01]
FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-10-19]

Chrome:
=======
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Google Sheets) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (Google Wallet) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2  AnviStartupTime; C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Startup Booster\StartupTimeSrv.exe [193256 2013-05-07] (Anvisoft)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166408 2013-01-25] (Microsoft Corp.)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S3 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RealPlayer Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1418336 2013-12-10] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [29320 2013-10-25] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S3 avgfws; No ImagePath
S3 AVGIDSAgent; No ImagePath
S3 avgwd; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-06-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
S1 AntiLog32; No ImagePath
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-05-25] (Advanced Micro Devices) [File not signed]
S4 Avgfwfd; No ImagePath
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
S4 btwaudio; No ImagePath
S3 btwavdt; No ImagePath
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S4 btwl2cap; No ImagePath
S4 btwrchid; No ImagePath
S3 cxpl_mhd; C:\Windows\System32\drivers\y_cx88x.sys [714752 2009-06-22] (Conexant Systems, Inc.) [File not signed]
S3 gmPS2up; C:\Windows\System32\DRIVERS\gmPS2up.sys [9216 2013-06-01] () [File not signed]
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
S3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-28] (JMicron Technology Corp.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [18456 2012-01-10] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
S1 SASDIFSV; No ImagePath
S1 SASKUTIL; No ImagePath
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
S4 VGPU; No ImagePath
S4 zghsdiag; No ImagePath
S4 zghsmdm; No ImagePath
S4 zghsnmea; No ImagePath
S3 cpuz134; \??\C:\Users\Nigel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U0 helpsvc; No ImagePath
U2 ImapiService; No ImagePath
U2 Irmon; No ImagePath
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
U0 UPS; No ImagePath
U2 WZCSVC; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 11:35 - 2014-10-21 11:35 - 00029188 _____ () C:\Users\Nigel\Desktop\FRST.txt
2014-10-21 11:34 - 2014-10-21 11:34 - 00000000 ____D () C:\Users\Nigel\Desktop\FRST-OlderVersion
2014-10-21 11:33 - 2014-10-21 11:34 - 00000000 ____D () C:\Users\Nigel\Desktop\Farbar Reports
2014-10-21 10:26 - 2014-10-21 10:26 - 00001521 _____ () C:\Users\Nigel\Desktop\iexplore - Shortcut.lnk
2014-10-21 10:07 - 2014-10-21 10:07 - 00002227 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-21 10:07 - 2014-10-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-21 10:04 - 2014-10-21 10:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-21 10:04 - 2014-10-21 10:04 - 00001989 _____ () C:\Users\Nigel\Desktop\Adobe Reader XI.lnk
2014-10-21 06:20 - 2014-10-21 05:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-21 05:48 - 2014-10-21 08:50 - 00105743 _____ () C:\Users\Nigel\Desktop\zoek-results.log
2014-10-21 05:44 - 2014-10-21 06:16 - 00000000 ____D () C:\zoek_backup
2014-10-21 05:20 - 2014-10-21 05:20 - 01290752 _____ () C:\Users\Nigel\Desktop\zoek.exe
2014-10-20 16:51 - 2014-10-20 16:55 - 00000000 ____D () C:\AdwCleaner
2014-10-20 16:50 - 2014-10-20 16:50 - 01976320 _____ () C:\Users\Nigel\Desktop\AdwCleaner.exe
2014-10-20 15:53 - 2014-10-20 15:53 - 00005897 _____ () C:\Users\Nigel\Desktop\JRT.txt
2014-10-20 15:47 - 2014-10-20 15:47 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 15:03 - 2014-10-20 15:03 - 01705698 _____ (Thisisu) C:\Users\Nigel\Desktop\JRT.exe
2014-10-20 14:48 - 2014-10-20 14:48 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-20 14:02 - 2014-10-21 11:34 - 02110976 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2014-10-20 13:38 - 2014-10-21 10:06 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Deployment
2014-10-20 13:24 - 2014-10-20 13:22 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-20 13:23 - 2014-10-20 13:23 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-20 13:23 - 2014-10-20 13:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-20 13:23 - 2014-10-20 13:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 13:22 - 2014-10-20 13:22 - 00000000 ____D () C:\Program Files\Java
2014-10-20 12:42 - 2014-10-20 12:42 - 31029672 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u71-windows-x64 (1).exe
2014-10-20 12:41 - 2014-10-20 12:42 - 31029672 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u71-windows-x64.exe
2014-10-20 12:41 - 2014-10-20 12:41 - 31036328 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u72-windows-x64.exe
2014-10-20 12:40 - 2014-10-20 12:41 - 43735040 _____ () C:\Users\Nigel\Downloads\jre-7u71-windows-x64.gz
2014-10-20 12:23 - 2014-10-20 12:24 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25 (2).exe
2014-10-20 12:21 - 2014-10-20 12:21 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25 (1).exe
2014-10-20 12:07 - 2014-10-20 12:07 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25.exe
2014-10-19 16:39 - 2014-10-19 16:39 - 00000000 ____D () C:\MGADiagToolOutput
2014-10-19 16:38 - 2014-10-19 16:38 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2014-10-19 16:26 - 2014-10-21 06:25 - 00001344 _____ () C:\Windows\setupact.log
2014-10-19 16:26 - 2014-10-19 16:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-19 16:25 - 2014-10-21 06:24 - 00008000 _____ () C:\Windows\PFRO.log
2014-10-19 16:25 - 2014-10-19 16:29 - 04968456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 12:09 - 2014-10-19 12:40 - 00000967 _____ () C:\Users\Nigel\umbrella0.log
2014-10-19 11:49 - 2014-10-19 16:29 - 00110136 _____ () C:\Users\Nigel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 11:37 - 2014-10-19 11:51 - 00000000 ____D () C:\Users\Nigel\Downloads\iPhone Related
2014-10-19 05:57 - 2014-10-20 09:18 - 00000000 ____D () C:\Users\Nigel\Downloads\Geeks_To_Go_Help
2014-10-19 01:18 - 2014-10-19 01:18 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-19 00:20 - 2014-10-21 11:35 - 00000000 ____D () C:\FRST
2014-10-18 23:10 - 2014-10-21 08:50 - 00000000 ___RD () C:\Users\Nigel\iCloudDrive
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apple Inc
2014-10-17 13:50 - 2014-10-17 13:51 - 00001680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-10-17 13:50 - 2014-10-17 13:50 - 00000384 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-10-17 12:41 - 2014-10-17 15:18 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-15 15:50 - 2014-10-15 15:50 - 00006948 _____ () C:\Windows\system32\ScanResults.xml
2014-10-15 15:41 - 2014-10-15 15:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-10-14 19:02 - 2014-10-14 20:20 - 00000585 _____ () C:\Windows\w32dasm8.ini
2014-10-14 19:02 - 2014-10-14 19:02 - 00003218 _____ () C:\Windows\System32\Tasks\{E593581A-1EAB-4FD9-B360-D63A08BB6A7B}
2014-10-14 18:06 - 2014-10-14 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-14 17:19 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 17:19 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 17:18 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 17:18 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 17:18 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 17:18 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 17:18 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 17:18 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 17:18 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 17:18 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 17:18 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 17:18 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 17:17 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 17:17 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 17:17 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 17:16 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 17:16 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 17:14 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 17:14 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 17:14 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 17:14 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 17:14 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 17:14 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 17:14 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 17:14 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 17:14 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 17:14 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 17:14 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 17:14 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 17:14 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 17:14 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 17:14 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 17:14 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 17:14 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 17:14 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 17:14 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 17:14 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 17:14 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 17:14 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 17:14 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 17:14 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 17:14 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 17:12 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 17:12 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 17:12 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 17:12 - 2014-08-28 22:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 17:10 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 17:10 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 17:10 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-12 00:14 - 2014-10-12 00:14 - 00000000 ____D () C:\Users\Nigel\Downloads\Foot_Farm
2014-10-10 10:45 - 2014-10-10 10:46 - 191527745 _____ () C:\Users\Nigel\Downloads\Armageddon.mp4
2014-10-04 11:31 - 2014-10-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-01 07:11 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:11 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 11:51 - 2014-09-29 11:51 - 00000000 ____D () C:\Users\Nigel\AppData\Local\DDMSettings
2014-09-26 01:13 - 2014-09-26 01:35 - 00000000 ____D () C:\Users\Nigel\AppData\Local\pangu
2014-09-24 12:44 - 2014-09-04 15:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-24 12:44 - 2014-09-04 15:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-24 07:28 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 07:28 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 12:28 - 2014-09-22 12:28 - 00000823 _____ () C:\Users\Nigel\Desktop\µTorrent.lnk
2014-09-22 12:22 - 2014-10-19 17:56 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\uTorrent
2014-09-22 12:14 - 2014-10-20 12:14 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-09-22 06:05 - 2014-09-22 06:05 - 00003350 _____ () C:\Windows\System32\Tasks\Eakona Update
2014-09-22 05:32 - 2014-10-17 13:00 - 00000000 ____D () C:\Users\Administrator
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-22 05:17 - 2014-09-22 05:20 - 00450352 _____ (Microsoft Corporation) C:\Users\Nigel\Downloads\FixitCenter_Run.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 11:33 - 2013-02-27 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-21 11:11 - 2013-02-28 03:11 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-21 10:39 - 2013-09-29 15:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job
2014-10-21 10:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-21 10:11 - 2013-02-28 03:11 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 10:08 - 2013-09-28 13:55 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Adobe
2014-10-21 10:06 - 2013-02-28 03:11 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-21 10:06 - 2013-02-28 03:11 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-21 10:06 - 2013-02-28 03:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-21 09:50 - 2014-06-09 02:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-21 08:50 - 2013-03-01 01:12 - 00000008 __RSH () C:\Users\Nigel\ntuser.pol
2014-10-21 08:50 - 2013-02-20 22:07 - 00000000 ____D () C:\Users\Nigel
2014-10-21 06:34 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 06:34 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 06:32 - 2013-02-21 01:01 - 01194124 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 06:25 - 2014-07-12 21:30 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-21 06:24 - 2013-03-19 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-21 06:24 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-21 06:06 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-21 06:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-20 23:05 - 2014-09-20 12:50 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Nigel
2014-10-20 23:05 - 2014-09-20 12:50 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job
2014-10-20 17:39 - 2013-09-29 15:40 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job
2014-10-20 16:55 - 2013-02-27 19:14 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\CheckPoint
2014-10-20 15:50 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 15:48 - 2013-04-16 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-20 14:48 - 2013-10-06 17:09 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-20 14:40 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\Documents\Outlook Files
2014-10-20 13:38 - 2013-10-07 15:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apps\2.0
2014-10-20 13:33 - 2013-07-13 02:52 - 00000000 ____D () C:\Users\Nigel\AppData\Local\CrashDumps
2014-10-20 13:17 - 2014-09-20 12:50 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Nigel
2014-10-20 13:17 - 2014-09-20 12:50 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job
2014-10-20 12:29 - 2014-08-06 12:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 12:27 - 2013-09-30 13:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 12:06 - 2014-01-27 15:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 16:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-19 15:58 - 2013-03-01 02:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-19 15:49 - 2014-01-24 20:41 - 00000000 ____D () C:\Program Files\Adobe
2014-10-19 15:49 - 2013-02-27 22:11 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Adobe
2014-10-19 15:47 - 2013-02-28 13:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-19 15:44 - 2014-01-24 20:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-19 15:36 - 2014-09-13 00:16 - 00003300 _____ () C:\Windows\System32\Tasks\Chrome Launcher
2014-10-19 15:34 - 2014-05-22 12:07 - 00000000 ____D () C:\Users\Nigel\Desktop\Miscel
2014-10-19 12:41 - 2013-11-24 18:10 - 00449786 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-10-19 12:39 - 2013-10-11 04:54 - 00000000 ____D () C:\Users\Nigel\.shsh
2014-10-18 23:10 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\AppData\Local\204F97F3-3D38-41EE-A1A9-FA8BE5878D8B.aplzod
2014-10-18 23:10 - 2013-02-27 19:24 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Apple Computer
2014-10-18 11:46 - 2013-03-01 02:36 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-17 16:59 - 2013-05-29 22:37 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\vlc
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 12:04 - 2013-04-22 19:16 - 00000000 ____D () C:\Windows\Minidump
2014-10-16 16:56 - 2013-03-01 15:33 - 00847994 _____ () C:\Windows\system32\perfh019.dat
2014-10-16 16:56 - 2013-03-01 15:33 - 00204178 _____ () C:\Windows\system32\perfc019.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00787002 _____ () C:\Windows\system32\perfh005.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00195964 _____ () C:\Windows\system32\perfc005.dat
2014-10-16 16:56 - 2009-07-14 01:13 - 02972908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 21:24 - 2014-04-23 06:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 19:14 - 2013-12-13 17:25 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-14 19:14 - 2013-12-11 04:29 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-10-14 18:23 - 2013-03-01 23:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 18:05 - 2013-07-13 02:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 17:22 - 2013-02-27 17:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 15:35 - 2013-03-01 18:15 - 00000000 ____D () C:\Users\Guest
2014-10-14 15:20 - 2014-08-20 02:49 - 00000000 ____D () C:\Users\Nigel\AppData\Local\WinZip
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-08 14:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 20:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-04 09:09 - 2014-09-20 12:50 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job
2014-10-04 08:45 - 2014-09-20 12:50 - 00002666 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel
2014-10-02 12:45 - 2013-09-20 20:09 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-10-02 12:45 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2014-10-02 02:19 - 2013-04-20 01:19 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\dvdcss
2014-10-01 11:11 - 2014-06-09 02:48 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-09 02:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2013-12-11 13:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 12:45 - 2013-03-19 17:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-24 04:33 - 2013-02-27 22:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 04:33 - 2013-02-27 22:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 04:33 - 2013-02-27 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-22 05:32 - 2013-03-01 18:17 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-22 05:32 - 2013-02-28 03:11 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Google
2014-09-22 02:42 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-22 00:14 - 2014-05-22 04:24 - 00003476 _____ () C:\Windows\System32\Tasks\GPUpdateCheck

Some content of TEMP:
====================
C:\Users\Nigel\AppData\Local\Temp\bs.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-21 06:54

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Nigel at 2014-10-21 11:36:23
Running from C:\Users\Nigel\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.166.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - Canon Inc.)
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DMG Extractor (HKCU\...\DMG Extractor) (Version: 1.2.3.0 - Reincubate Ltd)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
ImTOO iPhone Photo Transfer (HKLM-x32\...\ImTOO iPhone Photo Transfer) (Version: 1.1.4.20131114 - ImTOO)
ImTOO iPhone SMS Backup (HKLM-x32\...\ImTOO iPhone SMS Backup) (Version: 1.0.13.20140211 - ImTOO)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.6.6.0 - Reincubate Ltd)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.14.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PE988 (HKLM\...\{6F8ECA7B-420F-4D63-B866-B83737EB3E76}) (Version: 6.0.77 - YUAN)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickShare (HKLM-x32\...\{62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E}) (Version: 1.6.1.949 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E8C86A07-99F1-4750-A6CF-C4ED5211A146}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoDownloaderUltimate (HKCU\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.23 - Link64)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2) (HKLM\...\E3446990DE8D5843AECCB8B0EF4E7D8DBF5E78B2) (Version: 07/12/2011 1.8.4.2 - Apple)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500) (HKLM\...\79B5284AC8847651E6939E5B2FB1A473E6C9D19B) (Version: 01/20/2010 6.3.0.3500 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800) (HKLM\...\5BB2352543C023211B5CDA6229832626C218EB7F) (Version: 01/28/2010 6.3.0.3800 - Broadcom Corporation)
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077) (HKLM\...\34BE71CBF435D6B34FFAF9BA68AD921E99CF4065) (Version: 11/08/2011 6.0.32.0077 - YUAN TV DRIVER)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

