Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Explorer.EXE Parameter Incorrect

Started by milo24 , Jun 04 2015 12:56 PM

This topic is locked

#1
milo24

Posted 04 June 2015 - 12:56 PM

New Member

Member
8 posts

I've been having issues with my PC, Windows 8.1 64bit... it's on my taskbar, the File Explorer icon when I click on it, it pops up with a window call "Explorer.EXE" Parameter is Incorrect. I can open a window with the window + E Key or by clicking a window else where but not from the Taskbar pinned window. I have unpinned it and repinned it, still nothing. The actual Explorer file in C:/Windows folder pops up with a "shell:::{520.....}" issue, but the Explorer file in SysWOW64 folder works just fine. Here are my logs below:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015

Ran by doublelq (administrator) on VOLDEMORT on 04-06-2015 11:11:45

Running from C:\Download

Loaded Profiles: doublelq (Available Profiles: doublelq)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe

(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe

(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe

(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe

(MSI) C:\Program Files (x86)\SCM\SCM.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe

(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe

(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe

(Eberhard Werle) C:\Program Files (x86)\Calibrize\CalibrizeResume.exe

() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2014-04-23] (ELAN Microelectronics Corp.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp

HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)

HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)

HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-22] (NVIDIA Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)

HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)

HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)

HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2014-03-30] (Power Software Ltd)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM\...\runonceex: [Flags] =>

HKLM\...\runonceex: [Title] => RAPID uninstall cleanup using key [0001]

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS)

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\Run: [CGFLoader] => C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe [1961984 2007-11-26] (Colorjinn)

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\Run: [CalibrizeResume] => C:\Program Files (x86)\Calibrize\CalibrizeResume.exe [413696 2007-11-26] (Eberhard Werle)

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\MountPoints2: {6506b9b9-b499-11e4-82b0-448a5b44a08c} - "H:\fscommand\LS_Start_Launch.exe"

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-04-24]

ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

Startup: C:\Users\lloyd_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-04-23]

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg...fr&d=2014-08-3109:44:40&v=18.1.9.799&pid=safeguard&sg=&sap=hp

SearchScopes: HKLM -> {8212AAED-8D65-4759-BD50-72AF52570364} URL =

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1041425116-2400648983-129056087-1002 -> {8212AAED-8D65-4759-BD50-72AF52570364} URL =

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\lloyd_000\AppData\Roaming\Mozilla\Firefox\Profiles\pl25nwr1.default

FF DefaultSearchEngine.US: Google

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1041425116-2400648983-129056087-1002: @citrixonline.com/appdetectorplugin -> C:\Users\lloyd_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-06-26] (Citrix Online)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

FF Extension: Adblock Plus - C:\Users\lloyd_000\AppData\Roaming\Mozilla\Firefox\Profiles\pl25nwr1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-14]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:

=======

CHR Profile: C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-13]

CHR Extension: (Google Drive) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-13]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-13]

CHR Extension: (YouTube) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-13]

CHR Extension: (Google Search) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-13]

CHR Extension: (Google Wallet) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-13]

CHR Extension: (Gmail) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-13]

CHR Profile: C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Beatlab) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk [2014-06-18]

CHR Extension: (Facebook Video Downloader) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-04-19]

CHR Extension: (Google Drive) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-18]

CHR Extension: (YouTube) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-18]

CHR Extension: (Adblock Plus) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-10]

CHR Extension: (Google Search) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-18]

CHR Extension: (Combat 3) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fibihokcbohbhcblofebdholmfocjjcj [2014-06-18]

CHR Extension: (Bookmark Manager) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]

CHR Extension: (Google Wallet) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-18]

CHR Extension: (vidIQ Vision for YouTube) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2014-10-07]

CHR Extension: (Evernote Web Clipper) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-04-23]

CHR Extension: (Gmail) - C:\Users\lloyd_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2014-04-23] (ELAN Microelectronics Corp.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-22] (NVIDIA Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)

R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [File not signed]

R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()

R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-22] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-22] (NVIDIA Corporation)

R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [File not signed]

R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)

R2 StartMenuReviverService; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [765048 2014-09-17] (ReviverSoft)

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1728592 2015-02-02] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)

S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [293856 2015-05-04] (AVG Technologies CZ, s.r.o.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)

R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)

S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-05-06] (Phoenix Technologies) [File not signed]

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-05-14] ()

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-04-23] (Intel Corporation)

S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-11] (Windows ® Win 7 DDK provider)

R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)

R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3494680 2014-12-08] (Intel Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-22] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-04-23] (Realsil Semiconductor Corporation)

S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation)

S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)

R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)

R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)

R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)

R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()

S3 HWiNFO32; \??\C:\Users\LLOYD_~1\AppData\Local\Temp\HWiNFO64A.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 11:11 - 2015-06-04 11:11 - 00000000 ____D C:\FRST

2015-06-04 09:40 - 2015-06-04 09:40 - 00000000 ____D C:\Users\lloyd_000\Desktop\Zella

2015-06-04 00:29 - 2015-06-04 00:29 - 00000000 ____D C:\Users\lloyd_000\Desktop\40

2015-06-03 14:07 - 2015-06-03 14:07 - 00001593 _____ C:\Users\lloyd_000\Desktop\filezilla.lnk

2015-06-03 13:04 - 2015-06-03 13:04 - 00000000 ____D C:\Windows\LastGood.Tmp

2015-06-03 13:04 - 2015-05-28 03:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2015-06-03 13:04 - 2015-05-28 03:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2015-06-03 13:04 - 2015-05-28 03:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2015-06-03 10:37 - 2015-04-16 02:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2015-06-03 10:37 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll

2015-06-03 10:37 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll

2015-06-03 10:37 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll

2015-06-03 10:37 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll

2015-06-03 10:37 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll

2015-06-03 10:37 - 2015-04-08 18:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml

2015-06-03 10:37 - 2015-04-01 18:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2015-06-03 10:37 - 2015-04-01 18:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2015-06-03 10:37 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2015-06-03 10:37 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2015-06-03 10:37 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2015-06-03 10:37 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2015-06-03 10:37 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2015-06-03 10:37 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2015-06-03 10:37 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2015-06-03 10:37 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2015-06-03 10:37 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2015-06-03 10:37 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2015-06-03 10:37 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2015-06-03 10:37 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2015-06-03 10:37 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2015-06-03 10:37 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll

2015-06-03 10:37 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2015-06-03 10:37 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll

2015-06-03 10:37 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2015-06-03 10:37 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll

2015-06-03 10:37 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll

2015-06-03 09:12 - 2015-06-03 09:12 - 00000000 ____D C:\Program Files\Speccy

2015-06-02 09:38 - 2015-06-02 09:38 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\GWX

2015-06-01 23:05 - 2015-06-01 23:05 - 00002809 _____ C:\Users\Public\Desktop\Windows Tweaker 5.3.1.lnk

2015-06-01 23:05 - 2015-06-01 23:05 - 00000000 ____D C:\ProgramData\Windows Tweaker

2015-06-01 23:05 - 2015-06-01 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Tweaker

2015-06-01 23:05 - 2015-06-01 23:05 - 00000000 ____D C:\Program Files (x86)\Windows Tweaker

2015-06-01 18:19 - 2015-06-01 18:20 - 00000000 ____D C:\Users\lloyd_000\Desktop\New folder

2015-06-01 18:00 - 2015-04-03 09:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2015-06-01 18:00 - 2015-04-03 09:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2015-05-31 03:10 - 2015-06-04 09:40 - 00000700 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1041425116-2400648983-129056087-1002.job