28-09-2014 09:37:09 Windows Update
28-09-2014 23:00:28 Windows Backup
02-10-2014 05:14:16 Windows Update
04-10-2014 15:26:38 Removed iCloud
04-10-2014 15:30:47 Installed iCloud
05-10-2014 15:50:44 Windows Update
05-10-2014 23:00:22 Windows Backup
08-10-2014 19:37:35 Windows Update
10-10-2014 04:01:33 Microsoft Antimalware Checkpoint
12-10-2014 00:32:26 Windows Update
12-10-2014 23:01:33 Windows Backup
14-10-2014 18:00:01 Restore Operation
14-10-2014 19:36:04 Windows Backup
14-10-2014 21:20:04 Windows Update
16-10-2014 19:17:02 Windows Backup
16-10-2014 23:08:12 Reimage Express Restore Point
17-10-2014 12:55:06 Reimage Express Restore Point
17-10-2014 13:09:23 Uninstalled with Total Uninstall ""
17-10-2014 15:53:12 Revo Uninstaller's restore point - Google+ Auto Backup
17-10-2014 16:51:36 Installed STOPzilla
17-10-2014 17:00:05 STOPzilla Restore Point.
17-10-2014 18:00:24 Removed STOPzilla
18-10-2014 17:58:42 Windows Update
19-10-2014 16:17:02 Microsoft Antimalware Checkpoint
19-10-2014 19:50:27 Removed Adobe Acrobat XI Pro.
19-10-2014 23:03:13 Windows Backup
20-10-2014 16:07:42 Removed Java 8 Update 25
20-10-2014 16:24:27 Removed Java 8 Update 25
20-10-2014 16:44:36 Installed Java 7 Update 71 (64-bit)
20-10-2014 17:19:23 Installed Java 7 Update 72 (64-bit)
21-10-2014 09:48:22 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-03-01 02:10 - 2014-10-19 12:41 - 00449787 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 www.iobit.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {000612EA-70A0-4C63-89A1-8C5AEA7EFE8D} - System32\Tasks\{2C7ACBC0-7276-4542-8CD7-529B4D9AA8CC} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {006F7C01-5F0E-4150-9C4D-DE30C78C24A1} - System32\Tasks\{5FB22839-DCD7-44B2-8A12-F735271B7366} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {02E826AC-35DE-482B-94B2-15A0559936CE} - System32\Tasks\{81C5B8D4-8F2D-4A27-9184-EED41C281D3E} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {05A07841-8538-4FA8-A72E-58D63EF246DB} - System32\Tasks\{A2992F5E-09C1-403A-B59B-A743630AD888} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {079ADE9F-71D9-4F2F-ACD6-13E8E77D1F92} - System32\Tasks\Csb_IdleScan_Task => C:/Program Files (x86)/Anvisoft/Cloud System Booster/CloudSystemBooster.exe [2014-08-20] (Anvisoft)
Task: {093963F0-A29D-40AE-99C1-75A26902A885} - System32\Tasks\Test TimeTrigger => C:\Users\Nigel\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {0A818F3C-A3E3-4122-B3F0-19729F7CCE12} - System32\Tasks\{7DB33574-0FEC-4FC6-92B5-1663FE05B401} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {0DCD46B0-0A93-41AF-A417-D30980C7434D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {1038BF1B-FF84-473E-9470-CF2542F8734B} - System32\Tasks\{621D54F1-F962-49FF-80F3-E4901E48F97F} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {10ADD4C1-18C7-4959-B6A6-55B7612B9981} - System32\Tasks\{9B93F1C1-BAE0-4547-A7F4-436DCB981174} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {123565F3-0D19-410B-A6DA-88F89AD0DB10} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {12EFB081-B6B7-498C-B0EB-5B466DCAC3DB} - System32\Tasks\{C1FD0AF3-F142-4A98-8F71-C27459CCC326} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {169AAA98-589D-4EF5-99E6-164E9E990614} - System32\Tasks\{73CE8116-3FE9-4BB0-9ECF-FF9EF71B71CC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {169CA07C-AC46-4953-8DA6-2580DBCF974F} - System32\Tasks\{2D439E47-B377-4F2A-84A7-1FFFB9315E27} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {186E7797-9FE8-4A70-9B8A-BB997C6DC598} - System32\Tasks\{CC0FD0E2-776D-4B23-B75B-DA619AA69C1B} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {1AFB0322-06B1-4B25-A4D1-2EC13633A456} - System32\Tasks\{10054E13-B4D2-4038-A149-7D7CD286D5BC} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {1FE31CA9-9587-4D90-B97B-4874FE0DD994} - System32\Tasks\{3809E01F-7D74-419D-A04E-475AC9AC0104} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {2199150D-38EE-40E0-932A-C547AFC1CDCE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {22E21245-ACCB-45D9-86D9-43D186C24EE0} - System32\Tasks\{1C9473D9-9587-4262-BED4-CE9A0A5B7132} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {22ED1B6B-B453-4340-A791-B7610BD18DAD} - \ss u helper-S-9665547 No Task File <==== ATTENTION
Task: {23925085-F16B-480C-893C-00F6B4471DB4} - System32\Tasks\{6FCAAA83-1380-4B01-827E-618BDC4C8749} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {251F1F0E-642E-4773-9A4F-BEB433A9277B} - System32\Tasks\{0F35E7D5-B3FA-4E4F-B3C2-695339938076} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {26D1CC47-7787-49E1-91F4-1C5B5053B481} - System32\Tasks\{28980DF0-B3B8-477B-B624-7B366C1E9F82} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {293E9808-104D-47BB-BAAD-6C879853839B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2963DDCF-57EB-43AE-890A-DF5A98B7AEC7} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe
Task: {29FCDBB3-E067-422E-B938-73B7521C3370} - System32\Tasks\{84129D00-A527-4272-9EAF-734B4C1137A6} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {317E9D0C-E965-4647-AF45-C426E3C47409} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {32608733-4D6D-47E7-89BF-37F1B22B89B9} - System32\Tasks\{DAE296A8-D8A2-4199-8500-2224FE88CDAF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {349B5B62-DEAF-4B16-93FE-DE7C169ABE66} - System32\Tasks\ReclaimerUpdateFiles_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {368FD478-750D-48DA-98C1-91A0AC9154BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3885C983-81FD-4929-94F2-BADDDEC585E8} - System32\Tasks\{E9D746C0-8108-4D3F-856F-0B8E88844D63} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {3A28F420-CA2E-41C7-98E6-090BD717828D} - System32\Tasks\{1BB641A5-4C01-461B-A3CA-3EE7A8AFC753} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {3A662C89-E799-4D3F-A277-2C6AE51F2D5D} - System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {3AE4BFDD-06D3-4A72-A031-752C12C5A1FC} - System32\Tasks\{3CED81EB-75E9-4886-9345-6F8A59F71133} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {3AE64DE5-B4CB-4FEE-8261-3C44EC6592F2} - System32\Tasks\{DA2D6784-B468-41D6-A9C3-E6456F0ECEDC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {3C0C5E3A-2FD6-4BE1-9044-A2D75313532F} - System32\Tasks\{3A0372C4-11E7-4A9F-97D8-DA624D7A58FD} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {3FC269B9-8C6C-4A9E-9628-2490CDAF8E1D} - System32\Tasks\{F565868D-6352-46C1-9D78-ACC152BA5AFC} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4351F10C-E69D-4B69-945D-08C1F0EBDD8A} - System32\Tasks\{8F6CAC86-F380-4C50-8006-36939E72777D} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {449F4E01-3C7C-4D28-ABBA-828539A83685} - System32\Tasks\{C418A8B2-9255-49E4-A6E9-4D7CA82ADDD3} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {44E0ECA0-F601-4090-B027-8CD419F677AD} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {459C1231-E4FD-4849-B9C5-FBA0C5BB8245} - System32\Tasks\{2A23BB18-DE5C-43BD-BC52-72961C9849D3} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {467D8819-3E3A-417E-863A-3DF0E112FCB5} - System32\Tasks\{AE34398D-666B-4CCE-BC8F-DB48148EA13F} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4BE74FA7-42CD-41FE-B40D-F9E9C441537E} - System32\Tasks\{BAF80243-FBA1-4E89-95EB-C0D3AA496914} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {4F2DEE36-7405-4E0C-8129-21A2BBD59B4E} - System32\Tasks\{AEE3B048-B798-479B-B577-03A229A26271} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {51745400-A8A2-46E2-A2AA-F90FD82B42A5} - System32\Tasks\{924020A1-5A40-46D8-ADE0-8DF0D267C4CA} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {51DF843C-2317-46CB-8DCD-9786748EF292} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {56459790-A92F-4CDA-AF94-876D74EBEC31} - System32\Tasks\{9FAA2EAA-5333-4F67-897D-042DC1118AEF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {5852944E-E3BF-47B0-A8CD-EE9B9FCC856C} - System32\Tasks\{48E4D8DA-0C19-4658-B79C-C5078590BEEF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {59D050C2-9DFB-4BBB-9BEF-9B5072BDAE74} - System32\Tasks\{FE23A538-ED0A-40E0-87B2-0FA07139C608} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {5A655E23-C498-4B5F-A959-B0588BD8C6CB} - System32\Tasks\{73825FD6-27E8-44E3-A92D-5506AD1B97FA} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {5C75FAF9-9DA8-4844-8416-2228A7785B44} - System32\Tasks\{FC2419A3-3ADC-4196-AAA4-5A5977A662CF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {6032B365-3830-4CD5-AE92-FE6D4561AE51} - System32\Tasks\{881571A8-9200-4CB5-B498-2A83A9E86DA6} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {60E328B8-E650-45BE-8878-404EE5B610F8} - System32\Tasks\{87D481AC-6BB3-4473-B7AD-3607DCEA8756} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {6260FD1A-D38B-44C5-A055-52AB153435FD} - System32\Tasks\{11B3F5B9-1B08-4582-8226-996CDA70793D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {65685772-F1F4-4A8B-8875-60D89FD5137A} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {667FC555-EBE8-4B7E-A24B-C32A0943A876} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {67309B44-4BBA-46A8-94CE-66F0E4118D55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7033CB6B-822E-422C-B3A5-285638759605} - System32\Tasks\{F92FDF9D-A098-4E5B-A8B0-BFD8B84ACFF9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {708D0DCC-2C04-499E-BB51-26648D454A7B} - System32\Tasks\{C174E770-DDA8-43A4-B145-1DDB63E80EFB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {77090DF9-6BCB-46BD-A052-595EF90E516D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {79C33A83-58DD-44FC-87EE-B1EAC391332E} - System32\Tasks\{4A2DD742-0F4E-41E5-8164-8C4079E1D14C} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {7C43B3B7-D555-40E2-9548-D0461CBC676F} - System32\Tasks\{7B644DAF-35C5-439A-952A-E355469DEE4A} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {7CC66EF8-31F6-4E5C-BFE2-92851B0A97E8} - System32\Tasks\ReclaimerUpdateXML_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {7D16292D-72E8-4AE0-A281-77217F353C3C} - System32\Tasks\{C6D7FCF8-E7B1-4703-8194-D75C03B4DF37} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {7EC72E42-E0D9-4DB7-B499-3BC25912A497} - System32\Tasks\{4AACEB05-CFC0-4279-9403-CC99773EDDCF} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {7F733B87-02E8-479E-8440-514AE88C24A7} - System32\Tasks\{6D7101B6-EC94-4CD8-9786-A08EE5E54F8F} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {807F5556-47D5-4EC7-8562-1CC7C96009B0} - System32\Tasks\Eakona Update => C:\ProgramData\Eakona\update15.exe
Task: {81A0FB29-85F8-4BFA-8F27-A54082550447} - System32\Tasks\Driver Booster SkipUAC (Nigel) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {83AFC484-8A32-40B4-8A02-9E064C609D88} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {84589CC3-E682-4196-B545-F1A996BDD4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {84CFA5CB-FE45-4E62-8842-A69B2BC7833D} - System32\Tasks\{544F44BF-F291-4E18-8BF3-60C0E38A8E9D} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {8565466B-33EA-453A-9A44-FB10FED0EBE0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {8C433082-E77E-4688-BF0E-6CB3A25A77DD} - System32\Tasks\{1D1A5A4A-8E61-4697-AC2F-51D7EE009786} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {90473550-E850-4BFB-9244-5EE77EF732AA} - System32\Tasks\{1F60F57D-30CA-4034-BC06-941D7B6CD9F0} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {951DCD93-192C-435E-A657-97B8861D29D7} - System32\Tasks\{72C600E9-A2FB-4A6C-8EDB-4B7FD35F3BE0} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {96424976-48F4-4F52-A759-B19F12A6F4AF} - \YourFileDownloader Installer Starter No Task File <==== ATTENTION
Task: {96878061-26E9-49D3-8B8B-6CC548CA5809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {992CD035-8FA6-4179-8F27-6451EAC9B25E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {9B7E1E6B-8E4C-4230-9B53-6F404F3C8FA3} - System32\Tasks\RNUpgradeHelperResumePrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {A08E06B3-13BE-4A64-8BE4-BA75BFE3CF80} - System32\Tasks\{DCD6F798-3E9A-4E0B-BD8F-4F1A56C6E1A5} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {A5E73495-E96E-4AB8-AF93-C21EC0416E5A} - System32\Tasks\{1A248453-EA28-4123-BDBE-21B643214981} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {A5FEAF99-0991-43FE-AA1F-D8046B57BAEE} - System32\Tasks\{E053BCD8-88B4-40F6-B0E9-54B4C0E2DB24} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {A865B493-DC39-4096-A89C-F345384C3AF4} - System32\Tasks\{6F328AA4-E7BC-4E55-8580-8DD694CC3ADB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {A8818490-0854-4337-B395-4A370F92FE89} - System32\Tasks\{21766169-89C2-49F6-BB8F-AB224E395A1B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {AB23705A-DE13-4C0F-9DC8-275734E6618D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB54D713-8B71-4989-A1B2-F224EB44A3AE} - System32\Tasks\{8571D682-9355-4007-A9C8-52B226CC06A8} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {AEA2DCEC-1540-4417-808E-F885D955417D} - System32\Tasks\{F42A0C80-5557-42CB-8465-6164EBAD88A8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {AEB6797F-3C8C-4FEC-ADF2-D899CAF39D65} - System32\Tasks\{4BD65B01-0AE9-4A43-B2F7-CF6128EA21A9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {AF7D2CEF-584D-4481-8C36-2503A983A9DB} - System32\Tasks\AdobeAAMUpdater-1.0-Nigel-PC-Nigel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {B2EE0003-6F1B-4C22-8D48-992FB5AABE0A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B41A22EC-4CB5-4AFE-8BEA-5B01E5AE43EE} - System32\Tasks\{E400AB86-5A44-4228-A3CE-AF605BA9AF62} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {B7FC23B2-7EC7-4C96-8161-B3CFB715E737} - System32\Tasks\{9ED700B8-ECDA-427C-B8E3-2791A2E2DCD7} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {BBC765F7-D309-4BD8-BA18-A107F6F5948E} - System32\Tasks\{077AA7A5-1BD3-4EFA-ABDB-DFB6174D3071} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C11C6FBD-A367-4737-8923-386DAD5DC884} - System32\Tasks\{B15A5C3F-6909-4D9D-AEEA-7873D50CBFC1} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {C3F97A9C-6154-4CED-BFDC-028EF0188789} - System32\Tasks\{F153F805-2E31-4E5B-97C7-FD71BC0BEB55} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C435B79A-12EE-4AF1-9117-FC0211600E4D} - System32\Tasks\{50FFBF50-AA52-4ED1-B6A2-ABE0AB7A1FA8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {CF517E06-FF2E-40D8-90A8-38618541F7C7} - System32\Tasks\{25E512C9-6BF5-4F04-AD7A-771D90B5EA74} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {D7F7BD77-BA36-439A-912A-E42FFD28F48F} - System32\Tasks\{D8FD28E2-15C2-4D62-A60C-F8B55E46DD86} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DDD4F934-C2EF-42A7-A324-93D7B98AF47E} - System32\Tasks\{9FBD2980-03DB-418A-8BE2-EFEF5DFC542B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DF1AD657-5EA2-47B0-98BF-F60D6C449CB5} - System32\Tasks\{74F22C14-D49E-46A3-89CB-999F91FAE2D9} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {DF61FCD0-E3FE-4055-9FCD-C17C2A9196F3} - System32\Tasks\{5F84FB09-08A8-499F-B17F-7CCCA4EE158D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {E5004064-C3D0-4FB4-BC0E-D9653316B938} - System32\Tasks\{154733BA-4DA3-4301-AD83-0230D0C5461D} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {E605B7D6-DB52-4020-9B63-D4FB2ED3B067} - System32\Tasks\{FB5E2E38-F3B5-4A82-9033-18D3A4773C95} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {E9FBC6F9-B382-4931-B10F-BE788B37743E} - System32\Tasks\{52EC31A4-035C-4281-B156-1FFA146BEFB5} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {EF39CFC0-6789-43E7-B770-1BD31EACB6A4} - System32\Tasks\{698C9EF4-C460-4000-8D89-333C6772CA58} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {F0ADDC43-8010-4AD0-9C2A-3DCDF5A12CCD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {F2AB3193-B105-41BA-ACC2-A89251B966ED} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe
Task: {FCA5B4FE-154E-4649-82C9-519B0DFFAEA0} - System32\Tasks\{EC9BF912-F05C-4B56-B200-82F74A037AD0} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {FE0838BE-005B-4A21-A157-EEBC70F1FF49} - \GPUP No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2013-03-19 17:05 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-01 06:54 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-01 06:54 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2014-10-21 10:06 - 2014-10-09 22:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-21 10:06 - 2014-10-09 22:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-21 10:06 - 2014-10-09 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-21 10:06 - 2014-10-09 22:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\system32\Drivers\ktlxumic.sys:changelist

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile:  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ASCAntivirusSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3
MSCONFIG\Services: RealPlayer Desktop Service => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 3
MSCONFIG\Services: WRSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk => C:\Windows\pss\Install Webroot IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk => C:\Windows\pss\LaunchU3.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A1Clean.lnk => C:\Windows\pss\A1Clean.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
MSCONFIG\startupreg: mmonitor => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe hide=1
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: swg => c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-425073729-1472267466-4260431720-500 - Administrator - Disabled)
Guest (S-1-5-21-425073729-1472267466-4260431720-501 - Limited - Enabled) => C:\Users\Guest
Nigel (S-1-5-21-425073729-1472267466-4260431720-1000 - Administrator - Enabled) => C:\Users\Nigel

==================== Faulty Device Manager Devices =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2014 06:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 05:01:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 04:44:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 04:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Nigel-PC.local already in use; will try Nigel-PC-2.local instead

Error: (10/20/2014 04:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 Nigel-PC.local. Addr 192.168.1.70

Error: (10/20/2014 04:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:E05F:B4BA:4FC3:8D20

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:0000:0000:0000:0045

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:    4 Nigel-PC.local. Addr 192.168.1.70

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Nigel-PC.local. AAAA FE80:0000:0000:0000:E05F:B4BA:4FC3:8D20

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:E05F:B4BA:4FC3:8D20

System errors:
=============
Error: (10/21/2014 08:51:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/21/2014 07:03:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy service failed to start due to the following error:
%%1053

Error: (10/21/2014 07:03:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

Error: (10/21/2014 07:03:03 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (10/21/2014 06:27:28 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd
SASDIFSV
SASKUTIL

Error: (10/21/2014 06:27:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Diagnostic Service Host service hung on starting.

Error: (10/21/2014 06:25:38 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/21/2014 06:24:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sbapifs service failed to start due to the following error:
%%2

Error: (10/21/2014 06:24:28 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/21/2014 06:05:52 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Microsoft Office Sessions:
=========================
Error: (10/21/2014 06:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 05:01:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 04:44:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 04:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Nigel-PC.local already in use; will try Nigel-PC-2.local instead

Error: (10/20/2014 04:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 Nigel-PC.local. Addr 192.168.1.70

Error: (10/20/2014 04:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:E05F:B4BA:4FC3:8D20

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:0000:0000:0000:0045

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:    4 Nigel-PC.local. Addr 192.168.1.70

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Nigel-PC.local. AAAA FE80:0000:0000:0000:E05F:B4BA:4FC3:8D20

Error: (10/20/2014 04:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:E05F:B4BA:4FC3:8D20

==================== Memory info ===========================

Processor: AMD Athlon™ 7450 Dual-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 8191.3 MB
Available physical RAM: 5108.71 MB
Total Pagefile: 20473.48 MB
Available Pagefile: 16824.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (New Volume) (Fixed) (Total:298.09 GB) (Free:137.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (NIGEL SYS) (Removable) (Total:3.73 GB) (Free:1.65 GB) FAT32
Drive k: () (Fixed) (Total:465.76 GB) (Free:180.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D93C5615)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: DD63B194)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== End Of Log ============================


  • 0

#49
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

OK..... Hope you have a good day

A quite busy one. When I left home at 6.45 AM I came back at 11.40 PM. That's why I wasn't able to do much yesterday.




remove%20outdated.jpg Uninstall some programs

We need to uninstall some programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Cloud System Booster - I doubt in any kind of that software, the risks of invasive optimizing are higher than benefits
  • QuickShare

After completing uninstalls, please manually reboot your machine!



FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif


Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start
    CloseProcesses:
    HKU\S-1-5-18\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
    C:\Program Files (x86)\IObit
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
    Toolbar: HKLM-x32 - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
    Hosts:
    Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
    Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
    S3 avgfws; No ImagePath
    S3 AVGIDSAgent; No ImagePath
    S3 avgwd; No ImagePath
    S1 AntiLog32; No ImagePath
    S4 Avgfwfd; No ImagePath
    S4 btwaudio; No ImagePath
    S3 btwavdt; No ImagePath
    S4 btwl2cap; No ImagePath
    S4 btwrchid; No ImagePath
    S1 SASDIFSV; No ImagePath
    S1 SASKUTIL; No ImagePath
    S4 VGPU; No ImagePath
    S4 zghsdiag; No ImagePath
    S4 zghsmdm; No ImagePath
    S4 zghsnmea; No ImagePath
    S3 cpuz134; \??\C:\Users\Nigel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    U0 helpsvc; No ImagePath
    U2 ImapiService; No ImagePath
    U2 Irmon; No ImagePath
    S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
    U0 SR; No ImagePath
    U2 srservice; No ImagePath
    U0 UPS; No ImagePath
    U2 WZCSVC; No ImagePath
    2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Comodo
    2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
    2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Google
    2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Comodo
    2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
    2014-10-19 16:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
    C:\Users\Nigel\AppData\Local\Temp\bs.exe
    Task: {093963F0-A29D-40AE-99C1-75A26902A885} - System32\Tasks\Test TimeTrigger => C:\Users\Nigel\AppData\Local\Temp\Runner.exe <==== ATTENTION
    C:\Users\Nigel\AppData\Local\Temp\Runner.exe
    Task: {22ED1B6B-B453-4340-A791-B7610BD18DAD} - \ss u helper-S-9665547 No Task File <==== ATTENTION
    Task: {65685772-F1F4-4A8B-8875-60D89FD5137A} - \TidyNetwork Update No Task File <==== ATTENTION
    Task: {81A0FB29-85F8-4BFA-8F27-A54082550447} - System32\Tasks\Driver Booster SkipUAC (Nigel) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    Task: {96424976-48F4-4F52-A759-B19F12A6F4AF} - \YourFileDownloader Installer Starter No Task File <==== ATTENTION
    Task: {FE0838BE-005B-4A21-A157-EEBC70F1FF49} - \GPUP No Task File <==== ATTENTION
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
    HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
    HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
    HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
    HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile:  <===== ATTENTION!
    AlternateDataStreams: C:\Windows\system32\Drivers\ktlxumic.sys:changelist
    end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please include it in your reply.



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

#50
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Naat, when I tried uninstalling Quick Share I received the follow error message the feature you are trying to use is on a CD-ROM or other removable disk that is not available. Insert the QuickShare disk and click ok. But I was able to install Cloud System Booster. Should I continue on to the next step?


  • 0

#51
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Yes, please proceed. How about the other program?
  • 0

#52
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Sounds like you had a full day yesterday...... Hope that it was productive.....Yes I was able to uninstall the Cloud System Booster...... Below is the reports you needed.....

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-10-2014
Ran by Nigel at 2014-10-23 18:02:35 Run:1
Running from C:\Users\Nigel\Desktop
Loaded Profile: Nigel (Available profiles: Nigel & Guest & Classic .NET AppPool & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKU\S-1-5-18\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
C:\Program Files (x86)\IObit
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Toolbar: HKLM-x32 - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
Hosts:
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
S3 avgfws; No ImagePath
S3 AVGIDSAgent; No ImagePath
S3 avgwd; No ImagePath
S1 AntiLog32; No ImagePath
S4 Avgfwfd; No ImagePath
S4 btwaudio; No ImagePath
S3 btwavdt; No ImagePath
S4 btwl2cap; No ImagePath
S4 btwrchid; No ImagePath
S1 SASDIFSV; No ImagePath
S1 SASKUTIL; No ImagePath
S4 VGPU; No ImagePath
S4 zghsdiag; No ImagePath
S4 zghsmdm; No ImagePath
S4 zghsnmea; No ImagePath
S3 cpuz134; \??\C:\Users\Nigel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U0 helpsvc; No ImagePath
U2 ImapiService; No ImagePath
U2 Irmon; No ImagePath
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
U0 UPS; No ImagePath
U2 WZCSVC; No ImagePath
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Comodo
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-22 05:32 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-19 16:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
C:\Users\Nigel\AppData\Local\Temp\bs.exe
Task: {093963F0-A29D-40AE-99C1-75A26902A885} - System32\Tasks\Test TimeTrigger => C:\Users\Nigel\AppData\Local\Temp\Runner.exe <==== ATTENTION
C:\Users\Nigel\AppData\Local\Temp\Runner.exe
Task: {22ED1B6B-B453-4340-A791-B7610BD18DAD} - \ss u helper-S-9665547 No Task File <==== ATTENTION
Task: {65685772-F1F4-4A8B-8875-60D89FD5137A} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {81A0FB29-85F8-4BFA-8F27-A54082550447} - System32\Tasks\Driver Booster SkipUAC (Nigel) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {96424976-48F4-4F52-A759-B19F12A6F4AF} - \YourFileDownloader Installer Starter No Task File <==== ATTENTION
Task: {FE0838BE-005B-4A21-A157-EEBC70F1FF49} - \GPUP No Task File <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile:  <===== ATTENTION!
AlternateDataStreams: C:\Windows\system32\Drivers\ktlxumic.sys:changelist
end
*****************

Processes closed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate => value deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{97ab88ef-346b-4179-a0b1-7445896547a5} => value deleted successfully.
"HKCR\CLSID\{97ab88ef-346b-4179-a0b1-7445896547a5}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{97ab88ef-346b-4179-a0b1-7445896547a5} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{97ab88ef-346b-4179-a0b1-7445896547a5}" => Key not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
avgfws => Service deleted successfully.
AVGIDSAgent => Service deleted successfully.
avgwd => Service deleted successfully.
AntiLog32 => Service deleted successfully.
Avgfwfd => Service deleted successfully.
btwaudio => Service deleted successfully.
btwavdt => Service deleted successfully.
btwl2cap => Service deleted successfully.
btwrchid => Service deleted successfully.
SASDIFSV => Service deleted successfully.
SASKUTIL => Service deleted successfully.
VGPU => Service deleted successfully.
zghsdiag => Service deleted successfully.
zghsmdm => Service deleted successfully.
zghsnmea => Service deleted successfully.
cpuz134 => Service deleted successfully.
helpsvc => Service deleted successfully.
ImapiService => Service deleted successfully.
Irmon => Service deleted successfully.
sbapifs => Service deleted successfully.
SR => Service deleted successfully.
srservice => Service deleted successfully.
UPS => Service deleted successfully.
WZCSVC => Service deleted successfully.
C:\Users\Nigel\AppData\Local\Comodo => Moved successfully.
C:\Users\Guest\AppData\Local\Comodo => Moved successfully.
C:\Users\fbwuser\AppData\Local\Google => Moved successfully.
C:\Users\fbwuser\AppData\Local\Comodo => Moved successfully.
C:\Users\Administrator\AppData\Local\Google => Moved successfully.
C:\Users\Administrator\AppData\Local\Comodo => Moved successfully.
C:\Windows\AppCompat => Moved successfully.
"C:\Users\Nigel\AppData\Local\Temp\bs.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{093963F0-A29D-40AE-99C1-75A26902A885}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{093963F0-A29D-40AE-99C1-75A26902A885}" => Key deleted successfully.
C:\Windows\System32\Tasks\Test TimeTrigger => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger" => Key deleted successfully.
"C:\Users\Nigel\AppData\Local\Temp\Runner.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22ED1B6B-B453-4340-A791-B7610BD18DAD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22ED1B6B-B453-4340-A791-B7610BD18DAD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ss u helper-S-9665547" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65685772-F1F4-4A8B-8875-60D89FD5137A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65685772-F1F4-4A8B-8875-60D89FD5137A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TidyNetwork Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81A0FB29-85F8-4BFA-8F27-A54082550447}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81A0FB29-85F8-4BFA-8F27-A54082550447}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Nigel) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Nigel)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96424976-48F4-4F52-A759-B19F12A6F4AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96424976-48F4-4F52-A759-B19F12A6F4AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFileDownloader Installer Starter" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE0838BE-005B-4A21-A157-EEBC70F1FF49}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE0838BE-005B-4A21-A157-EEBC70F1FF49}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUP" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRkrn" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRSVC" => Key deleted successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => Key deleted successfully.
"HKU\.DEFAULT\Software\Classes\.exe" => Key deleted successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => Key not found.
"HKU\S-1-5-19\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-19\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-19\Software\Classes\exefile" => Key not found.
"HKU\S-1-5-20\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-20\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-20\Software\Classes\exefile" => Key not found.
"HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-21-425073729-1472267466-4260431720-1000\Software\Classes\exefile" => Key not found.
C:\Windows\system32\Drivers\ktlxumic.sys => ":changelist" ADS removed successfully.