2015-05-31 03:10 - 2015-05-31 03:10 - 00003708 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1041425116-2400648983-129056087-1002

2015-05-21 22:52 - 2015-05-30 17:50 - 00000000 ____D C:\msc

2015-05-20 18:27 - 2015-05-20 18:27 - 00001229 _____ C:\Users\lloyd_000\Desktop\NFS Rivals.lnk

2015-05-19 09:15 - 2015-05-28 03:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2015-05-19 09:15 - 2015-05-12 02:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll

2015-05-19 09:15 - 2015-05-12 02:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll

2015-05-15 17:11 - 2015-05-15 17:11 - 00001078 _____ C:\Users\lloyd_000\Desktop\Exif Tag Remover.lnk

2015-05-15 17:11 - 2015-05-15 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exif Tag Remover

2015-05-15 17:11 - 2015-05-15 17:11 - 00000000 ____D C:\Program Files (x86)\Exif Tag Remover

2015-05-15 17:11 - 2004-03-08 23:00 - 00609824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.ocx

2015-05-14 14:12 - 2015-05-14 14:12 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys

2015-05-14 14:09 - 2015-05-14 14:09 - 00001876 _____ C:\Windows\system32\.crusader

2015-05-14 13:58 - 2015-05-14 14:09 - 00000000 ____D C:\ProgramData\HitmanPro

2015-05-14 10:49 - 2015-05-14 10:50 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\Mozilla

2015-05-14 10:49 - 2015-05-14 10:50 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\Mozilla

2015-05-14 10:49 - 2015-05-14 10:49 - 00000000 ____D C:\ProgramData\Mozilla

2015-05-14 08:58 - 2015-04-08 20:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll

2015-05-14 08:58 - 2015-04-08 20:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll

2015-05-13 10:54 - 2015-05-13 10:54 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk

2015-05-13 10:54 - 2015-05-13 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

2015-05-13 10:04 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-13 10:04 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-05-13 09:24 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-05-13 09:24 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-05-13 09:24 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-05-13 09:24 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-05-13 09:24 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-05-13 09:24 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-05-13 09:24 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-05-13 09:24 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-05-13 09:24 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-05-13 09:24 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-05-13 09:24 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2015-05-13 09:24 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-05-13 09:24 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-05-13 09:24 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-05-13 09:24 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2015-05-13 09:24 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-05-13 09:24 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-05-13 09:24 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-05-13 09:24 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-05-13 09:24 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-05-13 09:24 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-05-13 09:24 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-05-13 09:24 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-05-13 09:24 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-05-13 09:24 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-05-13 09:24 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-05-13 09:24 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2015-05-13 09:24 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-05-13 09:24 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-05-13 09:24 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-05-13 09:24 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2015-05-13 09:24 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-05-13 09:24 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-05-13 09:24 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-05-13 09:24 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-05-13 09:24 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-05-13 09:24 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-05-13 09:24 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-05-13 09:24 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-05-13 09:24 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-05-13 09:24 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-05-13 09:24 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-05-13 09:24 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-05-13 09:24 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-05-13 09:24 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2015-05-13 09:24 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2015-05-13 09:24 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2015-05-13 09:24 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2015-05-13 09:24 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2015-05-13 09:24 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-05-12 09:21 - 2015-05-12 09:24 - 00000000 ____D C:\AdwCleaner

2015-05-10 20:21 - 2015-05-10 20:21 - 00000000 ____D C:\ProgramData\Origin

2015-05-10 20:17 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll

2015-05-10 20:17 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

2015-05-10 20:17 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll

2015-05-10 20:17 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll

2015-05-10 20:17 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll

2015-05-10 20:17 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

2015-05-10 20:13 - 2015-05-10 20:13 - 00000000 ____D C:\Games

2015-05-10 00:08 - 2015-05-10 00:08 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\weblifypostextractor

2015-05-07 16:06 - 2015-05-07 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2015-05-07 13:49 - 2015-05-07 13:49 - 00253920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2015-05-07 13:49 - 2015-05-07 13:49 - 00220128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2015-05-06 20:33 - 2015-06-03 13:13 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-05-06 20:33 - 2015-05-06 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-05-06 20:33 - 2015-05-06 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-05-06 20:33 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-05-06 20:33 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-05-06 20:33 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-05-06 16:59 - 2015-05-06 17:04 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\Opera Software

2015-05-06 16:59 - 2015-05-06 17:04 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\Opera Software

2015-05-06 16:59 - 2015-05-06 17:04 - 00000000 ____D C:\Program Files (x86)\Opera

2015-05-06 14:59 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2015-05-06 14:59 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2015-05-06 14:59 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys

2015-05-06 14:59 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS

2015-05-06 14:59 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys

2015-05-06 14:59 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll

2015-05-06 14:59 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll

2015-05-06 14:59 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll

2015-05-06 14:58 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll

2015-05-06 14:58 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll

2015-05-06 14:58 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll

2015-05-06 14:58 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll

2015-05-06 14:58 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll

2015-05-06 14:58 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll

2015-05-06 14:58 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys

2015-05-06 14:58 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys

2015-05-06 14:58 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys

2015-05-06 14:58 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll

2015-05-06 14:58 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll

2015-05-06 14:58 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe

2015-05-06 14:58 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe

2015-05-06 14:58 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll

2015-05-06 14:58 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll

2015-05-06 14:58 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

2015-05-06 14:58 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2015-05-06 14:58 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll

2015-05-06 14:22 - 2015-05-06 14:22 - 00013824 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS

2015-05-06 14:16 - 2015-05-06 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64

2015-05-06 14:16 - 2015-05-06 14:16 - 00000000 ____D C:\Program Files\HWiNFO64

2015-05-06 10:01 - 2015-05-06 10:01 - 00001084 _____ C:\Users\lloyd_000\Desktop\Linksys Smart Wi-Fi.lnk

2015-05-06 10:01 - 2015-05-06 10:01 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Linksys Smart Wi-Fi.lnk

2015-05-06 09:53 - 2015-05-06 10:01 - 00000000 ____D C:\ProgramData\Cisco Systems

2015-05-06 08:07 - 2015-05-06 08:07 - 00000000 ___RD C:\Users\lloyd_000\OneDrive

2015-05-05 12:48 - 2015-05-05 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder

2015-05-05 12:48 - 2015-05-05 12:48 - 00000000 ____D C:\Program Files (x86)\Magical Jelly Bean

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 11:11 - 2015-02-13 13:28 - 00000604 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1041425116-2400648983-129056087-1002.job

2015-06-04 11:11 - 2014-06-14 17:38 - 00000000 ____D C:\Download

2015-06-04 11:04 - 2014-06-13 12:25 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1041425116-2400648983-129056087-1002

2015-06-04 10:59 - 2014-06-13 12:05 - 01854321 _____ C:\Windows\WindowsUpdate.log

2015-06-04 10:59 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness

2015-06-04 10:24 - 2014-06-13 12:49 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-04 09:55 - 2015-04-15 15:56 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\JDownloader 2.0

2015-06-04 09:35 - 2014-06-13 13:22 - 00000000 ____D C:\ProgramData\MFAData

2015-06-04 00:43 - 2014-06-14 19:49 - 04551168 ___SH C:\Users\lloyd_000\Desktop\Thumbs.db

2015-06-03 22:56 - 2014-06-15 03:22 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\vlc

2015-06-03 21:39 - 2013-11-13 13:03 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI

2015-06-03 21:32 - 2014-06-13 12:49 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-03 21:32 - 2013-08-22 10:46 - 00035654 _____ C:\Windows\setupact.log

2015-06-03 21:32 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-06-03 20:29 - 2014-10-22 00:25 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\FileZilla

2015-06-03 15:37 - 2014-08-18 23:17 - 00000016 _____ C:\Users\lloyd_000\AppData\Roaming\msregsvv.dll

2015-06-03 13:04 - 2014-11-25 23:42 - 00000000 ____D C:\Temp

2015-06-03 13:04 - 2014-04-24 16:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-06-03 13:04 - 2014-04-24 16:50 - 00000000 ____D C:\ProgramData\NVIDIA

2015-06-03 13:04 - 2013-11-13 16:06 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-06-03 12:13 - 2014-06-14 18:51 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\CrashDumps

2015-06-03 12:07 - 2014-07-30 12:04 - 00000000 ____D C:\DT

2015-06-03 12:06 - 2014-07-30 21:52 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\Mp3tag

2015-06-03 10:50 - 2013-11-13 12:53 - 01362402 _____ C:\Windows\PFRO.log

2015-06-03 10:49 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData

2015-06-03 10:38 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp

2015-06-03 10:05 - 2013-08-22 10:44 - 12802008 _____ C:\Windows\system32\FNTCACHE.DAT

2015-06-03 10:05 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2015-06-03 10:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru

2015-06-03 00:56 - 2014-11-28 09:43 - 00000000 ____D C:\WORK

2015-06-02 21:31 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM

2015-06-02 10:03 - 2015-04-15 15:53 - 00003108 _____ C:\Windows\System32\Tasks\{B78A608D-AB45-4B4C-9B52-2BC1D45B11C9}

2015-06-02 10:00 - 2014-04-24 16:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-06-02 09:57 - 2015-01-29 00:31 - 00004202 _____ C:\Windows\System32\Tasks\Red Giant Link

2015-06-02 09:57 - 2014-04-24 17:35 - 00003014 _____ C:\Windows\System32\Tasks\MSI_Reminder

2015-06-02 09:56 - 2014-12-29 18:17 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2015-06-02 09:54 - 2015-04-17 16:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-06-02 09:54 - 2015-03-17 15:35 - 00003760 _____ C:\Windows\System32\Tasks\AutoKMS

2015-06-02 09:54 - 2014-10-13 21:04 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC

2015-06-01 23:05 - 2014-06-14 17:37 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\Downloaded Installations

2015-06-01 11:21 - 2014-06-23 09:34 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\Skype

2015-06-01 09:37 - 2014-06-13 12:19 - 00000000 ____D C:\Users\lloyd_000\AppData\Local\Packages

2015-05-31 03:10 - 2015-02-13 13:28 - 00003612 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1041425116-2400648983-129056087-1002

2015-05-29 11:52 - 2014-06-23 09:33 - 00000000 ____D C:\ProgramData\Skype

2015-05-28 03:04 - 2014-04-24 16:50 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2015-05-28 03:04 - 2014-04-24 16:50 - 00030966 _____ C:\Windows\system32\nvinfo.pb

2015-05-28 00:15 - 2014-04-24 16:50 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2015-05-28 00:15 - 2014-04-24 16:50 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2015-05-28 00:15 - 2014-04-24 16:50 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2015-05-28 00:15 - 2014-04-24 16:50 - 01059472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll

2015-05-28 00:15 - 2014-04-24 16:50 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2015-05-28 00:15 - 2014-04-24 16:50 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2015-05-28 00:15 - 2014-04-24 16:50 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll

2015-05-28 00:15 - 2014-04-24 16:50 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2015-05-27 06:48 - 2014-04-24 16:50 - 04408727 _____ C:\Windows\system32\nvcoproc.bin

2015-05-22 21:47 - 2014-06-14 17:03 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2015-05-22 21:47 - 2014-06-14 17:03 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2015-05-22 21:47 - 2014-04-24 16:51 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2015-05-22 21:47 - 2014-04-24 16:51 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2015-05-20 13:24 - 2015-04-10 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2015-05-19 22:38 - 2014-12-03 22:24 - 00000000 ____D C:\ProgramData\Corel

2015-05-19 22:26 - 2014-06-28 19:45 - 00000000 ____D C:\Program Files\R.G. Games

2015-05-19 16:43 - 2015-04-04 20:12 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-05-19 16:43 - 2015-04-04 20:12 - 00000000 ___SD C:\Windows\system32\GWX

2015-05-19 09:52 - 2015-04-20 14:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2015-05-16 18:19 - 2014-06-13 12:49 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-16 18:19 - 2014-06-13 12:49 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-15 08:31 - 2013-08-22 11:36 - 00000000 ___HD C:\Windows\ELAMBKUP

2015-05-15 05:16 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache

2015-05-14 17:09 - 2014-07-09 23:01 - 00000132 _____ C:\Users\lloyd_000\AppData\Roaming\Adobe PNG Format CS6 Prefs

2015-05-14 14:12 - 2015-04-20 11:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-14 14:12 - 2015-04-20 11:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-05-14 11:35 - 2014-06-16 11:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2015-05-14 08:58 - 2014-04-24 16:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2015-05-13 10:05 - 2015-03-17 15:21 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-05-13 10:04 - 2015-03-17 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-05-13 10:04 - 2014-06-14 19:55 - 00000000 ____D C:\Windows\system32\MRT

2015-05-13 10:00 - 2014-06-14 19:55 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-05-13 09:58 - 2015-04-20 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-13 09:56 - 2013-08-22 15:11 - 00000000 ____D C:\Program Files\Windows Journal

2015-05-10 20:32 - 2013-11-13 17:09 - 00045417 _____ C:\Windows\DirectX.log

2015-05-08 12:46 - 2014-08-18 23:17 - 00000016 _____ C:\Windows\system32\w3data.vss

2015-05-08 12:46 - 2014-08-18 23:17 - 00000016 _____ C:\Windows\system32\msvcsv60.dll

2015-05-08 12:46 - 2014-08-18 23:17 - 00000016 _____ C:\Windows\msocreg32.dat

2015-05-08 12:46 - 2014-08-18 23:17 - 00000016 _____ C:\ProgramData\autobk.inc

2015-05-07 16:06 - 2014-06-13 12:49 - 00000000 ____D C:\Program Files (x86)\Google

2015-05-06 15:02 - 2015-04-20 11:21 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2015-05-06 14:59 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel

2015-05-06 14:59 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

2015-05-06 12:33 - 2015-01-19 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony

2015-05-06 12:32 - 2014-06-15 14:19 - 00000000 ____D C:\Program Files (x86)\JDownloader

2015-05-06 12:29 - 2014-10-03 10:12 - 00000000 ____D C:\Program Files (x86)\Avid

2015-05-06 12:28 - 2014-10-07 14:53 - 00000000 ____D C:\Users\lloyd_000\AppData\Roaming\Avid

2015-05-06 12:25 - 2015-02-26 23:26 - 00000000 ____D C:\Program Files (x86)\Arbitrage Underdog

2015-05-06 08:07 - 2014-06-13 12:18 - 00000000 ____D C:\Users\lloyd_000

2015-05-05 13:59 - 2013-08-22 11:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-05-05 13:59 - 2013-08-22 11:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-02-26 17:16 - 2015-02-26 17:16 - 0000132 _____ () C:\Users\lloyd_000\AppData\Roaming\Adobe GIF Format CS6 Prefs