The system needed a reboot.

==== End of Fixlog ====

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Nigel (administrator) on NIGEL-PC on 23-10-2014 18:59:00
Running from C:\Users\Nigel\Desktop
Loaded Profile: Nigel (Available profiles: Nigel & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoSharedDocuments] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.2.206 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo_ff.xml
FF Extension: TinyWallet - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-10-12]
FF Extension: Universal Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2014-10-12]
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-01]
FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-10-19]

Chrome:
=======
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Google Sheets) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (Google Wallet) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166408 2013-01-25] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S3 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RealPlayer Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1418336 2013-12-10] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [29320 2013-10-25] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-06-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-05-25] (Advanced Micro Devices) [File not signed]
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S3 cxpl_mhd; C:\Windows\System32\drivers\y_cx88x.sys [714752 2009-06-22] (Conexant Systems, Inc.) [File not signed]
S3 gmPS2up; C:\Windows\System32\DRIVERS\gmPS2up.sys [9216 2013-06-01] () [File not signed]
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
S3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-28] (JMicron Technology Corp.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [18456 2012-01-10] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 18:59 - 2014-10-23 18:59 - 00026613 _____ () C:\Users\Nigel\Desktop\FRST.txt
2014-10-23 18:06 - 2014-10-23 18:07 - 00000168 _____ () C:\Windows\setupact.log
2014-10-23 18:06 - 2014-10-23 18:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-23 13:14 - 2014-10-23 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-23 13:12 - 2014-10-23 13:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-23 13:12 - 2014-10-23 13:14 - 00000000 ____D () C:\Program Files\iTunes
2014-10-23 13:12 - 2014-10-23 13:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-23 13:12 - 2014-10-23 13:12 - 00000000 ____D () C:\Program Files\iPod
2014-10-21 11:34 - 2014-10-23 17:08 - 00000000 ____D () C:\Users\Nigel\Desktop\FRST-OlderVersion
2014-10-21 11:33 - 2014-10-23 18:58 - 00000000 ____D () C:\Users\Nigel\Desktop\Farbar Reports
2014-10-21 10:26 - 2014-10-21 10:26 - 00001521 _____ () C:\Users\Nigel\Desktop\iexplore - Shortcut.lnk
2014-10-21 10:07 - 2014-10-21 10:07 - 00002227 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-21 10:07 - 2014-10-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-21 10:04 - 2014-10-21 10:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-21 10:04 - 2014-10-21 10:04 - 00001989 _____ () C:\Users\Nigel\Desktop\Adobe Reader XI.lnk
2014-10-21 06:20 - 2014-10-21 05:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-21 05:48 - 2014-10-21 08:50 - 00105743 _____ () C:\Users\Nigel\Desktop\zoek-results.log
2014-10-21 05:44 - 2014-10-21 06:16 - 00000000 ____D () C:\zoek_backup
2014-10-21 05:20 - 2014-10-21 05:20 - 01290752 _____ () C:\Users\Nigel\Desktop\zoek.exe
2014-10-20 16:51 - 2014-10-20 16:55 - 00000000 ____D () C:\AdwCleaner
2014-10-20 16:50 - 2014-10-20 16:50 - 01976320 _____ () C:\Users\Nigel\Desktop\AdwCleaner.exe
2014-10-20 15:53 - 2014-10-20 15:53 - 00005897 _____ () C:\Users\Nigel\Desktop\JRT.txt
2014-10-20 15:47 - 2014-10-20 15:47 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 15:03 - 2014-10-20 15:03 - 01705698 _____ (Thisisu) C:\Users\Nigel\Desktop\JRT.exe
2014-10-20 14:48 - 2014-10-20 14:48 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-20 14:02 - 2014-10-23 17:08 - 02112000 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2014-10-20 13:38 - 2014-10-21 10:06 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Deployment
2014-10-20 13:24 - 2014-10-20 13:22 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-20 13:23 - 2014-10-20 13:23 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-20 13:23 - 2014-10-20 13:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-20 13:23 - 2014-10-20 13:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 13:22 - 2014-10-20 13:22 - 00000000 ____D () C:\Program Files\Java
2014-10-20 12:42 - 2014-10-20 12:42 - 31029672 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u71-windows-x64 (1).exe
2014-10-20 12:41 - 2014-10-20 12:42 - 31029672 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u71-windows-x64.exe
2014-10-20 12:41 - 2014-10-20 12:41 - 31036328 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u72-windows-x64.exe
2014-10-20 12:40 - 2014-10-20 12:41 - 43735040 _____ () C:\Users\Nigel\Downloads\jre-7u71-windows-x64.gz
2014-10-20 12:23 - 2014-10-20 12:24 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25 (2).exe
2014-10-20 12:21 - 2014-10-20 12:21 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25 (1).exe
2014-10-20 12:07 - 2014-10-20 12:07 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25.exe
2014-10-19 16:39 - 2014-10-19 16:39 - 00000000 ____D () C:\MGADiagToolOutput
2014-10-19 16:38 - 2014-10-19 16:38 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2014-10-19 16:25 - 2014-10-19 16:29 - 04968456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 12:09 - 2014-10-19 12:40 - 00000967 _____ () C:\Users\Nigel\umbrella0.log
2014-10-19 11:49 - 2014-10-19 16:29 - 00110136 _____ () C:\Users\Nigel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 11:37 - 2014-10-19 11:51 - 00000000 ____D () C:\Users\Nigel\Downloads\iPhone Related
2014-10-19 05:57 - 2014-10-20 09:18 - 00000000 ____D () C:\Users\Nigel\Downloads\Geeks_To_Go_Help
2014-10-19 01:18 - 2014-10-19 01:18 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-19 00:20 - 2014-10-23 18:59 - 00000000 ____D () C:\FRST
2014-10-18 23:10 - 2014-10-23 18:07 - 00000000 ___RD () C:\Users\Nigel\iCloudDrive
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apple Inc
2014-10-17 13:50 - 2014-10-17 13:51 - 00001680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-10-17 13:50 - 2014-10-17 13:50 - 00000384 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-10-17 12:41 - 2014-10-17 15:18 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-15 15:50 - 2014-10-15 15:50 - 00006948 _____ () C:\Windows\system32\ScanResults.xml
2014-10-15 15:41 - 2014-10-15 15:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-10-14 19:02 - 2014-10-14 20:20 - 00000585 _____ () C:\Windows\w32dasm8.ini
2014-10-14 19:02 - 2014-10-14 19:02 - 00003218 _____ () C:\Windows\System32\Tasks\{E593581A-1EAB-4FD9-B360-D63A08BB6A7B}
2014-10-14 18:06 - 2014-10-14 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-14 17:19 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 17:19 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 17:18 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 17:18 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 17:18 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 17:18 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 17:18 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 17:18 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 17:18 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 17:18 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 17:18 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 17:18 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 17:17 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 17:17 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 17:17 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 17:16 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 17:16 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 17:14 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 17:14 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 17:14 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 17:14 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 17:14 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 17:14 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 17:14 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 17:14 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 17:14 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 17:14 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 17:14 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 17:14 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 17:14 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 17:14 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 17:14 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 17:14 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 17:14 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 17:14 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 17:14 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 17:14 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 17:14 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 17:14 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 17:14 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 17:14 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 17:14 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 17:12 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 17:12 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 17:12 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 17:12 - 2014-08-28 22:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 17:10 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 17:10 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 17:10 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-12 00:14 - 2014-10-12 00:14 - 00000000 ____D () C:\Users\Nigel\Downloads\Foot_Farm
2014-10-10 10:45 - 2014-10-10 10:46 - 191527745 _____ () C:\Users\Nigel\Downloads\Armageddon.mp4
2014-10-04 11:31 - 2014-10-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-01 07:11 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:11 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 11:51 - 2014-09-29 11:51 - 00000000 ____D () C:\Users\Nigel\AppData\Local\DDMSettings
2014-09-26 01:13 - 2014-09-26 01:35 - 00000000 ____D () C:\Users\Nigel\AppData\Local\pangu
2014-09-24 12:44 - 2014-09-04 15:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-24 12:44 - 2014-09-04 15:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-24 07:28 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 07:28 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 18:39 - 2013-09-29 15:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job
2014-10-23 18:33 - 2013-02-27 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 18:20 - 2013-02-28 03:11 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 18:17 - 2013-02-21 01:01 - 01379015 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 18:14 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 18:14 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 18:11 - 2013-02-28 03:11 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 18:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-23 18:07 - 2014-06-09 02:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-23 18:06 - 2013-03-19 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 18:06 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 17:39 - 2013-09-29 15:40 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job
2014-10-23 17:00 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-10-23 17:00 - 2014-07-21 17:07 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-10-23 13:14 - 2014-09-17 11:37 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-23 13:12 - 2013-03-23 01:10 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-23 13:12 - 2013-02-27 19:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-23 02:00 - 2013-09-28 13:55 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Adobe
2014-10-22 22:06 - 2014-09-20 12:50 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Nigel
2014-10-22 22:06 - 2014-09-20 12:50 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job
2014-10-22 13:19 - 2014-09-20 12:50 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Nigel
2014-10-22 13:19 - 2014-09-20 12:50 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job
2014-10-21 18:57 - 2014-02-01 08:07 - 00000000 ____D () C:\Users\Nigel\Documents\System Enhancers
2014-10-21 18:57 - 2014-02-01 08:05 - 00000000 ____D () C:\Users\Nigel\Documents\Uninstall
2014-10-21 18:57 - 2013-09-26 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-10-21 18:57 - 2013-07-13 02:52 - 00000000 ____D () C:\Users\Nigel\AppData\Local\CrashDumps
2014-10-21 18:57 - 2013-03-30 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAVMediaCodec
2014-10-21 10:06 - 2013-02-28 03:11 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-21 10:06 - 2013-02-28 03:11 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-21 10:06 - 2013-02-28 03:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-21 08:50 - 2013-03-01 01:12 - 00000008 __RSH () C:\Users\Nigel\ntuser.pol
2014-10-21 08:50 - 2013-02-20 22:07 - 00000000 ____D () C:\Users\Nigel
2014-10-21 06:25 - 2014-07-12 21:30 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-21 06:06 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-21 06:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-20 16:55 - 2013-02-27 19:14 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\CheckPoint
2014-10-20 15:50 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 15:48 - 2013-04-16 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-20 14:40 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\Documents\Outlook Files
2014-10-20 13:38 - 2013-10-07 15:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apps\2.0
2014-10-20 12:29 - 2014-08-06 12:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 12:27 - 2013-09-30 13:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 12:14 - 2014-09-22 12:14 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-10-20 12:06 - 2014-01-27 15:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 17:56 - 2014-09-22 12:22 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\uTorrent
2014-10-19 15:58 - 2013-03-01 02:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-19 15:49 - 2014-01-24 20:41 - 00000000 ____D () C:\Program Files\Adobe
2014-10-19 15:49 - 2013-02-27 22:11 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Adobe
2014-10-19 15:47 - 2013-02-28 13:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-19 15:44 - 2014-01-24 20:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-19 15:36 - 2014-09-13 00:16 - 00003300 _____ () C:\Windows\System32\Tasks\Chrome Launcher
2014-10-19 15:34 - 2014-05-22 12:07 - 00000000 ____D () C:\Users\Nigel\Desktop\Miscel
2014-10-19 12:41 - 2013-11-24 18:10 - 00449786 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-10-19 12:39 - 2013-10-11 04:54 - 00000000 ____D () C:\Users\Nigel\.shsh
2014-10-18 23:10 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\AppData\Local\204F97F3-3D38-41EE-A1A9-FA8BE5878D8B.aplzod
2014-10-18 23:10 - 2013-02-27 19:24 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Apple Computer
2014-10-18 11:46 - 2013-03-01 02:36 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-17 16:59 - 2013-05-29 22:37 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\vlc
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 13:00 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator
2014-10-17 12:04 - 2013-04-22 19:16 - 00000000 ____D () C:\Windows\Minidump
2014-10-16 16:56 - 2013-03-01 15:33 - 00847994 _____ () C:\Windows\system32\perfh019.dat
2014-10-16 16:56 - 2013-03-01 15:33 - 00204178 _____ () C:\Windows\system32\perfc019.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00787002 _____ () C:\Windows\system32\perfh005.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00195964 _____ () C:\Windows\system32\perfc005.dat
2014-10-16 16:56 - 2009-07-14 01:13 - 02972908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 21:24 - 2014-04-23 06:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 19:14 - 2013-12-13 17:25 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-14 19:14 - 2013-12-11 04:29 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-10-14 18:23 - 2013-03-01 23:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 18:05 - 2013-07-13 02:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 17:22 - 2013-02-27 17:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 15:35 - 2013-03-01 18:15 - 00000000 ____D () C:\Users\Guest
2014-10-14 15:20 - 2014-08-20 02:49 - 00000000 ____D () C:\Users\Nigel\AppData\Local\WinZip
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-08 14:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 20:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-04 09:09 - 2014-09-20 12:50 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job
2014-10-04 08:45 - 2014-09-20 12:50 - 00002666 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel
2014-10-02 12:45 - 2013-09-20 20:09 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-10-02 12:45 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2014-10-02 02:19 - 2013-04-20 01:19 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\dvdcss
2014-10-01 11:11 - 2014-06-09 02:48 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-09 02:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2013-12-11 13:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 12:45 - 2013-03-19 17:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-24 04:33 - 2013-02-27 22:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 04:33 - 2013-02-27 22:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 04:33 - 2013-02-27 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-23 14:02

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Nigel at 2014-10-23 19:00:04
Running from C:\Users\Nigel\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.166.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - Canon Inc.)
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DMG Extractor (HKCU\...\DMG Extractor) (Version: 1.2.3.0 - Reincubate Ltd)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
ImTOO iPhone Photo Transfer (HKLM-x32\...\ImTOO iPhone Photo Transfer) (Version: 1.1.4.20131114 - ImTOO)
ImTOO iPhone SMS Backup (HKLM-x32\...\ImTOO iPhone SMS Backup) (Version: 1.0.13.20140211 - ImTOO)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.6.6.0 - Reincubate Ltd)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.14.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PE988 (HKLM\...\{6F8ECA7B-420F-4D63-B866-B83737EB3E76}) (Version: 6.0.77 - YUAN)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickShare (HKLM-x32\...\{62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E}) (Version: 1.6.1.949 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E8C86A07-99F1-4750-A6CF-C4ED5211A146}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoDownloaderUltimate (HKCU\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.23 - Link64)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2) (HKLM\...\E3446990DE8D5843AECCB8B0EF4E7D8DBF5E78B2) (Version: 07/12/2011 1.8.4.2 - Apple)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500) (HKLM\...\79B5284AC8847651E6939E5B2FB1A473E6C9D19B) (Version: 01/20/2010 6.3.0.3500 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800) (HKLM\...\5BB2352543C023211B5CDA6229832626C218EB7F) (Version: 01/28/2010 6.3.0.3800 - Broadcom Corporation)
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077) (HKLM\...\34BE71CBF435D6B34FFAF9BA68AD921E99CF4065) (Version: 11/08/2011 6.0.32.0077 - YUAN TV DRIVER)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

28-09-2014 09:37:09 Windows Update
28-09-2014 23:00:28 Windows Backup
02-10-2014 05:14:16 Windows Update
04-10-2014 15:26:38 Removed iCloud
04-10-2014 15:30:47 Installed iCloud
05-10-2014 15:50:44 Windows Update
05-10-2014 23:00:22 Windows Backup
08-10-2014 19:37:35 Windows Update
10-10-2014 04:01:33 Microsoft Antimalware Checkpoint
12-10-2014 00:32:26 Windows Update
12-10-2014 23:01:33 Windows Backup
14-10-2014 18:00:01 Restore Operation
14-10-2014 19:36:04 Windows Backup
14-10-2014 21:20:04 Windows Update
16-10-2014 19:17:02 Windows Backup
16-10-2014 23:08:12 Reimage Express Restore Point
17-10-2014 12:55:06 Reimage Express Restore Point
17-10-2014 13:09:23 Uninstalled with Total Uninstall ""
17-10-2014 15:53:12 Revo Uninstaller's restore point - Google+ Auto Backup
17-10-2014 16:51:36 Installed STOPzilla
17-10-2014 17:00:05 STOPzilla Restore Point.
17-10-2014 18:00:24 Removed STOPzilla
18-10-2014 17:58:42 Windows Update
19-10-2014 16:17:02 Microsoft Antimalware Checkpoint
19-10-2014 19:50:27 Removed Adobe Acrobat XI Pro.
19-10-2014 23:03:13 Windows Backup
20-10-2014 16:07:42 Removed Java 8 Update 25
20-10-2014 16:24:27 Removed Java 8 Update 25
20-10-2014 16:44:36 Installed Java 7 Update 71 (64-bit)
20-10-2014 17:19:23 Installed Java 7 Update 72 (64-bit)
21-10-2014 09:48:22 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-03-01 02:10 - 2014-10-23 18:02 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {000612EA-70A0-4C63-89A1-8C5AEA7EFE8D} - System32\Tasks\{2C7ACBC0-7276-4542-8CD7-529B4D9AA8CC} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {006F7C01-5F0E-4150-9C4D-DE30C78C24A1} - System32\Tasks\{5FB22839-DCD7-44B2-8A12-F735271B7366} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {02E826AC-35DE-482B-94B2-15A0559936CE} - System32\Tasks\{81C5B8D4-8F2D-4A27-9184-EED41C281D3E} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {05A07841-8538-4FA8-A72E-58D63EF246DB} - System32\Tasks\{A2992F5E-09C1-403A-B59B-A743630AD888} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {0A818F3C-A3E3-4122-B3F0-19729F7CCE12} - System32\Tasks\{7DB33574-0FEC-4FC6-92B5-1663FE05B401} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {0DCD46B0-0A93-41AF-A417-D30980C7434D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {1038BF1B-FF84-473E-9470-CF2542F8734B} - System32\Tasks\{621D54F1-F962-49FF-80F3-E4901E48F97F} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {10ADD4C1-18C7-4959-B6A6-55B7612B9981} - System32\Tasks\{9B93F1C1-BAE0-4547-A7F4-436DCB981174} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {123565F3-0D19-410B-A6DA-88F89AD0DB10} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {12EFB081-B6B7-498C-B0EB-5B466DCAC3DB} - System32\Tasks\{C1FD0AF3-F142-4A98-8F71-C27459CCC326} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {169AAA98-589D-4EF5-99E6-164E9E990614} - System32\Tasks\{73CE8116-3FE9-4BB0-9ECF-FF9EF71B71CC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {169CA07C-AC46-4953-8DA6-2580DBCF974F} - System32\Tasks\{2D439E47-B377-4F2A-84A7-1FFFB9315E27} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {186E7797-9FE8-4A70-9B8A-BB997C6DC598} - System32\Tasks\{CC0FD0E2-776D-4B23-B75B-DA619AA69C1B} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {1AFB0322-06B1-4B25-A4D1-2EC13633A456} - System32\Tasks\{10054E13-B4D2-4038-A149-7D7CD286D5BC} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {1FE31CA9-9587-4D90-B97B-4874FE0DD994} - System32\Tasks\{3809E01F-7D74-419D-A04E-475AC9AC0104} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {2199150D-38EE-40E0-932A-C547AFC1CDCE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {22E21245-ACCB-45D9-86D9-43D186C24EE0} - System32\Tasks\{1C9473D9-9587-4262-BED4-CE9A0A5B7132} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {23925085-F16B-480C-893C-00F6B4471DB4} - System32\Tasks\{6FCAAA83-1380-4B01-827E-618BDC4C8749} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {251F1F0E-642E-4773-9A4F-BEB433A9277B} - System32\Tasks\{0F35E7D5-B3FA-4E4F-B3C2-695339938076} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {26D1CC47-7787-49E1-91F4-1C5B5053B481} - System32\Tasks\{28980DF0-B3B8-477B-B624-7B366C1E9F82} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {293E9808-104D-47BB-BAAD-6C879853839B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2963DDCF-57EB-43AE-890A-DF5A98B7AEC7} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe
Task: {29FCDBB3-E067-422E-B938-73B7521C3370} - System32\Tasks\{84129D00-A527-4272-9EAF-734B4C1137A6} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {317E9D0C-E965-4647-AF45-C426E3C47409} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {32608733-4D6D-47E7-89BF-37F1B22B89B9} - System32\Tasks\{DAE296A8-D8A2-4199-8500-2224FE88CDAF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {349B5B62-DEAF-4B16-93FE-DE7C169ABE66} - System32\Tasks\ReclaimerUpdateFiles_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {368FD478-750D-48DA-98C1-91A0AC9154BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3885C983-81FD-4929-94F2-BADDDEC585E8} - System32\Tasks\{E9D746C0-8108-4D3F-856F-0B8E88844D63} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {3A28F420-CA2E-41C7-98E6-090BD717828D} - System32\Tasks\{1BB641A5-4C01-461B-A3CA-3EE7A8AFC753} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {3A662C89-E799-4D3F-A277-2C6AE51F2D5D} - System32\Tasks\RNUpgradeHelperLogonPrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {3AE4BFDD-06D3-4A72-A031-752C12C5A1FC} - System32\Tasks\{3CED81EB-75E9-4886-9345-6F8A59F71133} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {3AE64DE5-B4CB-4FEE-8261-3C44EC6592F2} - System32\Tasks\{DA2D6784-B468-41D6-A9C3-E6456F0ECEDC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {3C0C5E3A-2FD6-4BE1-9044-A2D75313532F} - System32\Tasks\{3A0372C4-11E7-4A9F-97D8-DA624D7A58FD} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {3FC269B9-8C6C-4A9E-9628-2490CDAF8E1D} - System32\Tasks\{F565868D-6352-46C1-9D78-ACC152BA5AFC} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4351F10C-E69D-4B69-945D-08C1F0EBDD8A} - System32\Tasks\{8F6CAC86-F380-4C50-8006-36939E72777D} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {449F4E01-3C7C-4D28-ABBA-828539A83685} - System32\Tasks\{C418A8B2-9255-49E4-A6E9-4D7CA82ADDD3} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {44E0ECA0-F601-4090-B027-8CD419F677AD} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {459C1231-E4FD-4849-B9C5-FBA0C5BB8245} - System32\Tasks\{2A23BB18-DE5C-43BD-BC52-72961C9849D3} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {467D8819-3E3A-417E-863A-3DF0E112FCB5} - System32\Tasks\{AE34398D-666B-4CCE-BC8F-DB48148EA13F} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4BE74FA7-42CD-41FE-B40D-F9E9C441537E} - System32\Tasks\{BAF80243-FBA1-4E89-95EB-C0D3AA496914} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {4F2DEE36-7405-4E0C-8129-21A2BBD59B4E} - System32\Tasks\{AEE3B048-B798-479B-B577-03A229A26271} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {51745400-A8A2-46E2-A2AA-F90FD82B42A5} - System32\Tasks\{924020A1-5A40-46D8-ADE0-8DF0D267C4CA} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {51DF843C-2317-46CB-8DCD-9786748EF292} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {56459790-A92F-4CDA-AF94-876D74EBEC31} - System32\Tasks\{9FAA2EAA-5333-4F67-897D-042DC1118AEF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {5852944E-E3BF-47B0-A8CD-EE9B9FCC856C} - System32\Tasks\{48E4D8DA-0C19-4658-B79C-C5078590BEEF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {59D050C2-9DFB-4BBB-9BEF-9B5072BDAE74} - System32\Tasks\{FE23A538-ED0A-40E0-87B2-0FA07139C608} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {5A655E23-C498-4B5F-A959-B0588BD8C6CB} - System32\Tasks\{73825FD6-27E8-44E3-A92D-5506AD1B97FA} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {5C75FAF9-9DA8-4844-8416-2228A7785B44} - System32\Tasks\{FC2419A3-3ADC-4196-AAA4-5A5977A662CF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {6032B365-3830-4CD5-AE92-FE6D4561AE51} - System32\Tasks\{881571A8-9200-4CB5-B498-2A83A9E86DA6} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {60E328B8-E650-45BE-8878-404EE5B610F8} - System32\Tasks\{87D481AC-6BB3-4473-B7AD-3607DCEA8756} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {6260FD1A-D38B-44C5-A055-52AB153435FD} - System32\Tasks\{11B3F5B9-1B08-4582-8226-996CDA70793D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {667FC555-EBE8-4B7E-A24B-C32A0943A876} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {67309B44-4BBA-46A8-94CE-66F0E4118D55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7033CB6B-822E-422C-B3A5-285638759605} - System32\Tasks\{F92FDF9D-A098-4E5B-A8B0-BFD8B84ACFF9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {708D0DCC-2C04-499E-BB51-26648D454A7B} - System32\Tasks\{C174E770-DDA8-43A4-B145-1DDB63E80EFB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {77090DF9-6BCB-46BD-A052-595EF90E516D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {79C33A83-58DD-44FC-87EE-B1EAC391332E} - System32\Tasks\{4A2DD742-0F4E-41E5-8164-8C4079E1D14C} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {7C43B3B7-D555-40E2-9548-D0461CBC676F} - System32\Tasks\{7B644DAF-35C5-439A-952A-E355469DEE4A} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {7CC66EF8-31F6-4E5C-BFE2-92851B0A97E8} - System32\Tasks\ReclaimerUpdateXML_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {7D16292D-72E8-4AE0-A281-77217F353C3C} - System32\Tasks\{C6D7FCF8-E7B1-4703-8194-D75C03B4DF37} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {7EC72E42-E0D9-4DB7-B499-3BC25912A497} - System32\Tasks\{4AACEB05-CFC0-4279-9403-CC99773EDDCF} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {7F733B87-02E8-479E-8440-514AE88C24A7} - System32\Tasks\{6D7101B6-EC94-4CD8-9786-A08EE5E54F8F} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {807F5556-47D5-4EC7-8562-1CC7C96009B0} - System32\Tasks\Eakona Update => C:\ProgramData\Eakona\update15.exe
Task: {83AFC484-8A32-40B4-8A02-9E064C609D88} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {84589CC3-E682-4196-B545-F1A996BDD4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {84CFA5CB-FE45-4E62-8842-A69B2BC7833D} - System32\Tasks\{544F44BF-F291-4E18-8BF3-60C0E38A8E9D} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {8565466B-33EA-453A-9A44-FB10FED0EBE0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {8C433082-E77E-4688-BF0E-6CB3A25A77DD} - System32\Tasks\{1D1A5A4A-8E61-4697-AC2F-51D7EE009786} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {90473550-E850-4BFB-9244-5EE77EF732AA} - System32\Tasks\{1F60F57D-30CA-4034-BC06-941D7B6CD9F0} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {951DCD93-192C-435E-A657-97B8861D29D7} - System32\Tasks\{72C600E9-A2FB-4A6C-8EDB-4B7FD35F3BE0} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {96878061-26E9-49D3-8B8B-6CC548CA5809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {992CD035-8FA6-4179-8F27-6451EAC9B25E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {9B7E1E6B-8E4C-4230-9B53-6F404F3C8FA3} - System32\Tasks\RNUpgradeHelperResumePrompt_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {A08E06B3-13BE-4A64-8BE4-BA75BFE3CF80} - System32\Tasks\{DCD6F798-3E9A-4E0B-BD8F-4F1A56C6E1A5} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {A5E73495-E96E-4AB8-AF93-C21EC0416E5A} - System32\Tasks\{1A248453-EA28-4123-BDBE-21B643214981} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {A5FEAF99-0991-43FE-AA1F-D8046B57BAEE} - System32\Tasks\{E053BCD8-88B4-40F6-B0E9-54B4C0E2DB24} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {A865B493-DC39-4096-A89C-F345384C3AF4} - System32\Tasks\{6F328AA4-E7BC-4E55-8580-8DD694CC3ADB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {A8818490-0854-4337-B395-4A370F92FE89} - System32\Tasks\{21766169-89C2-49F6-BB8F-AB224E395A1B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {AB23705A-DE13-4C0F-9DC8-275734E6618D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB54D713-8B71-4989-A1B2-F224EB44A3AE} - System32\Tasks\{8571D682-9355-4007-A9C8-52B226CC06A8} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {AEA2DCEC-1540-4417-808E-F885D955417D} - System32\Tasks\{F42A0C80-5557-42CB-8465-6164EBAD88A8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {AEB6797F-3C8C-4FEC-ADF2-D899CAF39D65} - System32\Tasks\{4BD65B01-0AE9-4A43-B2F7-CF6128EA21A9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {AF7D2CEF-584D-4481-8C36-2503A983A9DB} - System32\Tasks\AdobeAAMUpdater-1.0-Nigel-PC-Nigel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {B2EE0003-6F1B-4C22-8D48-992FB5AABE0A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B41A22EC-4CB5-4AFE-8BEA-5B01E5AE43EE} - System32\Tasks\{E400AB86-5A44-4228-A3CE-AF605BA9AF62} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {B7FC23B2-7EC7-4C96-8161-B3CFB715E737} - System32\Tasks\{9ED700B8-ECDA-427C-B8E3-2791A2E2DCD7} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {BBC765F7-D309-4BD8-BA18-A107F6F5948E} - System32\Tasks\{077AA7A5-1BD3-4EFA-ABDB-DFB6174D3071} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C11C6FBD-A367-4737-8923-386DAD5DC884} - System32\Tasks\{B15A5C3F-6909-4D9D-AEEA-7873D50CBFC1} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {C3F97A9C-6154-4CED-BFDC-028EF0188789} - System32\Tasks\{F153F805-2E31-4E5B-97C7-FD71BC0BEB55} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C435B79A-12EE-4AF1-9117-FC0211600E4D} - System32\Tasks\{50FFBF50-AA52-4ED1-B6A2-ABE0AB7A1FA8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {CF517E06-FF2E-40D8-90A8-38618541F7C7} - System32\Tasks\{25E512C9-6BF5-4F04-AD7A-771D90B5EA74} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {D7F7BD77-BA36-439A-912A-E42FFD28F48F} - System32\Tasks\{D8FD28E2-15C2-4D62-A60C-F8B55E46DD86} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DDD4F934-C2EF-42A7-A324-93D7B98AF47E} - System32\Tasks\{9FBD2980-03DB-418A-8BE2-EFEF5DFC542B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DF1AD657-5EA2-47B0-98BF-F60D6C449CB5} - System32\Tasks\{74F22C14-D49E-46A3-89CB-999F91FAE2D9} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {DF61FCD0-E3FE-4055-9FCD-C17C2A9196F3} - System32\Tasks\{5F84FB09-08A8-499F-B17F-7CCCA4EE158D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {E5004064-C3D0-4FB4-BC0E-D9653316B938} - System32\Tasks\{154733BA-4DA3-4301-AD83-0230D0C5461D} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {E605B7D6-DB52-4020-9B63-D4FB2ED3B067} - System32\Tasks\{FB5E2E38-F3B5-4A82-9033-18D3A4773C95} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {E9FBC6F9-B382-4931-B10F-BE788B37743E} - System32\Tasks\{52EC31A4-035C-4281-B156-1FFA146BEFB5} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {EF39CFC0-6789-43E7-B770-1BD31EACB6A4} - System32\Tasks\{698C9EF4-C460-4000-8D89-333C6772CA58} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {F0ADDC43-8010-4AD0-9C2A-3DCDF5A12CCD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.)
Task: {F2AB3193-B105-41BA-ACC2-A89251B966ED} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe
Task: {FCA5B4FE-154E-4649-82C9-519B0DFFAEA0} - System32\Tasks\{EC9BF912-F05C-4B56-B200-82F74A037AD0} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Nigel.job => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2013-03-19 17:05 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ASCAntivirusSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3
MSCONFIG\Services: RealPlayer Desktop Service => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 3
MSCONFIG\Services: WRSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk => C:\Windows\pss\Install Webroot IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk => C:\Windows\pss\LaunchU3.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A1Clean.lnk => C:\Windows\pss\A1Clean.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
MSCONFIG\startupreg: mmonitor => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe hide=1
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: swg => c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-425073729-1472267466-4260431720-500 - Administrator - Disabled)
Guest (S-1-5-21-425073729-1472267466-4260431720-501 - Limited - Enabled) => C:\Users\Guest
Nigel (S-1-5-21-425073729-1472267466-4260431720-1000 - Administrator - Enabled) => C:\Users\Nigel