2014-07-09 23:01 - 2015-05-14 17:09 - 0000132 _____ () C:\Users\lloyd_000\AppData\Roaming\Adobe PNG Format CS6 Prefs

2014-10-07 15:08 - 2014-10-07 15:10 - 0527164 _____ () C:\Users\lloyd_000\AppData\Roaming\AvidCoreRuntime_Install.log

2014-06-18 23:42 - 2014-07-07 19:24 - 0000409 _____ () C:\Users\lloyd_000\AppData\Roaming\burnaware.ini

2014-08-18 23:17 - 2015-06-03 15:37 - 0000016 _____ () C:\Users\lloyd_000\AppData\Roaming\msregsvv.dll

2014-10-21 22:16 - 2014-10-22 00:24 - 0558080 _____ () C:\Users\lloyd_000\AppData\Roaming\SharedSettings.ccs

2014-06-15 15:19 - 2014-06-15 15:19 - 0000047 _____ () C:\Users\lloyd_000\AppData\Roaming\WB.CFG

2014-09-30 19:33 - 2015-02-02 20:13 - 0001456 _____ () C:\Users\lloyd_000\AppData\Local\Adobe Save for Web 13.0 Prefs

2014-10-17 14:19 - 2014-10-17 14:19 - 0003584 _____ () C:\Users\lloyd_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-02-09 17:33 - 2015-02-09 17:33 - 0000600 _____ () C:\Users\lloyd_000\AppData\Local\PUTTY.RND

2015-05-03 22:53 - 2015-05-03 22:53 - 0007608 _____ () C:\Users\lloyd_000\AppData\Local\Resmon.ResmonCfg

2014-08-18 23:17 - 2015-05-08 12:46 - 0000016 _____ () C:\ProgramData\autobk.inc

2015-02-02 10:34 - 2015-02-02 10:34 - 0010150 _____ () C:\ProgramData\regid.2001-11.com.line2_B16A27B4-D4C6-41C9-9B1B-FDAD060E47A7.swidtag

Files to move or delete:

====================

C:\ProgramData\StartMenuReviver.exe

Some files in TEMP:

====================

C:\Users\lloyd_000\AppData\Local\Temp\proxy_vole95781268724666680.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-01 11:33

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015

Ran by doublelq at 2015-06-04 11:12:09

Running from C:\Download

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1041425116-2400648983-129056087-500 - Administrator - Disabled)

doublelq (S-1-5-21-1041425116-2400648983-129056087-1002 - Administrator - Enabled) => C:\Users\lloyd_000

EFECC8AC4E084107AD59 (S-1-5-21-1041425116-2400648983-129056087-1005 - Limited - Enabled)

Guest (S-1-5-21-1041425116-2400648983-129056087-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1041425116-2400648983-129056087-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

AAS - Ultra Analog VA-2 (HKLM-x32\...\Ultra Analog VA-2) (Version: - Applied Acoustics Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)

Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)

Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)

AVG 2015 (Version: 15.0.4355 - AVG Technologies) Hidden

AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden

Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1402.2101 - Micro-Star International Co., Ltd.)

bl (x32 Version: 1.0.0 - Your Company Name) Hidden

BlueVoda Website Builder 15 (HKLM-x32\...\BlueVoda_Website_Builder_1.0) (Version: 15 - Vodahost)

Boot Configure (HKLM\...\{5DEFD958-7239-4FA0-8B4E-3B532D7A14BF}) (Version: 10.014.02075 - Application)

BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1309.301 - )

Calibrize 2.0 (HKLM-x32\...\Calibrize_is1) (Version: - Colorjinn)

Camel Audio Alchemy64 (HKLM-x32\...\Camel Audio Alchemy64) (Version: 1.25.0 - Camel Audio)

Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio)

CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)

Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)

CoffeeCup Free FTP (HKLM-x32\...\{66F43DBE-6D46-4BCE-831D-0D4C13639BE8}) (Version: 4.5.20 - CoffeeCup Software Inc.)

CoffeeCup HTML Editor (HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\CoffeeCup HTML Editor) (Version: - )

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dfx (HKLM\...\Tiffen-Dfx 3.0) (Version: 3.0 - Tiffen)

Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.)

Dragon Gaming Center (x32 Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden

DxO FilmPack 4 (HKLM\...\{E3EA84E1-2CC5-479F-8A5F-DFFF619E58D8}) (Version: 4.5.59.0 - DxO Labs)

EasyVSL (HKLM-x32\...\com.searchcreatively.EasyVSL) (Version: 1.2.1 - Digital Kickstart)

EasyVSL (x32 Version: 1.2.1 - Digital Kickstart) Hidden

ElectraX full (HKLM-x32\...\Tone2 ElectraX full_is1) (Version: - Tone2)

ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.)

Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)

Exif Tag Remover 5.1 (HKLM-x32\...\Exif Tag Remover_is1) (Version: - RL Vision)

Explaindio Video Creator version 1.014 (HKLM-x32\...\{AA286217-0D8F-4864-8D8A-C0B13AE34384}_is1) (Version: 1.014 - Explaindio LLC)

FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)

FilterBank v3.3 (HKLM-x32\...\Tone2 FilterBank3_is1) (Version: - Tone2)

FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)

FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)

FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )

Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

FreshKey (HKLM-x32\...\FreshKey) (Version: 1.5.3 - Infomastery, LLC)

FreshKey (x32 Version: 1.5.3 - Infomastery, LLC) Hidden

Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Gladiator full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: - Tone2)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)

HWiNFO64 Version 4.62 (HKLM\...\HWiNFO64_is1) (Version: 4.62 - Martin Malík - REALiX)

IK Multimedia Authorization Manager version 1.0.10 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.10 - IK Multimedia)

IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)

IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)

Imagenomic Noiseware 5.0.2 Plug-in (build 5020) (HKLM\...\ImagenomicNoisewarePlugin) (Version: - )

Imagenomic Portraiture 2.3.3 Plug-in (build 2330) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )

Imagenomic Realgrain 2.0 Plug-in (build 2001) (HKLM\...\ImagenomicRealgrainPlugin) (Version: - )

Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden

Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)

Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)

Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)

iZotope Alloy 2 (HKLM-x32\...\iZotope Alloy 2_is1) (Version: 2.03 - iZotope, Inc.)

iZotope Iris (HKLM-x32\...\iZotope Iris_is1) (Version: 1.01 - iZotope, Inc.)

iZotope Nectar 2 Production Suite (HKLM-x32\...\iZotope Nectar 2 Production Suite_is1) (Version: 2.02 - iZotope, Inc.)

iZotope Ozone 5 Advanced (HKLM-x32\...\iZotope Ozone 5 Advanced_is1) (Version: 5.05 - iZotope, Inc.)

iZotope Ozone 6 Advanced (HKLM-x32\...\iZotope Ozone 6 Advanced_is1) (Version: 6.00 - iZotope, Inc.)

iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2_is1) (Version: 2.03 - iZotope, Inc.)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)

License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)

License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden

Line2 (HKLM-x32\...\{3419ACA4-3283-46C9-9B2C-5A1A62DF8220}) (Version: 3.0.2.4 - Line2)

LinPlug Organ 3 (HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\LinPlug Organ 3) (Version: - )

Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}) (Version: 11.4.2 - Red Giant Software)

Magic Bullet Suite 64-bit (Version: 11.4.2 - Red Giant Software) Hidden

Magic ISO Maker v5.4 (build 0239) (HKLM-x32\...\Magic ISO Maker v5.4 (build 0239)) (Version: - )

Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)

MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG)

MAGIX MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden

Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mp3tag v2.61a (HKLM-x32\...\Mp3tag) (Version: v2.61a - Florian Heidenreich)

MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1404.1101 - Micro-Star International Co., Ltd.)