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 06:08:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 70.1.168.192.in-addr.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 70.1.168.192.in-addr.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Nigel-PC.local already in use; will try Nigel-PC-2.local instead

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Nigel-PC.local. AAAA FE80:0000:0000:0000:E05F:B4BA:4FC3:8D20

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:E05F:B4BA:4FC3:8D20

System errors:
=============
Error: (10/23/2014 06:17:50 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.185.3788.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (10/23/2014 06:17:50 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.185.3788.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (10/23/2014 06:07:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (10/23/2014 06:07:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (10/23/2014 06:07:03 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/23/2014 06:06:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LiveUpdate service failed to start due to the following error:
%%2

Error: (10/23/2014 06:06:29 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/23/2014 06:03:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SNMP Service service failed to start due to the following error:
%%1069

Error: (10/23/2014 06:03:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The SNMP service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/23/2014 06:03:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%109

Microsoft Office Sessions:
=========================
Error: (10/23/2014 06:08:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 70.1.168.192.in-addr.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 70.1.168.192.in-addr.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Nigel-PC.local already in use; will try Nigel-PC-2.local instead

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Nigel-PC.local. AAAA FE80:0000:0000:0000:E05F:B4BA:4FC3:8D20

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 Nigel-PC.local. AAAA 2602:0306:BDFC:07F0:E05F:B4BA:4FC3:8D20

==================== Memory info ===========================

Processor: AMD Athlon™ 7450 Dual-Core Processor
Percentage of memory in use: 25%
Total physical RAM: 8191.3 MB
Available physical RAM: 6063.85 MB
Total Pagefile: 20473.48 MB
Available Pagefile: 18174.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (New Volume) (Fixed) (Total:298.09 GB) (Free:136.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (NIGEL SYS) (Removable) (Total:3.73 GB) (Free:1.65 GB) FAT32
Drive k: () (Fixed) (Total:465.76 GB) (Free:180.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D93C5615)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: DD63B194)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== End Of Log ============================


  • 0

#53
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

OK, let's see if this will take care of it.



51a612a8b27e2-Zoek.png Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    {62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E};c
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!


  • 0

#54
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by Nigel on Fri 10/24/2014 at 10:19:19.42.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nigel\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/24/2014 10:21:06 AM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62BC7EFB-47F5-4619-9B74-7DDA72D5AF7E} deleted successfully

==== Deleting CLSID Registry Values ======================

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1264 folders=244 154715988 bytes)

==== EOF on Fri 10/24/2014 at 10:22:31.98 ======================


  • 0

#55
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

ZOEK dis its job. Now we need to check where are we.



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

Advertisements


#56
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Naat, did you still want to manually uninstall the following programs: IOBit Apps Toolbar, Quick Share and IOBit Malware Fighter since I received an error message when trying to uninstall it. Below is the information that you needed.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Nigel (administrator) on NIGEL-PC on 24-10-2014 23:46:30
Running from C:\Users\Nigel\Desktop
Loaded Profile: Nigel (Available profiles: Nigel & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\update\realsched.exe [296520 2014-10-24] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoSharedDocuments] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-425073729-1472267466-4260431720-1000\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Nigel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Nigel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nigel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\searchplugins\yahoo_ff.xml
FF Extension: TinyWallet - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\[email protected] [2014-10-12]
FF Extension: Universal Downloader - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2014-10-12]
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\xxxk6g1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-01]
FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-10-19]

Chrome:
=======
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Google Sheets) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (Google Wallet) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166408 2013-01-25] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S3 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-10-24] (RealNetworks, Inc.)
S4 RealPlayer Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-10-24] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-06-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-05-25] (Advanced Micro Devices) [File not signed]
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S3 cxpl_mhd; C:\Windows\System32\drivers\y_cx88x.sys [714752 2009-06-22] (Conexant Systems, Inc.) [File not signed]
S3 gmPS2up; C:\Windows\System32\DRIVERS\gmPS2up.sys [9216 2013-06-01] () [File not signed]
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
S3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-28] (JMicron Technology Corp.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [18456 2012-01-10] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 23:46 - 2014-10-24 23:46 - 00027629 _____ () C:\Users\Nigel\Desktop\FRST.txt
2014-10-24 23:25 - 2014-10-24 23:25 - 00001042 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-10-24 10:20 - 2014-10-24 10:22 - 00000860 _____ () C:\zoek-results.log
2014-10-23 18:06 - 2014-10-23 18:07 - 00000168 _____ () C:\Windows\setupact.log
2014-10-23 18:06 - 2014-10-23 18:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-23 13:14 - 2014-10-23 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-23 13:12 - 2014-10-23 13:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-23 13:12 - 2014-10-23 13:14 - 00000000 ____D () C:\Program Files\iTunes
2014-10-23 13:12 - 2014-10-23 13:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-23 13:12 - 2014-10-23 13:12 - 00000000 ____D () C:\Program Files\iPod
2014-10-21 11:34 - 2014-10-23 17:08 - 00000000 ____D () C:\Users\Nigel\Desktop\FRST-OlderVersion
2014-10-21 11:33 - 2014-10-24 23:46 - 00000000 ____D () C:\Users\Nigel\Desktop\Farbar Reports
2014-10-21 10:26 - 2014-10-21 10:26 - 00001521 _____ () C:\Users\Nigel\Desktop\iexplore - Shortcut.lnk
2014-10-21 10:07 - 2014-10-21 10:07 - 00002227 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-21 10:07 - 2014-10-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-21 10:04 - 2014-10-21 10:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-21 10:04 - 2014-10-21 10:04 - 00001989 _____ () C:\Users\Nigel\Desktop\Adobe Reader XI.lnk
2014-10-21 05:44 - 2014-10-21 06:16 - 00000000 ____D () C:\zoek_backup
2014-10-21 05:20 - 2014-10-21 05:20 - 01290752 _____ () C:\Users\Nigel\Desktop\zoek.exe
2014-10-20 16:51 - 2014-10-20 16:55 - 00000000 ____D () C:\AdwCleaner
2014-10-20 16:50 - 2014-10-20 16:50 - 01976320 _____ () C:\Users\Nigel\Desktop\AdwCleaner.exe
2014-10-20 15:53 - 2014-10-20 15:53 - 00005897 _____ () C:\Users\Nigel\Desktop\JRT.txt
2014-10-20 15:47 - 2014-10-20 15:47 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 15:03 - 2014-10-20 15:03 - 01705698 _____ (Thisisu) C:\Users\Nigel\Desktop\JRT.exe
2014-10-20 14:48 - 2014-10-20 14:48 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-20 14:02 - 2014-10-23 17:08 - 02112000 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2014-10-20 13:38 - 2014-10-21 10:06 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Deployment
2014-10-20 13:24 - 2014-10-20 13:22 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-20 13:23 - 2014-10-20 13:23 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-20 13:23 - 2014-10-20 13:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-20 13:23 - 2014-10-20 13:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 13:22 - 2014-10-20 13:22 - 00000000 ____D () C:\Program Files\Java
2014-10-20 12:42 - 2014-10-20 12:42 - 31029672 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u71-windows-x64 (1).exe
2014-10-20 12:41 - 2014-10-20 12:42 - 31029672 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u71-windows-x64.exe
2014-10-20 12:41 - 2014-10-20 12:41 - 31036328 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\jre-7u72-windows-x64.exe
2014-10-20 12:40 - 2014-10-20 12:41 - 43735040 _____ () C:\Users\Nigel\Downloads\jre-7u71-windows-x64.gz
2014-10-20 12:23 - 2014-10-20 12:24 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25 (2).exe
2014-10-20 12:21 - 2014-10-20 12:21 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25 (1).exe
2014-10-20 12:07 - 2014-10-20 12:07 - 00638888 _____ (Oracle Corporation) C:\Users\Nigel\Downloads\chromeinstall-8u25.exe
2014-10-19 16:39 - 2014-10-19 16:39 - 00000000 ____D () C:\MGADiagToolOutput
2014-10-19 16:38 - 2014-10-19 16:38 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2014-10-19 16:25 - 2014-10-19 16:29 - 04968456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 12:09 - 2014-10-19 12:40 - 00000967 _____ () C:\Users\Nigel\umbrella0.log
2014-10-19 11:49 - 2014-10-19 16:29 - 00110136 _____ () C:\Users\Nigel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 11:37 - 2014-10-19 11:51 - 00000000 ____D () C:\Users\Nigel\Downloads\iPhone Related
2014-10-19 05:57 - 2014-10-20 09:18 - 00000000 ____D () C:\Users\Nigel\Downloads\Geeks_To_Go_Help
2014-10-19 01:18 - 2014-10-19 01:18 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-19 00:20 - 2014-10-24 23:46 - 00000000 ____D () C:\FRST
2014-10-18 23:10 - 2014-10-23 18:07 - 00000000 ___RD () C:\Users\Nigel\iCloudDrive
2014-10-18 23:10 - 2014-10-18 23:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apple Inc
2014-10-17 13:50 - 2014-10-17 13:51 - 00001680 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-10-17 13:50 - 2014-10-17 13:50 - 00000384 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-10-17 12:41 - 2014-10-17 15:18 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-15 15:50 - 2014-10-15 15:50 - 00006948 _____ () C:\Windows\system32\ScanResults.xml
2014-10-15 15:41 - 2014-10-15 15:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-10-14 19:02 - 2014-10-14 20:20 - 00000585 _____ () C:\Windows\w32dasm8.ini
2014-10-14 19:02 - 2014-10-14 19:02 - 00003218 _____ () C:\Windows\System32\Tasks\{E593581A-1EAB-4FD9-B360-D63A08BB6A7B}
2014-10-14 18:06 - 2014-10-14 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-14 17:19 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 17:19 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 17:18 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 17:18 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 17:18 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 17:18 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 17:18 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 17:18 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 17:18 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 17:18 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 17:18 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 17:18 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 17:18 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 17:18 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 17:18 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 17:18 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 17:18 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 17:18 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 17:18 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 17:17 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 17:17 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 17:17 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 17:17 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 17:17 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 17:17 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 17:16 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 17:16 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 17:14 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 17:14 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 17:14 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 17:14 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 17:14 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 17:14 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 17:14 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 17:14 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 17:14 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 17:14 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 17:14 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 17:14 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 17:14 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 17:14 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 17:14 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 17:14 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 17:14 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 17:14 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 17:14 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 17:14 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 17:14 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 17:14 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 17:14 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 17:14 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 17:14 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 17:14 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 17:14 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 17:14 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 17:14 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 17:14 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 17:14 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 17:14 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 17:14 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 17:14 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 17:14 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 17:14 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 17:14 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 17:14 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 17:14 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 17:14 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 17:14 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 17:12 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 17:12 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 17:12 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 17:12 - 2014-08-28 22:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 17:10 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 17:10 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 17:10 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-12 00:14 - 2014-10-12 00:14 - 00000000 ____D () C:\Users\Nigel\Downloads\Foot_Farm
2014-10-10 10:45 - 2014-10-10 10:46 - 191527745 _____ () C:\Users\Nigel\Downloads\Armageddon.mp4
2014-10-04 11:31 - 2014-10-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-01 07:11 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:11 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 11:51 - 2014-09-29 11:51 - 00000000 ____D () C:\Users\Nigel\AppData\Local\DDMSettings
2014-09-26 01:13 - 2014-09-26 01:35 - 00000000 ____D () C:\Users\Nigel\AppData\Local\pangu
2014-09-24 12:44 - 2014-09-04 15:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-24 12:44 - 2014-09-04 15:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-24 07:28 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 07:28 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 23:40 - 2013-02-28 03:17 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\RealNetworks
2014-10-24 23:39 - 2013-09-29 15:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job
2014-10-24 23:33 - 2013-02-27 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 23:25 - 2013-12-10 16:27 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-10-24 23:25 - 2013-12-10 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-10-24 23:25 - 2013-02-28 03:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-10-24 23:25 - 2013-02-28 03:08 - 00000000 ____D () C:\ProgramData\Real
2014-10-24 23:24 - 2013-12-10 16:27 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-10-24 23:24 - 2013-12-10 16:26 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-10-24 23:24 - 2013-12-10 16:26 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-10-24 23:11 - 2013-02-28 03:11 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 23:01 - 2014-06-09 02:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 21:07 - 2014-09-20 12:50 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Nigel
2014-10-24 20:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-24 19:57 - 2013-02-21 01:01 - 01445518 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 18:21 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 18:21 - 2009-07-14 00:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 17:39 - 2013-09-29 15:40 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job
2014-10-24 10:11 - 2013-02-28 03:11 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 02:00 - 2013-09-28 13:55 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Adobe
2014-10-23 18:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-23 18:06 - 2013-03-19 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 18:06 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 17:00 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-10-23 17:00 - 2014-07-21 17:07 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-10-23 13:14 - 2014-09-17 11:37 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-23 13:12 - 2013-03-23 01:10 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-23 13:12 - 2013-02-27 19:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-21 18:57 - 2014-02-01 08:07 - 00000000 ____D () C:\Users\Nigel\Documents\System Enhancers
2014-10-21 18:57 - 2014-02-01 08:05 - 00000000 ____D () C:\Users\Nigel\Documents\Uninstall
2014-10-21 18:57 - 2013-09-26 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-10-21 18:57 - 2013-07-13 02:52 - 00000000 ____D () C:\Users\Nigel\AppData\Local\CrashDumps
2014-10-21 18:57 - 2013-03-30 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAVMediaCodec
2014-10-21 10:06 - 2013-02-28 03:11 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-21 10:06 - 2013-02-28 03:11 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-21 10:06 - 2013-02-28 03:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-21 08:50 - 2013-03-01 01:12 - 00000008 __RSH () C:\Users\Nigel\ntuser.pol
2014-10-21 08:50 - 2013-02-20 22:07 - 00000000 ____D () C:\Users\Nigel
2014-10-21 06:25 - 2014-07-12 21:30 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-21 06:06 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-21 06:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-20 16:55 - 2013-02-27 19:14 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\CheckPoint
2014-10-20 15:50 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 15:48 - 2013-04-16 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-20 14:40 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\Documents\Outlook Files
2014-10-20 13:38 - 2013-10-07 15:10 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apps\2.0
2014-10-20 12:29 - 2014-08-06 12:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 12:27 - 2013-09-30 13:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 12:14 - 2014-09-22 12:14 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-10-20 12:06 - 2014-01-27 15:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 17:56 - 2014-09-22 12:22 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\uTorrent
2014-10-19 15:58 - 2013-03-01 02:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-19 15:49 - 2014-01-24 20:41 - 00000000 ____D () C:\Program Files\Adobe
2014-10-19 15:49 - 2013-02-27 22:11 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Adobe
2014-10-19 15:47 - 2013-02-28 13:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-19 15:44 - 2014-01-24 20:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-19 15:36 - 2014-09-13 00:16 - 00003300 _____ () C:\Windows\System32\Tasks\Chrome Launcher
2014-10-19 15:34 - 2014-05-22 12:07 - 00000000 ____D () C:\Users\Nigel\Desktop\Miscel
2014-10-19 12:41 - 2013-11-24 18:10 - 00449786 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-10-19 12:39 - 2013-10-11 04:54 - 00000000 ____D () C:\Users\Nigel\.shsh
2014-10-18 23:10 - 2013-10-14 23:38 - 00000000 ____D () C:\Users\Nigel\AppData\Local\204F97F3-3D38-41EE-A1A9-FA8BE5878D8B.aplzod
2014-10-18 23:10 - 2013-02-27 19:24 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Apple Computer
2014-10-18 11:46 - 2013-03-01 02:36 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-17 16:59 - 2013-05-29 22:37 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\vlc
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 15:18 - 2014-06-09 02:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 13:00 - 2014-09-22 05:32 - 00000000 ____D () C:\Users\Administrator
2014-10-17 12:04 - 2013-04-22 19:16 - 00000000 ____D () C:\Windows\Minidump
2014-10-16 16:56 - 2013-03-01 15:33 - 00847994 _____ () C:\Windows\system32\perfh019.dat
2014-10-16 16:56 - 2013-03-01 15:33 - 00204178 _____ () C:\Windows\system32\perfc019.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00787002 _____ () C:\Windows\system32\perfh005.dat
2014-10-16 16:56 - 2013-03-01 15:09 - 00195964 _____ () C:\Windows\system32\perfc005.dat
2014-10-16 16:56 - 2009-07-14 01:13 - 02972908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 21:24 - 2014-04-23 06:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-14 21:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 19:14 - 2013-12-13 17:25 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-14 19:14 - 2013-12-11 04:29 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-10-14 18:23 - 2013-03-01 23:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 18:05 - 2013-07-13 02:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 17:22 - 2013-02-27 17:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 15:35 - 2013-03-01 18:15 - 00000000 ____D () C:\Users\Guest
2014-10-14 15:20 - 2014-08-20 02:49 - 00000000 ____D () C:\Users\Nigel\AppData\Local\WinZip
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-14 15:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-06 20:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-02 12:45 - 2013-09-20 20:09 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-10-02 12:45 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2014-10-02 02:19 - 2013-04-20 01:19 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\dvdcss
2014-10-01 11:11 - 2014-06-09 02:48 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-09 02:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2013-12-11 13:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 12:45 - 2013-03-19 17:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-24 04:33 - 2013-02-27 22:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 04:33 - 2013-02-27 22:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 04:33 - 2013-02-27 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\Nigel\AppData\Local\Temp\lowproc.exe
C:\Users\Nigel\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-24 08:41

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Nigel at 2014-10-24 23:47:35
Running from C:\Users\Nigel\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.166.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - Canon Inc.)
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.2139.36919 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DMG Extractor (HKCU\...\DMG Extractor) (Version: 1.2.3.0 - Reincubate Ltd)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
ImTOO iPhone Photo Transfer (HKLM-x32\...\ImTOO iPhone Photo Transfer) (Version: 1.1.4.20131114 - ImTOO)
ImTOO iPhone SMS Backup (HKLM-x32\...\ImTOO iPhone SMS Backup) (Version: 1.0.13.20140211 - ImTOO)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.6.6.0 - Reincubate Ltd)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.14.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PE988 (HKLM\...\{6F8ECA7B-420F-4D63-B866-B83737EB3E76}) (Version: 6.0.77 - YUAN)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0409-1000-0000000FF1CE}_Office14.OMUI.en-us_{E8C86A07-99F1-4750-A6CF-C4ED5211A146}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoDownloaderUltimate (HKCU\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.23 - Link64)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Advanced Micro Devices (amdide64) hdc  (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Windows Driver Package - Apple (Netaapl) Net  (07/12/2011 1.8.4.2) (HKLM\...\E3446990DE8D5843AECCB8B0EF4E7D8DBF5E78B2) (Version: 07/12/2011 1.8.4.2 - Apple)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/20/2010 6.3.0.3500) (HKLM\...\79B5284AC8847651E6939E5B2FB1A473E6C9D19B) (Version: 01/20/2010 6.3.0.3500 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (01/28/2010 6.3.0.3800) (HKLM\...\5BB2352543C023211B5CDA6229832626C218EB7F) (Version: 01/28/2010 6.3.0.3800 - Broadcom Corporation)
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (11/08/2011 6.0.32.0077) (HKLM\...\34BE71CBF435D6B34FFAF9BA68AD921E99CF4065) (Version: 11/08/2011 6.0.32.0077 - YUAN TV DRIVER)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