MSI Remind Manager (x32 Version: 1.0.1404.1101 - Micro-Star International Co., Ltd.) Hidden

MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)

Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: - Native Instruments)

Native Instruments Astral Flutter (HKLM-x32\...\Native Instruments Astral Flutter) (Version: 1.0.0.5 - Native Instruments)

Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.0.0.1981 - Native Instruments)

Native Instruments Circuit Halo (HKLM-x32\...\Native Instruments Circuit Halo) (Version: 1.0.0.7 - Native Instruments)

Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)

Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.0.1.288 - Native Instruments)

Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: - Native Instruments)

Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: - Native Instruments)

Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)

Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments)

Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: - Native Instruments)

Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)

Native Instruments Komplete 9 Ultimate (HKLM-x32\...\Native Instruments Komplete 9 Ultimate) (Version: - Native Instruments)

Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.1.211 - Native Instruments)

Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)

Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)

Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.2 - Native Instruments)

Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.1.0.2 - Native Instruments)

Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: - Native Instruments)

Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: - Native Instruments)

Native Instruments Rammfire for Maschine (HKLM-x32\...\Native Instruments Rammfire for Maschine) (Version: - Native Instruments)

Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.5.0.9 - Native Instruments)

Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)

Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.3 - Native Instruments)

Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)

Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: - Native Instruments)

Native Instruments Reflektor for Maschine (HKLM-x32\...\Native Instruments Reflektor for Maschine) (Version: - Native Instruments)

Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments)

Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.0.0.3 - Native Instruments)

Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments)

Native Instruments Session Guitarist - Strummed Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Strummed Acoustic) (Version: 1.0.0.8 - Native Instruments)

Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.2.0.2 - Native Instruments)

Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.0.0.276 - Native Instruments)

Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.0.0.276 - Native Instruments)

Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.0.0.276 - Native Instruments)

Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: - Native Instruments)

Native Instruments The Grandeur (HKLM-x32\...\Native Instruments The Grandeur) (Version: 1.2.0.2 - Native Instruments)

Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: - Native Instruments)

Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: - Native Instruments)

Native Instruments Traktors 12 for Maschine (HKLM-x32\...\Native Instruments Traktors 12 for Maschine) (Version: - Native Instruments)

Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: - Native Instruments)

Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: - Native Instruments)

Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: - Native Instruments)

Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: - Native Instruments)

Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: - Native Instruments)

Need for Speed Rivals Update v1.4 (HKLM-x32\...\TmVlZGZvclNwZWVkUml2YWxz_is1) (Version: 1 - )

Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)

NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)

Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.8 - Google)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team)

NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)

NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)

PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

ph (x32 Version: 1.0.0 - Your Company Name) Hidden

photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.7 - Topaz Labs)

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)

PSP MixPack2 2.1.0 64bit (HKLM-x32\...\PSP MixPack2 2.1.0 64bit) (Version: 2.1.0 64bit - PSPaudioware.com)

PSP PianoVerb2 64bit (HKLM-x32\...\PSP PianoVerb2 64bit) (Version: 2.0.0 64bit - PSPaudioware.com)

PSP SpringBox 64bit (HKLM-x32\...\PSP SpringBox 64bit) (Version: 1.0.0 64bit - PSPaudioware.com)

PSP StereoPack 1.9.8 64bit (HKLM-x32\...\PSP StereoPack 1.9.8 64bit) (Version: 1.9.8 64bit - PSPaudioware.com)

PSP VintageWarmer2 2.5.2 32bit (HKLM-x32\...\PSP VintageWarmer2 2.5.2 32bit) (Version: 2.5.2 32bit - PSPaudioware.com)

Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden

Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden

Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden

Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

RadLab v1.3.5 (HKLM-x32\...\RadLab_is1) (Version: - Totally Rad)

RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden

realMyst Masterpiece Edition (HKLM-x32\...\realMyst Masterpiece Edition_is1) (Version: - )

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)

reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )

reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version: - )

SampleTank 3 version 3.0.1 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.0.1 - IK Multimedia)

Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)

Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)

SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)

SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden

Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)

Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version: - Team AiR 2007)

Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)

Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)

Start Menu Reviver (HKLM-x32\...\Start Menu Reviver) (Version: 2.5.0.18 - ReviverSoft)

SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.417.28061 - SteelSeries)

Strum Acoustic GS-1 v1.0.2 (HKLM-x32\...\Strum Acoustic GS-1) (Version: - Applied Acoustics Systems)

SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)

System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)

Tone2 Warmverb multi-FX full (HKLM-x32\...\Tone2 Warmverb multi-FX full_is1) (Version: - Tone2)

Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.1 - Topaz Labs, LLC)

Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)

Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.1.0 - Topaz Labs, LLC)

Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)

Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)

Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)

Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)

Vertus Fluid Mask 3 3.3.6 (HKLM-x32\...\VertusFluidMask3) (Version: 3.3.6 - )

VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.05) (Version: 1.05 - Webvati)

VideoMakerFX (x32 Version: 1.05 - Webvati) Hidden

VideoMakerFX Josh Ratta Bonus Scenes (HKLM-x32\...\{E7CAFBCF-1A20-4AF8-AE0E-89A8282CCA46}) (Version: 1.0 - Webvati)

Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)

Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Waves Complete V9r18 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.18 - Waves)

Weblify Post Extractor (HKLM-x32\...\weblifypostextractor) (Version: 0.1.7 - Web Dimensions, Inc.)

Weblify Post Extractor (x32 Version: 0.1.7 - Web Dimensions, Inc.) Hidden

Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Tweaker (HKLM-x32\...\{F6881752-3DD7-44C9-9AC6-D827A1E641CC}) (Version: 5.3.1 - Windows Tweaker)

WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )

XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)

XBMC (HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\XBMC) (Version: - Team XBMC)

XSplit Gamecaster (HKLM-x32\...\{9C3D0D0D-3983-4C18-91EE-C6976D5AA349}) (Version: 1.5.1403.1907 - SplitMediaLabs)

フォトギャラリー (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

معرض الصور (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

사진 갤러리 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1041425116-2400648983-129056087-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-1041425116-2400648983-129056087-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\lloyd_000\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-06-13 19:25 - 2015-02-01 17:28 - 00002887 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 192.150.14.69

127.0.0.1 192.150.18.101

127.0.0.1 192.150.18.108

127.0.0.1 192.150.22.40

127.0.0.1 192.150.8.100

127.0.0.1 192.150.8.118

127.0.0.1 209-34-83-73.ood.opsource.net

127.0.0.1 3dns-1.adobe.com

127.0.0.1 3dns-2.adobe.com

127.0.0.1 3dns-3.adobe.com

127.0.0.1 3dns-4.adobe.com

127.0.0.1 3dns.adobe.com

127.0.0.1 activate-sea.adobe.com

127.0.0.1 activate-sjc0.adobe.com

127.0.0.1 activate.adobe.com

127.0.0.1 activate.wip.adobe.com

127.0.0.1 activate.wip1.adobe.com

127.0.0.1 activate.wip2.adobe.com

127.0.0.1 activate.wip3.adobe.com

127.0.0.1 activate.wip4.adobe.com

127.0.0.1 adobe-dns-1.adobe.com

127.0.0.1 adobe-dns-2.adobe.com

There are 37 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A149050-CB32-4D8F-B30C-F6EBB0DD48B7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)

Task: {1215492A-E3DF-4E22-8A7A-5F8E50119ED4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks

Task: {1949BDCA-1348-4F0C-9B8E-4562BFCEF107} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)

Task: {1D161A58-78F6-4010-9BC1-1A369F0948D3} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe

Task: {1D73AE22-F5F6-42B9-B093-091F8CC25431} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)

Task: {27902362-EB83-4D3D-A103-522639358B67} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)

Task: {31690A17-04C6-4A88-8545-5461EE7292F5} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe [2014-09-17] (ReviverSoft)

Task: {3482A3A6-5C36-4FDA-B38E-8716A7149531} - System32\Tasks\{B78A608D-AB45-4B4C-9B52-2BC1D45B11C9} => pcalua.exe -a "C:\Program Files (x86)\JDownloader\JDUninstall.exe"

Task: {36F3D58E-FD67-481F-868E-22FC4DD198AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {3ECD7EA7-AD6B-4DF9-992D-8DB7AEEAF80A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)

Task: {449B548F-7C8F-491C-91E0-78801FBFC603} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)

Task: {4F493231-C338-4285-83D6-A0D7DD19278B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-13] (Google Inc.)

Task: {5D9A21D4-10DB-4327-9E1D-3FFA1551B97A} - System32\Tasks\G2MUploadTask-S-1-5-21-1041425116-2400648983-129056087-1002 => C:\Users\lloyd_000\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe [2015-05-31] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {6DCE93B8-3DE1-4164-88BF-B4B735703136} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe

Task: {76E2425C-A76D-474B-849F-A0559AF55CEC} - System32\Tasks\MSI_Reminder => C:\Program Files (x86)\MSI\MSI Remind Manager\MSI Reminder.exe [2014-04-09] ()

Task: {7A748A39-6A0C-4183-8156-DDAE70169665} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)

Task: {83F848AC-17D5-4863-BECF-FCEA0D527D66} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

Task: {925AED92-0332-410E-86E1-DE1547B52584} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe

Task: {9719FA35-EAEA-49D9-A4C3-77B519F9CC5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)

Task: {9EB718E9-FF93-4A22-A5AA-B4645D3ED6DF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)

Task: {B87B9025-9ECE-44D8-9E3F-4F621F54B594} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)

Task: {BBDFCBC3-4A67-4626-A269-B1BE420F8CDD} - System32\Tasks\G2MUpdateTask-S-1-5-21-1041425116-2400648983-129056087-1002 => C:\Users\lloyd_000\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-05-31] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {BE97FBB6-71D9-4055-BEA9-10DE7605BEE4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe

Task: {D6F6A44E-3D84-429A-B784-F507BB4714CE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)

Task: {E6E1A952-44B1-4F04-921E-D90E90CFE8A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-13] (Google Inc.)

Task: {FD95031B-19D6-4A3C-8524-C91AD70C6C3D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1041425116-2400648983-129056087-1002.job => C:\Users\lloyd_000\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe

Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1041425116-2400648983-129056087-1002.job => C:\Users\lloyd_000\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (Whitelisted) ==============

2014-04-24 16:50 - 2015-05-28 00:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-05-01 15:29 - 2014-05-01 15:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2014-04-24 17:09 - 2012-11-01 14:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL

2014-04-24 17:09 - 2012-11-01 14:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL

2014-01-23 11:15 - 2014-01-23 11:15 - 00758784 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll

2015-04-10 16:08 - 2015-04-10 16:08 - 00089915 ____N () C:\Users\lloyd_000\AppData\Local\Temp\fcaa5f9b-83be-462f-bb26-c1541883b2c0\CliSecureRT64.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00287744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00140288 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll

2013-01-10 01:46 - 2013-01-10 01:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 09633280 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll

2013-01-10 01:46 - 2013-01-10 01:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll

2014-01-23 11:15 - 2014-01-23 11:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll

2014-01-22 13:44 - 2014-01-22 13:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll

2013-05-23 12:15 - 2013-05-23 12:15 - 00025600 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\CoreAudioApi.dll

2014-03-04 16:16 - 2014-03-04 16:16 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe

2014-05-12 05:49 - 2014-05-12 05:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2015-05-14 08:54 - 2015-05-22 21:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2014-11-27 02:34 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll

2015-04-30 13:17 - 2015-04-30 13:17 - 00439304 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

2015-04-30 13:17 - 2015-04-30 13:17 - 00321032 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

2014-09-06 12:44 - 2014-09-06 12:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2014-05-24 12:41 - 2014-05-24 12:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll

2014-05-24 12:41 - 2014-05-24 12:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll

2015-05-25 15:26 - 2015-05-22 16:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll

2015-05-25 15:26 - 2015-05-22 16:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll

2014-04-24 16:46 - 2013-09-16 15:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll

2015-05-25 15:26 - 2015-05-22 16:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:dGfmW7HUA4b2xqtuoNDW3K5s

AlternateDataStreams: C:\ProgramData\Microsoft:EXHxdQJMjodMyZd0p12W5ZKFF

AlternateDataStreams: C:\ProgramData\Microsoft:I0fgutwscqZUTIijbKFq4SIOgpn

AlternateDataStreams: C:\ProgramData\Microsoft:OZoSauVpyv4WSqIcgE0F

AlternateDataStreams: C:\ProgramData\Microsoft:utzSKJoskmIkbtq5

AlternateDataStreams: C:\ProgramData\Microsoft:UWd4yFo3MY3nG6XhBupqbnRQ

AlternateDataStreams: C:\ProgramData\Microsoft:WgLIOZJnk7ion1JRI5qLdah

AlternateDataStreams: C:\ProgramData\Reprise:yhuwxvwhfkxkcgmvjenbtlifh

AlternateDataStreams: C:\Users\lloyd_000\SkyDrive:ms-properties

AlternateDataStreams: C:\Users\lloyd_000\AppData\Local\Temporary Internet Files:bfEKctluMBWEcvzqwJ3YGW

AlternateDataStreams: C:\Users\lloyd_000\AppData\Local\Temporary Internet Files:dkFxkrLRSaJQ3YjZiQLGu

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\Control Panel\Desktop\\Wallpaper -> D:\Pictures\WALL\14353799836_7426264129_o.png

DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: PaceLicenseDServices => 2

MSCONFIG\Services: SwitchBoard => 3

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run32: => "UpdReg"

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "SwitchBoard"

HKLM\...\StartupApproved\Run32: => "QuickTime Task"

HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-1041425116-2400648983-129056087-1002\...\StartupApproved\Run: => "AdobeBridge"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{3791F2D1-244F-45A7-9663-FD0CC399D9DF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{55423712-B1AF-4A05-9079-8FD401F38BDE}] => (Allow) LPort=2869

FirewallRules: [{AF7B664A-BECA-475F-9FCD-015889540A44}] => (Allow) LPort=1900

FirewallRules: [{0BC28695-BAB9-4D6E-83BA-14EE44527927}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{2664DB54-8EE6-48B9-B05E-C60CA3083770}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{5DCC73D5-B802-4545-8983-FFB079578851}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{71BD7DAB-5491-4A09-BC8B-8E415C596881}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{D70A2A6C-7F1D-4FEB-B2F3-016EBD88D027}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe

FirewallRules: [{096CE527-5DB8-4C40-9DA0-4949D54DB709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE

FirewallRules: [{5EA3BD0B-3680-482A-9996-2846011F2116}] => (Allow) LPort=7878

FirewallRules: [{610C1EEF-6B81-4D32-8024-E331D4B9111E}] => (Allow) LPort=20102

FirewallRules: [{D063F530-56B5-454C-A8C9-0A4E41697003}] => (Allow) LPort=1900

FirewallRules: [{613B6EF4-814F-4687-9062-2734AAAC8AE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{398B5179-4B17-4839-879F-556DE670FB15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{9EB28792-ED36-418E-85A7-F187C046B4FC}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

FirewallRules: [{569FA5BB-3C17-494B-8B51-2EF5761D044A}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe

FirewallRules: [{0CEA72DB-119D-4EC7-A8E6-C698A4E0D026}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

FirewallRules: [TCP Query User{8F0DD7A7-EB8C-457F-A6EF-4521B0D13643}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe

FirewallRules: [UDP Query User{F908B6B3-AF53-4C01-BF7D-4897F501871D}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe

FirewallRules: [TCP Query User{093EBAC4-0495-4894-85BA-6B88DB69936D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{3CD6C43E-8B1E-493A-B4CA-7C043CE01ABF}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [TCP Query User{AD4C65CE-D931-4BA0-A3A0-8221C83BA8F7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{99A3EDFE-7DAD-47D7-9F87-647B6F4088D7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{1C3C5E95-D1A1-44E4-97D9-1CA438B32FE3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{8063ED6F-4DA4-4A92-ABAA-C09AC09ED19E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{B8C875E9-CE80-4D44-891A-DBAA672F6EE2}C:\program files (x86)\image-line\fl studio 11\fl.exe] => (Allow) C:\program files (x86)\image-line\fl studio 11\fl.exe

FirewallRules: [UDP Query User{D73C9A4F-AD2F-4F47-B200-E34036833522}C:\program files (x86)\image-line\fl studio 11\fl.exe] => (Allow) C:\program files (x86)\image-line\fl studio 11\fl.exe

FirewallRules: [TCP Query User{61356D0E-E146-460E-A9CB-540231F0782B}C:\program files (x86)\image-line\fl studio 11\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 11\fl.exe

FirewallRules: [UDP Query User{2B5ABA03-A486-4D08-8A00-A45680CC2909}C:\program files (x86)\image-line\fl studio 11\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 11\fl.exe

FirewallRules: [TCP Query User{6D224191-4736-48C3-918C-273E48EA2CB1}C:\program files (x86)\coffeecup software\free ftp\freeftp.exe] => (Allow) C:\program files (x86)\coffeecup software\free ftp\freeftp.exe

FirewallRules: [UDP Query User{6CDA7731-0C98-4B51-967D-2AFB5786D4FE}C:\program files (x86)\coffeecup software\free ftp\freeftp.exe] => (Allow) C:\program files (x86)\coffeecup software\free ftp\freeftp.exe

FirewallRules: [{1A55E1B2-802E-4ADD-B83C-7BD7FF16C1FE}] => (Block) C:\program files (x86)\coffeecup software\free ftp\freeftp.exe

FirewallRules: [{83024473-E057-4DC8-8644-68B2507921AF}] => (Block) C:\program files (x86)\coffeecup software\free ftp\freeftp.exe

FirewallRules: [TCP Query User{C01C1121-FC78-49EA-9537-888092272738}C:\program files (x86)\image-line\fl studio 11\fl64.exe] => (Allow) C:\program files (x86)\image-line\fl studio 11\fl64.exe

FirewallRules: [UDP Query User{8551AC3E-A68B-429C-B5C4-DFEBD90B40BB}C:\program files (x86)\image-line\fl studio 11\fl64.exe] => (Allow) C:\program files (x86)\image-line\fl studio 11\fl64.exe

FirewallRules: [{1DF2A231-4DF1-4486-9C0A-0AE23E73B387}] => (Block) C:\program files (x86)\image-line\fl studio 11\fl64.exe

FirewallRules: [{E29BFF4E-2B12-4F6B-8364-547265EE59ED}] => (Block) C:\program files (x86)\image-line\fl studio 11\fl64.exe

FirewallRules: [TCP Query User{FE9A7D44-23D3-4CBA-A469-8BB8CB29A2D9}C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe

FirewallRules: [UDP Query User{6673A2DB-7F49-4177-8DC0-FA6D795F5F14}C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe

FirewallRules: [TCP Query User{7315E716-ABB6-4DE7-BCE1-96798FE5833B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe

FirewallRules: [UDP Query User{78A471B6-CEA3-4C0F-84E6-2BE876F943D2}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe

FirewallRules: [TCP Query User{F7306A53-7768-4CE2-B465-2A659120A826}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe

FirewallRules: [UDP Query User{583B16A5-E32C-4155-B85A-649BF665337C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe

FirewallRules: [{BCA91B0A-F91E-4CBE-BDDA-027FEAAAA83C}] => (Block) C:\xampp\apache\bin\httpd.exe

FirewallRules: [{6E750F77-ADAB-4F9D-AC4F-222688C79750}] => (Block) C:\xampp\apache\bin\httpd.exe

FirewallRules: [{C6378944-7FB5-48AF-9311-679085315050}] => (Block) C:\xampp\mysql\bin\mysqld.exe

FirewallRules: [{B2539624-CA8D-4A03-B2B7-3463275E8911}] => (Block) C:\xampp\mysql\bin\mysqld.exe

FirewallRules: [TCP Query User{C926D393-97DC-4F9E-953A-440C23B63412}C:\program files\adobe\adobe premiere pro cs6\pproheadless.exe] => (Block) C:\program files\adobe\adobe premiere pro cs6\pproheadless.exe

FirewallRules: [UDP Query User{3C145C5E-ACF2-4B47-89A0-67C9ADF37E58}C:\program files\adobe\adobe premiere pro cs6\pproheadless.exe] => (Block) C:\program files\adobe\adobe premiere pro cs6\pproheadless.exe

FirewallRules: [{00AB9C58-E12E-4C09-962B-80FCF32DCFC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe

FirewallRules: [{26A5B845-FFAB-4741-82BB-1AE27F105D8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe

FirewallRules: [{C13AB497-0026-4D4A-B073-118329CBE9D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{DB63C68D-4C0E-4EC7-B8ED-D46FE7E9BC3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [TCP Query User{B8AA2E57-54A3-4E63-8C1E-FFBB3870159B}C:\program files (x86)\line2\line2.exe] => (Allow) C:\program files (x86)\line2\line2.exe

FirewallRules: [UDP Query User{5094E882-7270-43FE-BC29-0EDAA39E405D}C:\program files (x86)\line2\line2.exe] => (Allow) C:\program files (x86)\line2\line2.exe

FirewallRules: [{F2790A52-7ED8-4F0B-AECB-9A37CB592572}] => (Block) C:\program files (x86)\line2\line2.exe

FirewallRules: [{68645467-AD76-48B2-AC23-08622B6630E4}] => (Block) C:\program files (x86)\line2\line2.exe

FirewallRules: [TCP Query User{3594E1D4-0528-483A-A54A-76E38D6A9180}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe

FirewallRules: [UDP Query User{D5F72045-88D3-4939-B197-A8DC295BC16A}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe

FirewallRules: [{2E58157F-4398-4CA9-8879-C4339B92EA38}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{EA368BB8-BB7C-4B88-8B50-6FE924EAE52B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [TCP Query User{FB177EE4-258D-46B4-B8B1-0B1108811856}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{B3D48043-CF36-4B6B-BACD-8A5C157EF818}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{EBECCC47-D6DF-40B8-9746-593FBF137E50}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{344E84AD-E176-45A4-BDCE-153E625A0596}] => (Allow) C:\Games\Need for Speed Rivals\Need for Speed Rivals\NFS14_x86.exe

FirewallRules: [{739B87CE-2235-4E94-92DF-FD0D2EDC1D65}] => (Allow) C:\Games\Need for Speed Rivals\Need for Speed Rivals\NFS14_x86.exe

FirewallRules: [{0475D691-FB99-421C-BE5E-0F2E3B6C320B}] => (Allow) C:\Games\Need for Speed Rivals\Need for Speed Rivals\NFS14.exe

FirewallRules: [{9A7ADACE-B5B2-4E3B-8B91-312DD27E7914}] => (Allow) C:\Games\Need for Speed Rivals\Need for Speed Rivals\NFS14.exe

FirewallRules: [TCP Query User{44C4D058-EEE8-47D4-9E0F-732317D30E49}C:\games\need for speed rivals\nfs14.exe] => (Block) C:\games\need for speed rivals\nfs14.exe

FirewallRules: [UDP Query User{4E2566CE-307E-4FDE-A6B5-3B6395F25953}C:\games\need for speed rivals\nfs14.exe] => (Block) C:\games\need for speed rivals\nfs14.exe

FirewallRules: [{60F62A24-8507-4082-9551-103586FDE589}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{9E4F6CF9-AAC7-48AC-A4E9-61F7F443592B}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe

FirewallRules: [UDP Query User{24B7BE2C-82AD-4B65-A53B-1B2C60441E6B}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe

FirewallRules: [{46C6A39B-765F-4158-A228-AEFF95CC762D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{79F39E36-E8E3-4AF4-8426-655F09D1E8EE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{EB5B333A-EBBA-4F7E-98EC-D96CD84439B1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{6C8097C7-85EA-4B3B-8CF6-E7A3DA968684}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{2E4144F3-C1D2-4E46-A058-5A82FEBA542D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{799C6EAA-66EC-4093-8679-E33D15F21194}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [TCP Query User{21F4D4E4-E1E9-40B7-90F9-A6CFA7EB5590}C:\games\need for speed rivals\nfs14_x86.exe] => (Block) C:\games\need for speed rivals\nfs14_x86.exe

FirewallRules: [UDP Query User{3D18ACE1-B960-4D80-8DBA-4F28588C022B}C:\games\need for speed rivals\nfs14_x86.exe] => (Block) C:\games\need for speed rivals\nfs14_x86.exe

FirewallRules: [{C9F53B97-B3D7-482E-9256-2A6E15D06FA1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (06/03/2015 10:40:12 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 10:40:12 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 10:40:12 PM) (Source: SideBySide) (EventID: 35) (User: )

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 10:40:11 PM) (Source: SideBySide) (EventID: 35) (User: )

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 09:33:35 PM) (Source: SideBySide) (EventID: 35) (User: )

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 09:33:35 PM) (Source: SideBySide) (EventID: 35) (User: )

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 09:33:34 PM) (Source: SideBySide) (EventID: 35) (User: )

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 09:33:34 PM) (Source: SideBySide) (EventID: 35) (User: )

Component identity found in manifest does not match the identity of the component requested.

Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".

Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 08:14:14 PM) (Source: SideBySide) (EventID: 9) (User: )

Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.

The manifest file root element must be assembly.

Error: (06/03/2015 08:13:47 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.

Component identity found in manifest does not match the identity of the component requested.

Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".

Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

System errors:

=============

Error: (06/04/2015 11:04:45 AM) (Source: DCOM) (EventID: 10010) (User: Voldemort)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/03/2015 09:32:22 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/03/2015 09:31:50 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/03/2015 09:31:50 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (06/03/2015 09:31:49 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (06/03/2015 09:31:47 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (06/03/2015 09:31:44 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (06/03/2015 09:31:43 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (06/03/2015 09:31:40 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (06/03/2015 09:31:40 PM) (Source: DCOM) (EventID: 10005) (User: Voldemort)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Microsoft Office:

=========================

Error: (06/03/2015 10:40:12 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\wlc.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8

Error: (06/03/2015 10:40:12 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (06/03/2015 10:40:12 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTR 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (06/03/2015 10:40:11 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\Element App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (06/03/2015 09:33:35 PM) (Source: SideBySide) (EventID: 35) (User: )

Error: (06/03/2015 09:33:34 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTR 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (06/03/2015 09:33:34 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\Element App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (06/03/2015 08:14:14 PM) (Source: SideBySide) (EventID: 9) (User: )

Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (06/03/2015 08:13:47 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

CodeIntegrity Errors:

===================================

Date: 2015-05-06 14:23:29.449

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-06 14:23:29.390

Date: 2015-05-06 14:23:29.333

Date: 2015-05-06 14:23:29.275

Date: 2015-05-06 14:23:29.216

Date: 2015-05-06 14:23:29.158

Date: 2015-05-06 14:23:29.100

Date: 2015-05-06 14:23:29.043

Date: 2015-05-06 14:23:25.501

Date: 2015-05-06 14:23:25.443

==================== Memory info ===========================

Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz

Percentage of memory in use: 37%

Total physical RAM: 16303.2 MB

Available physical RAM: 10134.38 MB

Total Pagefile: 19375.2 MB

Available Pagefile: 12114.4 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:449.56 GB) (Free:118.6 GB) NTFS

Drive d: (Alpha) (Fixed) (Total:334.57 GB) (Free:47.91 GB) NTFS

Drive f: (Delta) (Fixed) (Total:580.74 GB) (Free:80.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: BF003083)

Partition: GPT Partition Type.

==================== End of log ============================

#2
dbreeze

Posted 10 June 2015 - 09:21 PM

Trusted Helper

Malware Removal
2,216 posts

Hi milo24,

Welcome to Geeks to Go. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
All of the assistants and staff at Geeks to Go are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date. That being said, please notice the following Geeks to Go rule:
Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.

- Save ALL Tools to your Desktop-

All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Quoted from and used by permission of BrianDrab. Thank you.

Let's get started....

First, please rerun FRST and select Shortcuts in the Optional Scan section. This will produce a log entitled Shortcuts.txt. Pleasse post that here for my review. Thanks.

#3
dbreeze

Posted 10 June 2015 - 10:22 PM

Trusted Helper

Malware Removal
2,216 posts

Please run the following scan and post the log please.

Download CKScanner from here

Important : Save it to your desktop.

Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify that the file is saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

#4
milo24

Posted 11 June 2015 - 08:40 AM

New Member

Topic Starter
Member
8 posts

I just tried posting them, It's not posting

#5
dbreeze

Posted 14 June 2015 - 01:14 AM

Trusted Helper

Malware Removal
2,216 posts

I received the email notification of the posts (I'm not sure why the posts didn't go through here). The log is shown below:

Here are the contents of my CKFiles.txt:

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
hosts 127.0.0.1 209-34-83-73.ood.opsource.net
hosts 127.0.0.1 3dns-1.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-4.adobe.com
hosts 127.0.0.1 3dns.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 activate.wip.adobe.com
hosts 127.0.0.1 activate.wip1.adobe.com
hosts 127.0.0.1 activate.wip2.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 activate.wip4.adobe.com
hosts 127.0.0.1 adobe-dns-1.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 adobe-dns-4.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe.activate.com
hosts 127.0.0.1 adobeereg.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 ereg.wip.adobe.com
hosts 127.0.0.1 ereg.wip1.adobe.com
hosts 127.0.0.1 ereg.wip2.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 ereg.wip4.adobe.com
hosts 127.0.0.1 hl2rcv.adobe.com
hosts 127.0.0.1 ood.opsource.net
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 wip.adobe.com
hosts 127.0.0.1 wip1.adobe.com
hosts 127.0.0.1 wip2.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 wip4.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
scanner sequence 3.ZZ.11.GTBCO0
----- EOF -----