04-10-2014 15:26:38 Removed iCloud
04-10-2014 15:30:47 Installed iCloud
05-10-2014 15:50:44 Windows Update
05-10-2014 23:00:22 Windows Backup
08-10-2014 19:37:35 Windows Update
10-10-2014 04:01:33 Microsoft Antimalware Checkpoint
12-10-2014 00:32:26 Windows Update
12-10-2014 23:01:33 Windows Backup
14-10-2014 18:00:01 Restore Operation
14-10-2014 19:36:04 Windows Backup
14-10-2014 21:20:04 Windows Update
16-10-2014 19:17:02 Windows Backup
16-10-2014 23:08:12 Reimage Express Restore Point
17-10-2014 12:55:06 Reimage Express Restore Point
17-10-2014 13:09:23 Uninstalled with Total Uninstall ""
17-10-2014 15:53:12 Revo Uninstaller's restore point - Google+ Auto Backup
17-10-2014 16:51:36 Installed STOPzilla
17-10-2014 17:00:05 STOPzilla Restore Point.
17-10-2014 18:00:24 Removed STOPzilla
18-10-2014 17:58:42 Windows Update
19-10-2014 16:17:02 Microsoft Antimalware Checkpoint
19-10-2014 19:50:27 Removed Adobe Acrobat XI Pro.
19-10-2014 23:03:13 Windows Backup
20-10-2014 16:07:42 Removed Java 8 Update 25
20-10-2014 16:24:27 Removed Java 8 Update 25
20-10-2014 16:44:36 Installed Java 7 Update 71 (64-bit)
20-10-2014 17:19:23 Installed Java 7 Update 72 (64-bit)
21-10-2014 09:48:22 zoek.exe restore point
24-10-2014 14:20:42 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-03-01 02:10 - 2014-10-23 18:02 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {000612EA-70A0-4C63-89A1-8C5AEA7EFE8D} - System32\Tasks\{2C7ACBC0-7276-4542-8CD7-529B4D9AA8CC} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {006F7C01-5F0E-4150-9C4D-DE30C78C24A1} - System32\Tasks\{5FB22839-DCD7-44B2-8A12-F735271B7366} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {02E826AC-35DE-482B-94B2-15A0559936CE} - System32\Tasks\{81C5B8D4-8F2D-4A27-9184-EED41C281D3E} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {05A07841-8538-4FA8-A72E-58D63EF246DB} - System32\Tasks\{A2992F5E-09C1-403A-B59B-A743630AD888} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {0A818F3C-A3E3-4122-B3F0-19729F7CCE12} - System32\Tasks\{7DB33574-0FEC-4FC6-92B5-1663FE05B401} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {0DCD46B0-0A93-41AF-A417-D30980C7434D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {1038BF1B-FF84-473E-9470-CF2542F8734B} - System32\Tasks\{621D54F1-F962-49FF-80F3-E4901E48F97F} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {10ADD4C1-18C7-4959-B6A6-55B7612B9981} - System32\Tasks\{9B93F1C1-BAE0-4547-A7F4-436DCB981174} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {123565F3-0D19-410B-A6DA-88F89AD0DB10} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {12EFB081-B6B7-498C-B0EB-5B466DCAC3DB} - System32\Tasks\{C1FD0AF3-F142-4A98-8F71-C27459CCC326} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {169AAA98-589D-4EF5-99E6-164E9E990614} - System32\Tasks\{73CE8116-3FE9-4BB0-9ECF-FF9EF71B71CC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {169CA07C-AC46-4953-8DA6-2580DBCF974F} - System32\Tasks\{2D439E47-B377-4F2A-84A7-1FFFB9315E27} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {186E7797-9FE8-4A70-9B8A-BB997C6DC598} - System32\Tasks\{CC0FD0E2-776D-4B23-B75B-DA619AA69C1B} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {1AFB0322-06B1-4B25-A4D1-2EC13633A456} - System32\Tasks\{10054E13-B4D2-4038-A149-7D7CD286D5BC} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: {1FE31CA9-9587-4D90-B97B-4874FE0DD994} - System32\Tasks\{3809E01F-7D74-419D-A04E-475AC9AC0104} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {2199150D-38EE-40E0-932A-C547AFC1CDCE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {22E21245-ACCB-45D9-86D9-43D186C24EE0} - System32\Tasks\{1C9473D9-9587-4262-BED4-CE9A0A5B7132} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {23925085-F16B-480C-893C-00F6B4471DB4} - System32\Tasks\{6FCAAA83-1380-4B01-827E-618BDC4C8749} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {251F1F0E-642E-4773-9A4F-BEB433A9277B} - System32\Tasks\{0F35E7D5-B3FA-4E4F-B3C2-695339938076} => C:\Users\Public\Documents\ATISetup.exe [2013-02-14] (Advanced Micro Devices, Inc.)
Task: {26D1CC47-7787-49E1-91F4-1C5B5053B481} - System32\Tasks\{28980DF0-B3B8-477B-B624-7B366C1E9F82} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {293E9808-104D-47BB-BAAD-6C879853839B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2963DDCF-57EB-43AE-890A-DF5A98B7AEC7} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe
Task: {29FCDBB3-E067-422E-B938-73B7521C3370} - System32\Tasks\{84129D00-A527-4272-9EAF-734B4C1137A6} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {317E9D0C-E965-4647-AF45-C426E3C47409} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {32608733-4D6D-47E7-89BF-37F1B22B89B9} - System32\Tasks\{DAE296A8-D8A2-4199-8500-2224FE88CDAF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {349B5B62-DEAF-4B16-93FE-DE7C169ABE66} - System32\Tasks\ReclaimerUpdateFiles_Nigel => C:\Users\Nigel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-20] (RealNetworks, Inc.)
Task: {368FD478-750D-48DA-98C1-91A0AC9154BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3885C983-81FD-4929-94F2-BADDDEC585E8} - System32\Tasks\{E9D746C0-8108-4D3F-856F-0B8E88844D63} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {3A28F420-CA2E-41C7-98E6-090BD717828D} - System32\Tasks\{1BB641A5-4C01-461B-A3CA-3EE7A8AFC753} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {3AE4BFDD-06D3-4A72-A031-752C12C5A1FC} - System32\Tasks\{3CED81EB-75E9-4886-9345-6F8A59F71133} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {3AE64DE5-B4CB-4FEE-8261-3C44EC6592F2} - System32\Tasks\{DA2D6784-B468-41D6-A9C3-E6456F0ECEDC} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {3C0C5E3A-2FD6-4BE1-9044-A2D75313532F} - System32\Tasks\{3A0372C4-11E7-4A9F-97D8-DA624D7A58FD} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {3FC269B9-8C6C-4A9E-9628-2490CDAF8E1D} - System32\Tasks\{F565868D-6352-46C1-9D78-ACC152BA5AFC} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4351F10C-E69D-4B69-945D-08C1F0EBDD8A} - System32\Tasks\{8F6CAC86-F380-4C50-8006-36939E72777D} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {449F4E01-3C7C-4D28-ABBA-828539A83685} - System32\Tasks\{C418A8B2-9255-49E4-A6E9-4D7CA82ADDD3} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {44E0ECA0-F601-4090-B027-8CD419F677AD} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {459C1231-E4FD-4849-B9C5-FBA0C5BB8245} - System32\Tasks\{2A23BB18-DE5C-43BD-BC52-72961C9849D3} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {467D8819-3E3A-417E-863A-3DF0E112FCB5} - System32\Tasks\{AE34398D-666B-4CCE-BC8F-DB48148EA13F} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {4BE74FA7-42CD-41FE-B40D-F9E9C441537E} - System32\Tasks\{BAF80243-FBA1-4E89-95EB-C0D3AA496914} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {4F2DEE36-7405-4E0C-8129-21A2BBD59B4E} - System32\Tasks\{AEE3B048-B798-479B-B577-03A229A26271} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {51745400-A8A2-46E2-A2AA-F90FD82B42A5} - System32\Tasks\{924020A1-5A40-46D8-ADE0-8DF0D267C4CA} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {51DF843C-2317-46CB-8DCD-9786748EF292} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {56459790-A92F-4CDA-AF94-876D74EBEC31} - System32\Tasks\{9FAA2EAA-5333-4F67-897D-042DC1118AEF} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {5852944E-E3BF-47B0-A8CD-EE9B9FCC856C} - System32\Tasks\{48E4D8DA-0C19-4658-B79C-C5078590BEEF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {59D050C2-9DFB-4BBB-9BEF-9B5072BDAE74} - System32\Tasks\{FE23A538-ED0A-40E0-87B2-0FA07139C608} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {5A655E23-C498-4B5F-A959-B0588BD8C6CB} - System32\Tasks\{73825FD6-27E8-44E3-A92D-5506AD1B97FA} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {5C75FAF9-9DA8-4844-8416-2228A7785B44} - System32\Tasks\{FC2419A3-3ADC-4196-AAA4-5A5977A662CF} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {6032B365-3830-4CD5-AE92-FE6D4561AE51} - System32\Tasks\{881571A8-9200-4CB5-B498-2A83A9E86DA6} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {60E328B8-E650-45BE-8878-404EE5B610F8} - System32\Tasks\{87D481AC-6BB3-4473-B7AD-3607DCEA8756} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {6260FD1A-D38B-44C5-A055-52AB153435FD} - System32\Tasks\{11B3F5B9-1B08-4582-8226-996CDA70793D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {667FC555-EBE8-4B7E-A24B-C32A0943A876} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {67309B44-4BBA-46A8-94CE-66F0E4118D55} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7033CB6B-822E-422C-B3A5-285638759605} - System32\Tasks\{F92FDF9D-A098-4E5B-A8B0-BFD8B84ACFF9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {708D0DCC-2C04-499E-BB51-26648D454A7B} - System32\Tasks\{C174E770-DDA8-43A4-B145-1DDB63E80EFB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {77090DF9-6BCB-46BD-A052-595EF90E516D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {79C33A83-58DD-44FC-87EE-B1EAC391332E} - System32\Tasks\{4A2DD742-0F4E-41E5-8164-8C4079E1D14C} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {7C43B3B7-D555-40E2-9548-D0461CBC676F} - System32\Tasks\{7B644DAF-35C5-439A-952A-E355469DEE4A} => C:\AMD\Support\13-4_vista_win7_win8_64_dd_ccc_whql\Setup.exe [2013-03-28] (Advanced Micro Devices, Inc.)
Task: {7D16292D-72E8-4AE0-A281-77217F353C3C} - System32\Tasks\{C6D7FCF8-E7B1-4703-8194-D75C03B4DF37} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {7EC72E42-E0D9-4DB7-B499-3BC25912A497} - System32\Tasks\{4AACEB05-CFC0-4279-9403-CC99773EDDCF} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {7F733B87-02E8-479E-8440-514AE88C24A7} - System32\Tasks\{6D7101B6-EC94-4CD8-9786-A08EE5E54F8F} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {807F5556-47D5-4EC7-8562-1CC7C96009B0} - System32\Tasks\Eakona Update => C:\ProgramData\Eakona\update15.exe
Task: {83AFC484-8A32-40B4-8A02-9E064C609D88} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {84589CC3-E682-4196-B545-F1A996BDD4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {84CFA5CB-FE45-4E62-8842-A69B2BC7833D} - System32\Tasks\{544F44BF-F291-4E18-8BF3-60C0E38A8E9D} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {8565466B-33EA-453A-9A44-FB10FED0EBE0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {8C433082-E77E-4688-BF0E-6CB3A25A77DD} - System32\Tasks\{1D1A5A4A-8E61-4697-AC2F-51D7EE009786} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {90473550-E850-4BFB-9244-5EE77EF732AA} - System32\Tasks\{1F60F57D-30CA-4034-BC06-941D7B6CD9F0} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {951DCD93-192C-435E-A657-97B8861D29D7} - System32\Tasks\{72C600E9-A2FB-4A6C-8EDB-4B7FD35F3BE0} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {96878061-26E9-49D3-8B8B-6CC548CA5809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {992CD035-8FA6-4179-8F27-6451EAC9B25E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {A08E06B3-13BE-4A64-8BE4-BA75BFE3CF80} - System32\Tasks\{DCD6F798-3E9A-4E0B-BD8F-4F1A56C6E1A5} => C:\Users\Nigel\Downloads\USB Human Interface Device 33b51d98912fa395f47d492c06592e62\USB Human Interface Device 33b51d98912fa395f47d492c06592e62.exe
Task: {A5E73495-E96E-4AB8-AF93-C21EC0416E5A} - System32\Tasks\{1A248453-EA28-4123-BDBE-21B643214981} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {A5FEAF99-0991-43FE-AA1F-D8046B57BAEE} - System32\Tasks\{E053BCD8-88B4-40F6-B0E9-54B4C0E2DB24} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {A865B493-DC39-4096-A89C-F345384C3AF4} - System32\Tasks\{6F328AA4-E7BC-4E55-8580-8DD694CC3ADB} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {A8818490-0854-4337-B395-4A370F92FE89} - System32\Tasks\{21766169-89C2-49F6-BB8F-AB224E395A1B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {AB23705A-DE13-4C0F-9DC8-275734E6618D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB54D713-8B71-4989-A1B2-F224EB44A3AE} - System32\Tasks\{8571D682-9355-4007-A9C8-52B226CC06A8} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {AEA2DCEC-1540-4417-808E-F885D955417D} - System32\Tasks\{F42A0C80-5557-42CB-8465-6164EBAD88A8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {AEB6797F-3C8C-4FEC-ADF2-D899CAF39D65} - System32\Tasks\{4BD65B01-0AE9-4A43-B2F7-CF6128EA21A9} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {AF7D2CEF-584D-4481-8C36-2503A983A9DB} - System32\Tasks\AdobeAAMUpdater-1.0-Nigel-PC-Nigel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {B2EE0003-6F1B-4C22-8D48-992FB5AABE0A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B41A22EC-4CB5-4AFE-8BEA-5B01E5AE43EE} - System32\Tasks\{E400AB86-5A44-4228-A3CE-AF605BA9AF62} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {B7FC23B2-7EC7-4C96-8161-B3CFB715E737} - System32\Tasks\{9ED700B8-ECDA-427C-B8E3-2791A2E2DCD7} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {BBC765F7-D309-4BD8-BA18-A107F6F5948E} - System32\Tasks\{077AA7A5-1BD3-4EFA-ABDB-DFB6174D3071} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C11C6FBD-A367-4737-8923-386DAD5DC884} - System32\Tasks\{B15A5C3F-6909-4D9D-AEEA-7873D50CBFC1} => C:\Users\Nigel\AppData\Roaming\Easeware\DriverEasy\drivers\sqnb3bkh.g5k\13-4_vista_win7_win8_64_dd_ccc_whql.exe
Task: {C3F97A9C-6154-4CED-BFDC-028EF0188789} - System32\Tasks\{F153F805-2E31-4E5B-97C7-FD71BC0BEB55} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {C435B79A-12EE-4AF1-9117-FC0211600E4D} - System32\Tasks\{50FFBF50-AA52-4ED1-B6A2-ABE0AB7A1FA8} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Task: {CF517E06-FF2E-40D8-90A8-38618541F7C7} - System32\Tasks\{25E512C9-6BF5-4F04-AD7A-771D90B5EA74} => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [2012-11-27] ()
Task: {D7F7BD77-BA36-439A-912A-E42FFD28F48F} - System32\Tasks\{D8FD28E2-15C2-4D62-A60C-F8B55E46DD86} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DDD4F934-C2EF-42A7-A324-93D7B98AF47E} - System32\Tasks\{9FBD2980-03DB-418A-8BE2-EFEF5DFC542B} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {DF1AD657-5EA2-47B0-98BF-F60D6C449CB5} - System32\Tasks\{74F22C14-D49E-46A3-89CB-999F91FAE2D9} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {DF61FCD0-E3FE-4055-9FCD-C17C2A9196F3} - System32\Tasks\{5F84FB09-08A8-499F-B17F-7CCCA4EE158D} => C:\Users\Nigel\Desktop\System Drivers\SetupBtwDownloadSE.exe
Task: {E5004064-C3D0-4FB4-BC0E-D9653316B938} - System32\Tasks\{154733BA-4DA3-4301-AD83-0230D0C5461D} => C:\NVIDIA\DisplayDriver\326.01\Win8_WinVista_Win7\International\Display.Driver\NvCplSetupInt.exe
Task: {E605B7D6-DB52-4020-9B63-D4FB2ED3B067} - System32\Tasks\{FB5E2E38-F3B5-4A82-9033-18D3A4773C95} => C:\Users\Nigel\Desktop\SetupBtwDownloadSE.exe
Task: {E9FBC6F9-B382-4931-B10F-BE788B37743E} - System32\Tasks\{52EC31A4-035C-4281-B156-1FFA146BEFB5} => C:\Program Files (x86)\FVD Player\FVD Player.exe
Task: {EF39CFC0-6789-43E7-B770-1BD31EACB6A4} - System32\Tasks\{698C9EF4-C460-4000-8D89-333C6772CA58} => C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe [2010-07-30] (JMicron Technology Corp.)
Task: {F0ADDC43-8010-4AD0-9C2A-3DCDF5A12CCD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-425073729-1472267466-4260431720-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {F2AB3193-B105-41BA-ACC2-A89251B966ED} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe
Task: {FCA5B4FE-154E-4649-82C9-519B0DFFAEA0} - System32\Tasks\{EC9BF912-F05C-4B56-B200-82F74A037AD0} => C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000Core.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-425073729-1472267466-4260431720-1000UA.job => C:\Users\Nigel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-19 17:05 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-07-30 05:04 - 2014-07-30 05:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-10 16:27 - 2014-10-24 23:24 - 00864856 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ASCAntivirusSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 3
MSCONFIG\Services: RealPlayer Desktop Service => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 3
MSCONFIG\Services: WRSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk => C:\Windows\pss\Install Webroot IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk => C:\Windows\pss\LaunchU3.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A1Clean.lnk => C:\Windows\pss\A1Clean.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JustCloud.lnk => C:\Windows\pss\JustCloud.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nigel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
MSCONFIG\startupreg: mmonitor => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe hide=1
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: swg => c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Nigel\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-425073729-1472267466-4260431720-500 - Administrator - Disabled)
Guest (S-1-5-21-425073729-1472267466-4260431720-501 - Limited - Enabled) => C:\Users\Guest
Nigel (S-1-5-21-425073729-1472267466-4260431720-1000 - Administrator - Enabled) => C:\Users\Nigel

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 11:25:43 PM) (Source: MsiInstaller) (EventID: 11714) (User: Nigel-PC)
Description: Product: RealDownloader -- Error 1714. The older version of RealDownloader cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (10/23/2014 06:08:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 70.1.168.192.in-addr.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 70.1.168.192.in-addr.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Nigel-PC.local already in use; will try Nigel-PC-2.local instead

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Nigel-PC.local. AAAA FE80:0000:0000:0000:E05F:B4BA:4FC3:8D20

System errors:
=============
Error: (10/24/2014 06:18:33 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.185.3788.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (10/24/2014 06:18:33 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.185.3788.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (10/23/2014 06:17:50 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.185.3788.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (10/23/2014 06:17:50 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.185.3788.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (10/23/2014 06:07:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (10/23/2014 06:07:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (10/23/2014 06:07:03 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/23/2014 06:06:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LiveUpdate service failed to start due to the following error:
%%2

Error: (10/23/2014 06:06:29 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (10/23/2014 06:03:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SNMP Service service failed to start due to the following error:
%%1069

Microsoft Office Sessions:
=========================
Error: (10/24/2014 11:25:43 PM) (Source: MsiInstaller) (EventID: 11714) (User: Nigel-PC)
Description: Product: RealDownloader -- Error 1714. The older version of RealDownloader cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/23/2014 06:08:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 0.2.D.8.3.C.F.4.A.B.4.B.F.5.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 5.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.F.7.0.C.F.D.B.6.0.3.0.2.0.6.2.ip6.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 70.1.168.192.in-addr.arpa. PTR Nigel-PC-2.local.

Error: (10/23/2014 06:07:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.70:5353   16 70.1.168.192.in-addr.arpa. PTR Nigel-PC.local.

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Nigel-PC.local already in use; will try Nigel-PC-2.local instead

Error: (10/23/2014 06:07:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Nigel-PC.local. AAAA FE80:0000:0000:0000:E05F:B4BA:4FC3:8D20

==================== Memory info ===========================

Processor: AMD Athlon™ 7450 Dual-Core Processor
Percentage of memory in use: 29%
Total physical RAM: 8191.3 MB
Available physical RAM: 5798.5 MB
Total Pagefile: 20473.48 MB
Available Pagefile: 17740.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (New Volume) (Fixed) (Total:298.09 GB) (Free:142.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (NIGEL SYS) (Removable) (Total:3.73 GB) (Free:1.65 GB) FAT32
Drive k: () (Fixed) (Total:465.76 GB) (Free:180.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D93C5615)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: DD63B194)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== End Of Log ============================


  • 0

#57
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi :)

Naat, did you still want to manually uninstall the following programs: IOBit Apps Toolbar, Quick Share and IOBit Malware Fighter since I received an error message when trying to uninstall it.


I'd love to see them go, but there isn't any indication of them in the logfiles. Do you still have got them installed?
  • 0

#58
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

I spoke to soon..... Did not realize that they were already uninstalled....... My bad....... OK so what do we do next...


  • 0

#59
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

 

 

This is a very good question. Please update me what issues remain.


  • 0

#60
nfmaharaj

nfmaharaj

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts

Naat, thank you again for all your help. At least so far I am not getting those pop up browser windows. Is there any suggestions on any programs that I should have to prevent this happening in the future or is the MSE and Malwarebytes anti-malware programs that I currently have  sufficient? Should I keep to utilize any of the programs that was needed to fix my computer or should I just remove them from my system now? Also with all of the programs that was removed from my computer I am surprise that the available free space on my C drive is about the same. Is that something that you could look at for me or would someone else have to do that? Lastly and in closing I really wish I could buy you a whole case of beers for your help, but unfortunately currently I can not even afford to buy myself one. That is why I reached out to Geeks To Go for assistance. However don't be surprised that hopefully one day I may be able to repay you in demonstrating my gratitude.


  • 0






Similar Topics


Also tagged with one or more of these keywords: Systems, Slow response, browser

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP