Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

computer freezes and BTASupport.com pops up in chrome [Closed]

freeze btasupport.com

  • This topic is locked This topic is locked

#1
medic

medic

    Member

  • Member
  • PipPip
  • 66 posts

Computer freezes intermittaently and chrome gets hijacked to notifications.BTAsupport.com when I go to fxexam.com  (I mean to go to examfx - but still I should not get hijacked), chrome then freezes and the computer starts beeping.  The only way to close it is task manager and then if you reopen and restore chrome it takes you right back there.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Medic (administrator) on MEDIC-PC on 08-07-2015 21:16:37
Running from e:\Users\Medic\Desktop\virus removal\07082015
Loaded Profiles: Medic (Available Profiles: Medic & PK & Paysys & Guest & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Medic\AppData\Local\Mikogo4\Host\Service\M4-Service.exe
() E:\Program Files (x86)\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe
() C:\Users\Medic\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe
() E:\Program Files (x86)\Noguska\NolaPro\Apache\bin\srvany.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() E:\Program Files (x86)\Noguska\NolaPro\Apache\xmail\XMail.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Medic\.odrive\bin\current\odriveapp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1014432 2011-12-29] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2011-12-29] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-03-30] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2013-03-06] (ASUS)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\Run: [Google Update] => C:\Users\Medic\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-19] (Google Inc.)
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7800088 2015-07-08] (SUPERAntiSpyware)
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {07f955be-862c-11e2-8d54-e0b9a5f6ce9a} - H:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {14858280-e6cb-11e4-b329-e0b9a5f6ce9a} - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {308cd614-9808-11e2-9167-10bf48275162} - D:\TL_Bootstrap.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {3d1d378e-2a97-11e3-a3d2-e0b9a5f6ce9a} - D:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {4775d68e-8a5e-11e2-b61f-e0b9a5f6ce9a} - D:\menu.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {daf64f97-52f9-11e3-8c8a-e0b9a5f6ce9a} - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\MountPoints2: {ec62ad7d-d643-11e4-9d63-e0b9a5f6ce9a} - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ASUS_S~1.SCR [362831104 2012-03-28] (Axialis Software)
HKU\S-1-5-18\...\Run: [Mikogo] => C:\Users\Medic\AppData\Roaming\Mikogo\mikogo-host.exe [6760264 2013-11-29] (Mikogo GmbH)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start odrive.lnk [2015-03-03]
ShortcutTarget: Start odrive.lnk -> C:\Program Files\odrive\odrive.exe ()
ShellIconOverlayIdentifiers: [ 0xygenS7ActivityIcon] -> {F89D1C5C-417C-4692-957E-88C9B739179D} => C:\Program Files\odrive\OdriveShellExtension_64.dll [2014-12-15] (LeapFILE Inc.)
ShellIconOverlayIdentifiers: [ 0xygenS7AlertIcon] -> {FEA880BF-087C-4970-A34A-C311D200DB2D} => C:\Program Files\odrive\OdriveShellExtension_64.dll [2014-12-15] (LeapFILE Inc.)
ShellIconOverlayIdentifiers: [ 0xygenS7SyncIcon] -> {DB3F4C84-E47D-4b34-84FD-DF8D979F95D2} => C:\Program Files\odrive\OdriveShellExtension_64.dll [2014-12-15] (LeapFILE Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001 -> {47075573-1F19-46D9-BC75-802FE76DB8ED} URL = http://search.condui...5441206814&UM=2
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-10] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-12-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-10] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1CC0B9CA-C505-44C3-8927-98FB657C0D32}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{65A806D4-6752-4543-B416-A2526DACF885}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7BA50B52-9BAD-41A6-AEBF-B6B5A5AC6709}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{EF09DCED-550D-451A-B126-BBA86F754C8E}: [NameServer] 198.224.185.135 198.224.184.135

FireFox:
========
FF ProfilePath: C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-10] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1118339841-1434331689-2435812366-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Medic\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-07] (Citrix Online)
FF Plugin HKU\S-1-5-21-1118339841-1434331689-2435812366-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Medic\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1118339841-1434331689-2435812366-1001: @talk.google.com/O1DPlugin -> C:\Users\Medic\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1118339841-1434331689-2435812366-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1118339841-1434331689-2435812366-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-05-18] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Medic\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-01-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Medic\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Medic\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-04-18]
FF Extension: ClipConverter Desktop - C:\Users\Medic\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2013-09-06]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2015-05-29]
FF Extension: ColorfulTabs - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-06-24]
FF Extension: Flashblock - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29]
FF Extension: No Name - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-05-14]
FF Extension: Bookmark Current Tab Set - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-12-13]
FF Extension: YouTube to MP3 Button - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-04-01]
FF Extension: Webmail Ad Blocker - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-05-31]
FF Extension: Greasefire2 - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2015-04-25]
FF Extension: Greasy Scripts - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2015-04-25]
FF Extension: SnipR - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-05-01]
FF Extension: Who stole my pictures? - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2015-05-11]
FF Extension: Ad-blocker for Gmail - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-05-31]
FF Extension: Translate This! - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2015-04-22]
FF Extension: Google search link fix - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-12-20]
FF Extension: Down for Everyone or Just me - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-03-20]
FF Extension: Lightbeam - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-11-04]
FF Extension: NO Google Analytics - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-05-01]
FF Extension: Rapportive - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-05-14]
FF Extension: Scriptish - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2015-04-25]
FF Extension: Disconnect Search - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-03-11]
FF Extension: Secure Login - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-03-20]
FF Extension: FastestFox - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-05-31]
FF Extension: Speed DNS - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-05-31]
FF Extension: take me to url - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-03-20]
FF Extension: Google Translator for Firefox - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2014-05-01]
FF Extension: Troubleshooter - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\[email protected] [2013-12-04]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-05-31]
FF Extension: Google Shortcuts - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2014-05-01]
FF Extension: ImTranslator - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-05-01]
FF Extension: Search by Image for Google - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2014-05-01]
FF Extension: Adblock Plus - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-19]
FF Extension: Tab Mix Plus - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-05-14]
FF Extension: Greasemonkey - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\n6ypmwwh.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-03-06]
FF Extension: ColorfulTabs - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-06-24]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2015-05-29]
FF Extension: No Name - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\[email protected] [2014-12-13]
FF Extension: No Name - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\[email protected] [2014-12-13]
FF Extension: No Name - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-05-11]
FF Extension: No Name - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-13]
FF Extension: No Name - C:\Users\Medic\AppData\Roaming\Mozilla\Firefox\Profiles\3el0novc.email and work\Extensions\{dc5d9a10-2736-11da-8cd6-0800200c9a66}.xpi [2014-12-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-07]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-08]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-29]
CHR Extension: (Search by Image (by Google)) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-04-16]
CHR Extension: (No Name) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-01-21]
CHR Extension: (Disconnect) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-03-17]
CHR Extension: (Spell Checker for Chrome) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2015-05-28]
CHR Extension: (RevEye Reverse Image Search) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\keaaclcjhehbbapnphnmpiklalfhelgf [2014-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Skype Click to Call) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-09]
CHR Extension: (Google Wallet) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Profile: C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-03-03]
CHR Extension: (Google Slides) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Boomerang Calendar) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\annmcneienljahlbfoaomcfghmomhfho [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Google Drive) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]
CHR Extension: (YouTube) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]
CHR Extension: (Google Search) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]
CHR Extension: (FromDocToPDF) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp [2015-03-03]
CHR Extension: (Google Sheets) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-03-03]
CHR Extension: (PDFescape Free PDF Editor) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdefoklganepljiopdnglodohlgfikkl [2015-03-03]
CHR Extension: (Save to Google Drive) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-03-03]
CHR Extension: (Hangouts) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-03-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Mail Checker) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-03-03]
CHR Extension: (Highlight Keywords for Google Search) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhahncknpppipmgjchbbhehkfglelepf [2015-03-03]
CHR Extension: (Google Wallet) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-05]
CHR Extension: (Sidekick by HubSpot) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2015-03-03]
CHR Extension: (Fox News) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pamidlfalnpbkhdhbbepaibgehibgmna [2015-03-03]
CHR Extension: (Gmail) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]
CHR Profile: C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-19]
CHR Extension: (Google Docs) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-19]
CHR Extension: (Google Drive) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-19]
CHR Extension: (YouTube) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-19]
CHR Extension: (Google Search) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-19]
CHR Extension: (Google Sheets) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-19]
CHR Extension: (Skype Click to Call) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-19]
CHR Extension: (Google Wallet) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-19]
CHR Extension: (Sidekick by HubSpot) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-19]
CHR Profile: C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22]
CHR Extension: (Google Docs) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22]
CHR Extension: (Google Drive) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-22]
CHR Extension: (YouTube) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-22]
CHR Extension: (Adblock Plus) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-23]
CHR Extension: (Do Not Track) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-22]
CHR Extension: (Google Sheets) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22]
CHR Extension: (Spell Checker for Chrome) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2015-05-26]
CHR Extension: (Tracking Token Stripper) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kcpnkledgcbobhkgimpbmejgockkplob [2015-05-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-22]
CHR Extension: (Skype Click to Call) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-22]
CHR Extension: (Ghostery) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-26]
CHR Extension: (Google Wallet) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-22]
CHR Extension: (Sidekick by HubSpot) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Medic\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22]
CHR HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Medic\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-24]
CHR HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 ApacheNoguskaNolaPro; e:\Program Files (x86)\Noguska\NolaPro\Apache\bin\httpd.exe [20549 2012-01-28] (Apache Software Foundation) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2011-03-27] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]
S4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 DMXGenerator; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\GeneratorService.exe [1273208 2013-09-18] ()
S4 DMXSender; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\DMXSenderService.exe [1274744 2013-09-18] (Martin Professional)
R2 FanChkService; C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe [45696 2012-01-20] (ASUSTek Computer Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Users\Medic\AppData\Local\Temp\7zS514D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 M4-Service; C:\Users\Medic\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [1008968 2013-09-16] ()
S4 Market Traders: MTI 4.00 update permissions manager. 12448.; C:\FTGT\MTILauncher.exe [1171456 2014-01-22] () [File not signed]
S3 MaxExtMidi; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\MaxExtMidiService.exe [504704 2013-09-18] ()
S3 MAXNETCITPService; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\CITPService.exe [18288 2013-09-18] (R&D International NV)
S3 MAXNetService; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\MAXNetService.exe [24440 2013-09-18] (R&D International NV)
S3 MaxxyzConsole; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\MaxxyzConsole.exe [2485112 2013-09-18] (R&D International NV)
S3 MaxxyzSharedMemManager; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\MaxMemManager.exe [549240 2013-09-18] ()
S4 Mikogo-Service; C:\Users\Medic\AppData\Roaming\Mikogo\Mikogo-Service.exe [1116512 2013-11-29] (Mikogo GmbH)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MxMemory; C:\Program Files (x86)\Martin Professional\Maxxyz\Binaries\MxMemory.exe [1972072 2013-09-18] (R&D International NV)
R2 MySQLNoguskaNolaPro; e:\Program Files (x86)\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe [5820416 2011-07-01] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
R2 NWVZHelper; C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [270848 2010-06-14] (Novatel Wireless Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RalinkRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401096 2014-05-01] (Mediatek Inc.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454344 2014-03-25] (Mediatek Inc.)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1a\RpcAgentSrv.exe [72344 2008-02-17] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
R2 VZWConfigService; C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe [218160 2012-04-16] (Novatel Wireless Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XMailNoguskaNolaPro; e:\Program Files (x86)\Noguska\NolaPro\Apache\bin\srvany.exe [13312 1997-05-15] () [File not signed]
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]
S2 vToolbarUpdater3.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-18] (AVG Technologies)
S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
S3 NWUSBModem_001; C:\Windows\System32\DRIVERS\nwusbmdm_001.sys [217856 2012-08-07] (Novatel Wireless Inc.)
S3 NWUSBPort2_001; C:\Windows\System32\DRIVERS\nwusbser2_001.sys [217856 2012-08-07] (Novatel Wireless Inc.)
S3 NWUSBPort_001; C:\Windows\System32\DRIVERS\nwusbser_001.sys [217856 2012-08-07] (Novatel Wireless Inc.)
S3 nwvzwmbnet_001; C:\Windows\System32\DRIVERS\nwvzwmbnet_001.sys [334848 2012-08-07] (Novatel Wireless Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2013-05-08] (Google Inc)
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2013-05-06] (LG Electronics Inc.)
S3 vzandnetdiag2; C:\Windows\System32\DRIVERS\lgvzandnetdiag264.sys [29696 2013-05-06] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2013-05-06] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94208 2013-10-14] (LG Electronics Inc.)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [266752 2013-01-10] (Jungo)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 21:16 - 2015-07-08 21:16 - 00000000 ____D C:\FRST
2015-07-08 20:33 - 2015-07-08 20:33 - 00000000 ___RD C:\Users\Medic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____H C:\ProgramData\cm-lock
2015-07-08 19:58 - 2015-07-08 19:58 - 00000000 ____D C:\ProgramData\Wondershare
2015-07-08 19:56 - 2015-07-08 19:56 - 00001201 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2015-07-08 19:56 - 2015-07-08 19:56 - 00000000 ____D C:\ProgramData\Wondershare Video Editor
2015-07-08 19:56 - 2015-02-27 11:33 - 02140712 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.004
2015-07-08 19:56 - 2015-02-27 11:33 - 00531496 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpeg2mux.ax
2015-07-08 19:56 - 2015-02-27 11:33 - 00375848 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcm2ve.ax
2015-07-08 19:56 - 2015-02-27 11:33 - 00257064 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcl2ae.ax
2015-07-08 19:56 - 2015-02-27 11:33 - 00244776 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgaout.dll
2015-07-08 19:56 - 2015-02-27 11:33 - 00020520 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.dll
2015-07-08 19:55 - 2015-07-08 19:55 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-07-07 21:12 - 2015-07-08 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 15:32 - 2015-07-02 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tera Term
2015-07-02 15:32 - 2015-07-02 15:32 - 00000000 ____D C:\Program Files (x86)\teraterm
2015-07-02 14:44 - 2015-07-02 14:44 - 00000600 _____ C:\Users\Medic\AppData\Local\PUTTY.RND
2015-07-01 22:08 - 2015-07-01 22:08 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 22:08 - 2015-07-01 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 22:07 - 2015-07-01 22:08 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 22:07 - 2015-07-01 22:07 - 00000000 ____D C:\Program Files\iPod
2015-07-01 22:07 - 2015-07-01 22:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-01 22:05 - 2015-07-01 22:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-01 22:05 - 2015-07-01 22:05 - 00001847 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-01 22:05 - 2015-07-01 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-06-26 19:32 - 2015-05-18 23:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-26 19:32 - 2015-05-18 23:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-20 12:38 - 2015-06-20 12:38 - 00000000 ____D C:\Program Files (x86)\Prolific
2015-06-17 00:23 - 2015-06-17 00:23 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-06-17 00:23 - 2015-06-17 00:23 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2015-06-17 00:04 - 2015-06-17 00:04 - 00001120 _____ C:\Users\Medic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-06-17 00:03 - 2015-06-17 00:03 - 00000000 ____D C:\Users\Medic\Desktop\Tor Browser
2015-06-13 04:07 - 2015-06-13 04:07 - 00002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-12 12:38 - 2015-06-12 12:38 - 00001407 _____ C:\Users\Public\Desktop\SeaTools for Windows.lnk
2015-06-12 12:38 - 2015-06-12 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-06-12 12:38 - 2015-06-12 12:38 - 00000000 ____D C:\Program Files (x86)\Seagate
2015-06-12 00:48 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-12 00:48 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-12 00:48 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-12 00:48 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-12 00:48 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-12 00:48 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-12 00:48 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-12 00:48 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-12 00:48 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-12 00:48 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-12 00:48 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-12 00:48 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-12 00:48 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-12 00:48 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-12 00:48 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-12 00:48 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-12 00:48 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-12 00:48 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-12 00:48 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-12 00:48 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-12 00:48 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-12 00:48 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-12 00:48 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-12 00:48 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-12 00:48 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-12 00:48 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-12 00:48 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-12 00:48 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-12 00:48 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-12 00:48 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-12 00:48 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-12 00:48 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-12 00:48 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-12 00:48 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-12 00:48 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-12 00:48 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-12 00:48 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-12 00:48 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-12 00:48 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-12 00:48 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-12 00:48 - 2015-05-08 23:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-12 00:48 - 2015-05-08 23:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-12 00:48 - 2015-05-08 23:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-12 00:48 - 2015-05-08 23:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-12 00:48 - 2015-05-08 23:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-12 00:48 - 2015-05-08 23:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-12 00:48 - 2015-05-08 23:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-12 00:48 - 2015-05-08 23:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-12 00:48 - 2015-05-08 23:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-12 00:48 - 2015-05-08 23:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-12 00:48 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-12 00:48 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-12 00:48 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-12 00:48 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-12 00:48 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-12 00:48 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-12 00:48 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-12 00:48 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-12 00:48 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-12 00:48 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-12 00:47 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-12 00:47 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-12 00:47 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-12 00:47 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-12 00:47 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 00:47 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-12 00:47 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-12 00:47 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-12 00:47 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-12 00:47 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-12 00:47 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-12 00:47 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-12 00:47 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-12 00:47 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-12 00:47 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-12 00:47 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-12 00:47 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-12 00:47 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-12 00:47 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-12 00:47 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-12 00:47 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-12 00:47 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-12 00:47 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-12 00:47 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-12 00:47 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-12 00:47 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-12 00:47 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-12 00:47 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-12 00:47 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-12 00:47 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-12 00:47 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-12 00:47 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-12 00:47 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-12 00:47 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-12 00:47 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-12 00:47 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-12 00:47 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-12 00:47 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-12 00:47 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-12 00:47 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-12 00:47 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-12 00:47 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-12 00:47 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-12 00:47 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-12 00:47 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-12 00:47 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-12 00:47 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-12 00:47 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-12 00:47 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-12 00:47 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-12 00:47 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-12 00:47 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-12 00:47 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-12 00:47 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-12 00:47 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-12 00:47 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-12 00:47 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-12 00:47 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-12 00:47 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-12 00:47 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-12 00:47 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-12 00:47 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-12 00:47 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-08 00:18 - 2015-06-14 12:24 - 00000000 ____D C:\Users\Medic\AppData\Roaming\TeamViewer
2015-06-08 00:18 - 2015-06-11 15:46 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-08 00:18 - 2015-06-08 00:18 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-06-08 00:18 - 2015-06-08 00:18 - 00001037 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 21:16 - 2009-07-14 00:45 - 00015056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-08 21:16 - 2009-07-14 00:45 - 00015056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-08 21:11 - 2013-03-06 01:08 - 00000376 _____ C:\Users\Medic\AppData\Roaming\sp_data.sys
2015-07-08 21:11 - 2012-02-18 03:37 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-08 21:00 - 2013-04-18 10:51 - 00000000 ____D C:\Users\Medic\AppData\Local\Axialis
2015-07-08 20:59 - 2013-09-19 11:56 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1118339841-1434331689-2435812366-1001UA.job
2015-07-08 20:48 - 2013-03-06 03:25 - 01117431 _____ C:\Windows\WindowsUpdate.log
2015-07-08 20:42 - 2014-03-07 09:01 - 00000562 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1118339841-1434331689-2435812366-1001.job
2015-07-08 20:38 - 2013-04-03 15:40 - 00417528 _____ C:\Windows\system32\perfh00D.dat
2015-07-08 20:38 - 2013-04-03 15:40 - 00092704 _____ C:\Windows\system32\perfc00D.dat
2015-07-08 20:38 - 2011-02-18 23:23 - 00421718 _____ C:\Windows\system32\prfh0404.dat
2015-07-08 20:38 - 2011-02-18 23:23 - 00130090 _____ C:\Windows\system32\prfc0404.dat
2015-07-08 20:38 - 2011-02-18 23:18 - 00764306 _____ C:\Windows\system32\prfh0816.dat
2015-07-08 20:38 - 2011-02-18 23:18 - 00162768 _____ C:\Windows\system32\prfc0816.dat
2015-07-08 20:38 - 2011-02-18 23:13 - 00780780 _____ C:\Windows\system32\perfh00A.dat
2015-07-08 20:38 - 2011-02-18 23:13 - 00169764 _____ C:\Windows\system32\perfc00A.dat
2015-07-08 20:38 - 2011-02-18 23:08 - 00779642 _____ C:\Windows\system32\perfh00C.dat
2015-07-08 20:38 - 2011-02-18 23:08 - 00159898 _____ C:\Windows\system32\perfc00C.dat
2015-07-08 20:38 - 2009-07-14 01:13 - 04654638 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 20:33 - 2015-03-03 15:19 - 00000000 ___RD C:\Users\Medic\odrive
2015-07-08 20:33 - 2015-03-03 15:18 - 00000000 ___HD C:\Users\Medic\.odrive
2015-07-08 20:32 - 2014-03-08 22:05 - 00056369 _____ C:\Windows\setupact.log
2015-07-08 20:32 - 2013-03-06 03:27 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-07-08 20:32 - 2013-03-06 03:26 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-08 20:32 - 2012-02-18 03:37 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-08 20:32 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 20:30 - 2014-02-14 04:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 20:30 - 2014-02-14 04:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-08 20:28 - 2013-12-04 22:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 20:28 - 2013-12-04 22:32 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 20:15 - 2013-03-06 01:08 - 00000000 ____D C:\Users\Medic\AppData\Roaming\Atheros
2015-07-08 20:14 - 2014-04-21 07:08 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-08 20:14 - 2014-03-08 22:05 - 00445176 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-08 19:58 - 2014-03-07 21:22 - 00118384 _____ C:\Users\Medic\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-08 19:56 - 2015-01-31 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-07-08 19:32 - 2013-03-08 17:57 - 00000000 ____D C:\Users\Medic\AppData\Local\Adobe
2015-07-08 19:25 - 2013-03-06 03:28 - 00000000 ____D C:\ProgramData\Atheros
2015-07-08 18:29 - 2015-05-30 20:40 - 00000658 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1118339841-1434331689-2435812366-1001.job
2015-07-08 15:59 - 2013-09-19 11:56 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1118339841-1434331689-2435812366-1001Core.job
2015-07-08 12:16 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-08 11:56 - 2014-03-08 22:05 - 00416094 _____ C:\Windows\PFRO.log
2015-07-08 11:56 - 2013-03-06 01:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-07 11:31 - 2013-03-06 03:27 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-07-05 06:08 - 2013-04-03 15:41 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-02 15:35 - 2015-01-28 12:53 - 00000000 ____D C:\ProgramData\WebEx
2015-07-01 22:07 - 2015-04-22 22:01 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 22:07 - 2013-03-06 04:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 19:49 - 2009-07-14 01:08 - 00032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-29 16:36 - 2014-11-21 06:39 - 00000000 __SHD C:\Users\Medic\AppData\Local\EmieBrowserModeList
2015-06-29 16:36 - 2014-04-14 23:40 - 00000000 __SHD C:\Users\Medic\AppData\Local\EmieUserList
2015-06-29 16:36 - 2014-04-14 23:40 - 00000000 __SHD C:\Users\Medic\AppData\Local\EmieSiteList
2015-06-26 19:32 - 2014-03-06 19:03 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-26 19:32 - 2013-03-06 03:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-26 19:28 - 2014-12-13 01:13 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2015-06-24 07:36 - 2015-05-07 10:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 07:36 - 2015-05-07 10:41 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-24 07:36 - 2014-03-06 19:02 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 07:36 - 2014-03-06 19:02 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-23 18:00 - 2014-12-29 22:19 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-20 21:41 - 2013-03-17 13:55 - 00000000 ____D C:\Users\Medic\AppData\Local\CrashDumps
2015-06-20 12:38 - 2013-03-06 03:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-14 12:06 - 2015-05-30 20:40 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1118339841-1434331689-2435812366-1001
2015-06-14 12:06 - 2014-03-07 09:01 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1118339841-1434331689-2435812366-1001
2015-06-13 04:07 - 2012-02-18 03:37 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-12 22:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-06-12 20:37 - 2009-07-13 23:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 20:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2015-06-12 20:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-06-12 20:29 - 2015-04-19 15:34 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-12 20:29 - 2014-05-04 18:16 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-12 20:29 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-12 20:22 - 2013-03-24 23:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 00:49 - 2013-07-14 23:03 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 00:49 - 2013-03-06 02:17 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 22:36 - 2014-06-09 09:48 - 00000000 ____D C:\Users\Medic\AppData\Local\Novatel Wireless
2015-06-08 07:07 - 2013-06-17 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-08 02:53 - 2015-05-29 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons

==================== Files in the root of some directories =======

2014-04-18 20:58 - 2014-04-18 20:58 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxwtu-secure-search.xml
2008-04-14 00:30 - 2008-04-14 00:30 - 0554008 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\dao360.dll
2015-01-26 19:11 - 2015-05-04 20:08 - 0000640 _____ () C:\Users\Medic\AppData\Roaming\Account.acc
2014-08-22 18:06 - 2014-08-22 18:06 - 0000697 _____ () C:\Users\Medic\AppData\Roaming\ConvAPIPlugin.log
2015-01-26 19:11 - 2015-05-04 20:08 - 0000252 _____ () C:\Users\Medic\AppData\Roaming\Orders.ord
2015-02-08 16:11 - 2015-02-08 16:11 - 0000068 _____ () C:\Users\Medic\AppData\Roaming\redline2stapler.tmp
2014-03-09 23:07 - 2014-03-09 23:11 - 14098432 _____ () C:\Users\Medic\AppData\Roaming\Sandra.mdb
2013-03-06 01:08 - 2015-07-08 21:11 - 0000376 _____ () C:\Users\Medic\AppData\Roaming\sp_data.sys
2014-03-06 12:13 - 2014-03-06 12:13 - 0000018 _____ () C:\Users\Medic\AppData\Roaming\stocksTicker.ini
2013-09-06 15:06 - 2013-10-08 18:47 - 0005120 _____ () C:\Users\Medic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-26 23:21 - 2014-06-26 23:21 - 0004096 ____H () C:\Users\Medic\AppData\Local\keyfile3.drm
2015-07-02 14:44 - 2015-07-02 14:44 - 0000600 _____ () C:\Users\Medic\AppData\Local\PUTTY.RND
2014-08-19 19:29 - 2014-08-19 19:29 - 0000218 _____ () C:\Users\Medic\AppData\Local\recently-used.xbel
2015-03-24 22:48 - 2015-03-24 22:48 - 0007610 _____ () C:\Users\Medic\AppData\Local\Resmon.ResmonCfg
2013-03-08 09:53 - 2013-03-08 09:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-08 20:32 - 2015-07-08 20:32 - 0000000 ____H () C:\ProgramData\cm-lock
2015-03-04 14:32 - 2015-03-04 14:32 - 0000049 _____ () C:\ProgramData\CoolRead.ini
2014-08-22 17:58 - 2015-02-08 20:15 - 0009314 _____ () C:\ProgramData\hpzinstall.log
2013-03-06 03:34 - 2013-03-06 03:35 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-03-06 03:34 - 2013-03-06 03:34 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-03-06 03:33 - 2013-03-06 03:34 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 01:44

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Medic at 2015-07-08 21:17:05
Running from e:\Users\Medic\Desktop\virus removal\07082015
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1118339841-1434331689-2435812366-500 - Administrator - Disabled)
Guest (S-1-5-21-1118339841-1434331689-2435812366-501 - Limited - Enabled) => C:\Users\Guest
Medic (S-1-5-21-1118339841-1434331689-2435812366-1001 - Administrator - Enabled) => C:\Users\Medic
Paysys (S-1-5-21-1118339841-1434331689-2435812366-1005 - Administrator - Enabled) => C:\Users\Paysys
PK (S-1-5-21-1118339841-1434331689-2435812366-1004 - Limited - Enabled) => C:\Users\PK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACBLscore (HKLM-x32\...\ACBLscore) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.142.60386 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.142.60386 - Alcor Micro Corp.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASAP Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 5.5.1 - Bastien Mensink - A Must in Every Office BV)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS Fan Filter Checker (HKLM-x32\...\{2B0E8920-47D0-4F4D-BE03-76397409B837}) (Version: 1.0.0001 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
AsusScr_G75 Series_ENG (HKLM-x32\...\AsusScr_G75 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
AutoTrader Add-on (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\009230909be9510c) (Version: 2.0.0.99 - MTI)
Avery Design & Print (HKLM-x32\...\Avery Design & Print 1.0.0) (Version: 1.0.0 - Avery Products Corporation)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.0.0.2 - AVG Technologies)
BbeXtreme (x32 Version: 12.6.0 - Bluebeam Software) Hidden
BF5R_PCS (HKLM-x32\...\ST6UNST #1) (Version:  - )
Bluebeam Revu x64 12 (HKLM-x32\...\InstallShield_{CAF3E4B8-B35F-4188-BCEC-34CE2D41323C}) (Version: 12.6.0 - Bluebeam Software)
Bluebeam Revu x64 12 (Version: 12.6.0 - Bluebeam Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
Bridge Base Online (HKLM-x32\...\Bridge Base OnlineVersion 5.2.21) (Version: Version 5.2.21 - Bridge Base Online, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Caesar 3 (HKLM-x32\...\GOGPACKCAESAR3_is1) (Version: 2.0.0.9 - GOG.com)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CHIRP (HKLM-x32\...\CHIRP) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
ClipConverter (HKLM-x32\...\{86134348-6422-4486-AB6A-0E01DBA39DE6}) (Version: 1.1.0 - Lunaweb)
CodeMeter Runtime Kit v5.00b (HKLM\...\{11BA59A6-23B0-4F80-9EC0-0075CA4CAD5E}) (Version: 5.00.1067.502 - WIBU-SYSTEMS AG)
Convention Card Editor 1.1.2700 (HKLM-x32\...\{D88806D4-1456-4030-9F01-EAC848EC5980}_is1) (Version:  - Freeware)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.6) (Version: 5.0.1.6 - Coupons.com Incorporated)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
D1400_Help (x32 Version: 90.0.235.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
dj_sf_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
dj_sf_software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
dj_sf_software_req (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DMP (HKLM-x32\...\InstallShield_{87E53665-0B67-46B2-90AE-2A85472E44B1}) (Version: 5.2.3.9 - Newmarket International, Inc.)
DMP (x32 Version: 5.2.3.9 - Newmarket International, Inc.) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
eFax Messenger (HKLM-x32\...\{DF6DA606-904D-4C18-823F-A4CFC3035E53}) (Version: 4.4.2.533 - j2 Global)
Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
FreeStyler (HKLM-x32\...\FreeStyler_is1) (Version:  - Raphaël Wellekens)
FXCM MetaTrader 4 (HKLM-x32\...\FXCM MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FXCM Trading Station (HKLM-x32\...\FXCM Trading Station) (Version: 111313 - )
FXCM Trading Station (x32 Version: 111313 - FXCM) Hidden
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameFast (HKLM\...\GameFast_is1) (Version: 1.0.1.1 - ASUSTEK Computer Inc)
Garmin City Navigator North America NT 2015.40 (HKLM-x32\...\{FA3EB65C-FB8F-4C1D-BAC1-9EB29F537C56}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.2.1.2856 (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\GoToMeeting) (Version: 7.2.1.2856 - CitrixOnline)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet Printer Driver Software 13.0 Rel. 1 (HKLM\...\{3CDDD063-7FC2-43A7-9EC0-B3F1E38C7649}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
join.me (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\JoinMe) (Version: 1.14.0.132 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kingo ROOT version 1.3.4.2252 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.4.2252 - Kingosoft Technology Ltd.)
LD Calculator Lite 1.02 b1 (HKLM-x32\...\LD Calculator Lite_is1) (Version:  - Paul Pelletier)
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.14.1 - LG Electronics)
Lightwright 5.0.36 (build 470) (HKLM-x32\...\{EE25EB4B-E2D7-4F84-80C3-19D665B54AFC}_is1) (Version:  - John McKernon Software)
LJ Manager 1.5.0 (HKLM-x32\...\LJ Manager_is1) (Version:  - Paul Pelletier)
Magic 3D Easy View (HKLM-x32\...\Magic 3D Easy View_is1) (Version:  - Nicolaudie)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Martin Driver Package (HKLM\...\{5A468992-C111-4250-9E80-DB446DD50DF7}) (Version: 11.20.450.0 - Martin Professional A/S)
Martin M-Series (HKLM-x32\...\{4FC78987-197F-42F4-BA48-431E849C56F4}) (Version: 3.20.450.0 - Martin Professional A/S)
Martin M-Series Manager 1.6.8.428 (HKLM-x32\...\Martin M-Series Manager_is1) (Version:  - Martin Professional A/S)
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.0 - MediatekWiFi)
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (繁體中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1028) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mikogo (HKU\.DEFAULT\...\Mikogo) (Version: 5.0.0 - Mikogo GmbH)
Mikogo 4 (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\Mikogo 4) (Version: 4.7 - BeamYourScreen GmbH)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MTI 4 (HKLM-x32\...\MTI 4) (Version:  - )
MTI Forex Direct (HKLM-x32\...\{75FBF97F-DCC0-43C4-8A8B-E0FB30C473FE}) (Version: 1.0.0 - MarketTraders)
Next DVD Ripper version 4.0.2 (HKLM-x32\...\{5A27AE45-C0EC-4B3A-80B0-D2B611CA6AB9}_is1) (Version: 4.0.2 - NextVideoSoft Inc.)
Nmap 6.46 (HKLM-x32\...\Nmap) (Version:  - )
NolaPro By Noguska (HKLM-x32\...\NoguskaNolaProApacheMySQLphp) (Version:  - )
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oceanlog 2.x (HKLM-x32\...\{2EED574D-0DE3-41BD-893F-3E1572F1BE11}) (Version: 2.4.6 - OCEANIC)
odrive (HKLM-x32\...\{2c459701-1df2-4c37-96d3-f378ecf04c06}) (Version: 1.0.2829 - Oxygen Cloud, Inc.)
odrive (Version: 1.00.2829 - Oxygen Cloud, Inc.) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Pharaoh Gold (HKLM-x32\...\GOGPACKPHARAOH_is1) (Version: 2.0.0.12 - GOG.com)
PharaohDemo (HKLM-x32\...\PharaohDemo) (Version:  - )
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PS6510FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RabbitTV (HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\...\6c2290d276fa0f0d) (Version: 1.0.0.8 - RabbitTV.com)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 5.10 - Philipp Winterberg)
Rotation Desktop for G Series (HKLM\...\Rotation Desktop for G Series_is1) (Version: 1.1.3.2 - ASUSTEK Computer Inc)
Roxio CinePlayer (HKLM-x32\...\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}) (Version: 5.8.58233.4 - Roxio)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SiSoftware Sandra Lite 2014.SP1a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.21.2014.3 - SiSoftware)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
StockTicker7 0.3.5 (HKLM-x32\...\StockTicker7) (Version: 0.3.5 - StockTicker)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Tera Term 4.83 (HKLM-x32\...\Tera Term_is1) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Tuner Internet Update Application (HKLM-x32\...\{3D386EA1-263A-498B-8E45-487DB52F2751}) (Version: 9.5.4 - Tuner Updates)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UV_5R_VIP (HKLM-x32\...\ST6UNST #2) (Version:  - )
Verizon Mobile Broadband Drivers (HKLM-x32\...\{8BF85767-903F-4E68-86F3-ECF71DF27AA9}) (Version: 3.24.018.001.14 - Novatel Wireless)
Verizon Wireless USB551L Firmware Updates (HKLM-x32\...\{9BD53EBD-C5C1-45F3-BF4C-84D8A62A8393}) (Version: 1.0.5 - Smith Micro Software, Inc.)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VZAccess Manager (HKLM-x32\...\{FF35BA14-9CF3-41DD-9BC3-7C2A0763B4F3}) (Version: 7.9.1.0 - Smith Micro Software Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - 2002 Design, Inc. CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\F6E0F1109AA7CD23264AC977C8B520A81489C8C6) (Version: 01/18/2013 2.08.28 - 2002 Design, Inc.)
Windows Driver Package - 2002 Design, Inc. CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\ACE9D0EB37B3458E3DA047FE14C2F39C9BAA98AA) (Version: 01/18/2013 2.08.28 - 2002 Design, Inc.)
Windows Driver Package - Das (WinUSB) USB  (12/14/2011 1.4) (HKLM\...\883C6F371CE9B23C1CF864201BD5C4BBCA440808) (Version: 12/14/2011 1.4 - Das)
Windows Driver Package - Das USB  (09/20/2010 1.6.0) (HKLM\...\3CAABDB4D5E19760A561BDB6506A3E8432AE8457) (Version: 09/20/2010 1.6.0 - Das)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\2DC0AA065FA83047D7ECD51C7000C1620D79A4C5) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\51A4D522DD31538335EF5736F0E7F588C70BCB12) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Wondershare PDF Editor(Build 3.9.11) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.9.11.9 - Wondershare Software Co.,Ltd.)
Wondershare Video Editor(Build 5.1.2) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
X-Lite (HKLM-x32\...\{D79740D7-405F-4A07-A144-40A655CA4B7C}) (Version: 48.7.6589 - CounterPath Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Medic\AppData\Local\Citrix\GoToMeeting\1694\G2MOutlookAddin64.dll No File
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Medic\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Medic\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Medic\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Medic\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Medic\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1118339841-1434331689-2435812366-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Medic\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

27-06-2015 13:33:27 Removed OpenOffice 4.0.0
01-07-2015 09:15:32 Windows Update
04-07-2015 16:08:47 Windows Update
07-07-2015 20:56:58 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2013-11-30 20:26 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0066121B-B700-49AC-9D12-7F3D847BD892} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1118339841-1434331689-2435812366-1001UA => C:\Users\Medic\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-19] (Google Inc.)
Task: {0FB46DE8-E654-4FB2-BE90-04126E559377} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {11D9458C-FB82-462F-93D6-3DA2242A616B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {14CA76DB-6B45-447F-8743-F9A9D86EA7E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {1E190EB1-1166-4BD1-870C-DD1AF3683C81} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {2019B753-76A1-427A-B1E0-81BB1749E9E3} - System32\Tasks\{0C3DB273-212A-4D49-A9E5-41F1785D84F5} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fC:\SIERRA\PharaohDemo\Uninst.isu
Task: {24D5F04C-D572-4511-B007-9CF43F5E21CD} - System32\Tasks\{6F95646A-2379-4A72-9000-FF03D0BC100E} => pcalua.exe -a e:\Users\Medic\Desktop\si_pharaoh_enhancepack_en.exe -d e:\Users\Medic\Desktop
Task: {3099C192-61DB-4B0C-911A-045612907E7B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {3165B90F-FDC3-464C-B3C3-0766828D32F4} - System32\Tasks\{5B3D8BC0-A19C-406E-AE1E-E11DDE6BC56A} => E:\GAMES\Warcraft\INSTALL.EXE [1995-11-27] ()
Task: {32E5DE58-D55C-4913-8414-FEBD33CA1B0D} - System32\Tasks\G2MUploadTask-S-1-5-21-1118339841-1434331689-2435812366-1001 => C:\Users\Medic\AppData\Local\Citrix\GoToMeeting\2856\g2mupload.exe [2015-06-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3D823339-C2CC-4ADA-97BD-BA9B0F0A80D1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {54F72862-E9A2-4F2F-A363-A9097B462BF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {583BBCFD-8AF9-4D5C-9095-FDE6581EB70B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {5ECFC747-A53D-4AE3-AD39-1442CA7335F0} - System32\Tasks\{A8F3178A-C51F-4EBB-AA23-CA2576C80CFD} => E:\GAMES\Warcraft\INSTALL.EXE [1995-11-27] ()
Task: {63EB7390-8031-4735-B9BC-39117ACE068A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {6C1D86B5-9986-42CC-B070-168AB8224779} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {A042D49D-28C8-4E0B-84C0-E905299D683C} - System32\Tasks\{A8B94C65-C9C6-43F9-B286-88970F144E76} => E:\GAMES\Warcraft\INSTALL.EXE [1995-11-27] ()
Task: {A90E1409-B8FD-4478-A5D6-C63E96E8673A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1118339841-1434331689-2435812366-1001Core => C:\Users\Medic\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-19] (Google Inc.)
Task: {C335AE77-3CAB-4E08-8B9F-53505C43F302} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {D1654233-97BE-4CE2-AF83-37181499955E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {D51EACFF-C843-4EB3-A667-2B006792D98D} - System32\Tasks\G2MUpdateTask-S-1-5-21-1118339841-1434331689-2435812366-1001 => C:\Users\Medic\AppData\Local\Citrix\GoToMeeting\2856\g2mupdate.exe [2015-06-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E5A931A0-FCE0-4BBC-8EC6-1ECEBC3B6642} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F9BCA655-AA96-47A7-9D8E-571893F9E281} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1118339841-1434331689-2435812366-1001.job => C:\Users\Medic\AppData\Local\Citrix\GoToMeeting\2856\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1118339841-1434331689-2435812366-1001.job => C:\Users\Medic\AppData\Local\Citrix\GoToMeeting\2856\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1118339841-1434331689-2435812366-1001Core.job => C:\Users\Medic\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1118339841-1434331689-2435812366-1001UA.job => C:\Users\Medic\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-01 23:19 - 2015-05-28 00:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-06-21 00:03 - 2012-10-04 19:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-06 03:33 - 2011-03-27 17:23 - 00113840 _____ () C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
2013-03-06 03:27 - 2012-02-21 16:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2013-09-16 19:12 - 2013-09-16 19:12 - 01008968 _____ () C:\Users\Medic\AppData\Local\Mikogo4\Host\Service\M4-Service.exe
2011-07-01 19:10 - 2011-07-01 19:10 - 05820416 _____ () e:\Program Files (x86)\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe
2015-06-24 23:37 - 2015-06-24 23:37 - 01592632 _____ () C:\Users\Medic\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe
1997-05-15 00:49 - 1997-05-15 00:49 - 00013312 _____ () e:\Program Files (x86)\Noguska\NolaPro\Apache\bin\srvany.exe
2010-02-25 20:40 - 2010-02-25 20:40 - 00397824 _____ () e:\Program Files (x86)\Noguska\NolaPro\Apache\xmail\XMail.exe
2010-07-14 20:11 - 2010-07-14 20:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-03-06 03:27 - 2012-03-30 08:01 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-03-06 03:27 - 2012-03-30 08:01 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-03-03 15:19 - 2014-12-15 20:43 - 05101336 _____ () C:\Users\Medic\.odrive\bin\current\odriveapp.exe
2015-05-07 10:41 - 2015-06-24 07:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-01-31 13:25 - 2012-01-31 13:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-02-06 23:32 - 2012-02-06 23:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-01-31 00:16 - 2014-09-11 18:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-01-31 00:16 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-07-08 20:32 - 2015-07-08 20:32 - 00098816 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32api.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00110080 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\pywintypes27.dll
2015-07-08 20:32 - 2015-07-08 20:32 - 00364544 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\pythoncom27.dll
2015-07-08 20:32 - 2015-07-08 20:32 - 00045568 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_socket.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 01161216 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_ssl.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00320512 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32com.shell.shell.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00713216 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_hashlib.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 01175040 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._core_.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00805888 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._gdi_.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00811008 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._windows_.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 01062400 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._controls_.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00735232 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._misc_.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00682496 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\pysqlite2._sqlite.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00087552 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_ctypes.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00119808 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32file.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00108544 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32security.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00007168 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\hashobjs_ext.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00026624 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\usb_ext.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00167936 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32gui.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00018432 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32event.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00128512 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_elementtree.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00127488 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\pyexpat.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00013824 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\common.time34.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00036864 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_psutil_windows.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00038912 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32inet.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00011264 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32crypt.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00070656 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._html2.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00027136 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_multiprocessing.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00020480 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\_yappi.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00035840 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32process.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00686080 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\unicodedata.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00122368 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._wizard.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00024064 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32pipe.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00010240 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\select.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00025600 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32pdh.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00525640 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\windows._lib_cacheinvalidation.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00017408 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32profile.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00022528 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\win32ts.pyd
2015-07-08 20:32 - 2015-07-08 20:32 - 00078336 _____ () C:\Users\Medic\AppData\Local\Temp\_MEI61682\wx._animate.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00008704 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.Qt.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 01721856 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtCore.pyd
2015-03-03 15:19 - 2014-12-15 20:43 - 00078848 _____ () C:\Users\Medic\.odrive\bin\current\sip.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 01804288 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtGui.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00503808 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtNetwork.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00180224 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtSensors.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00057344 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtSerialPort.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00320512 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtQml.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00117760 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtWebKit.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 03975168 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtWidgets.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00099840 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtOpenGL.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00193024 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtPrintSupport.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00416768 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtQuick.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00243200 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtSql.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00086528 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtSvg.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00065024 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtTest.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00215040 _____ () C:\Users\Medic\.odrive\bin\current\PyQt5.QtWebKitWidgets.pyd
2015-03-03 15:19 - 2013-05-16 01:44 - 00358400 _____ () C:\Users\Medic\.odrive\bin\current\_hashlib.pyd
2015-03-03 15:19 - 2013-05-16 01:43 - 00044544 _____ () C:\Users\Medic\.odrive\bin\current\_socket.pyd
2015-03-03 15:19 - 2013-05-16 01:45 - 00899072 _____ () C:\Users\Medic\.odrive\bin\current\_ssl.pyd
2015-03-03 15:19 - 2013-05-16 01:43 - 00010240 _____ () C:\Users\Medic\.odrive\bin\current\select.pyd
2015-03-03 15:19 - 2013-05-16 01:43 - 00087552 _____ () C:\Users\Medic\.odrive\bin\current\_ctypes.pyd
2015-03-03 15:19 - 2012-10-27 10:21 - 00098816 _____ () C:\Users\Medic\.odrive\bin\current\win32api.pyd
2015-03-03 15:19 - 2012-10-27 10:20 - 00110080 _____ () C:\Users\Medic\.odrive\bin\current\pywintypes27.dll
2015-03-03 15:19 - 2012-10-27 10:22 - 00364544 _____ () C:\Users\Medic\.odrive\bin\current\pythoncom27.dll
2015-07-08 20:33 - 2014-12-15 17:40 - 00036352 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\psutil-1.2.1-py2.7-win32.egg-tmp\_psutil_mswindows.pyd
2015-03-03 15:19 - 2014-12-15 20:41 - 00033792 _____ () C:\Users\Medic\.odrive\bin\current\simplejson._speedups.pyd
2015-03-03 15:19 - 2013-05-16 01:43 - 00686080 _____ () C:\Users\Medic\.odrive\bin\current\unicodedata.pyd
2015-03-03 15:19 - 2013-05-16 01:43 - 00027136 _____ () C:\Users\Medic\.odrive\bin\current\_multiprocessing.pyd
2015-03-03 15:19 - 2014-12-15 20:43 - 00280064 _____ () C:\Users\Medic\.odrive\bin\current\_yaml.pyd
2015-03-03 15:19 - 2012-10-27 10:20 - 00119808 _____ () C:\Users\Medic\.odrive\bin\current\win32file.pyd
2015-03-03 15:19 - 2013-10-03 18:47 - 00729600 _____ () C:\Users\Medic\.odrive\bin\current\apsw.pyd
2015-03-03 15:19 - 2014-12-15 20:39 - 00113152 _____ () C:\Users\Medic\.odrive\bin\current\src.OxygenFactory.OxygenFactory.pyd
2015-03-03 15:19 - 2012-10-27 10:20 - 00017920 _____ () C:\Users\Medic\.odrive\bin\current\win32clipboard.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00009728 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Random\OSRNG\winrandom.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00010240 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Util\_counter.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00029184 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Cipher\_AES.pyd
2015-03-03 15:19 - 2012-10-27 10:20 - 00108544 _____ () C:\Users\Medic\.odrive\bin\current\win32security.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00054784 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Cipher\_DES3.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00019968 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Cipher\_Blowfish.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00008704 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Cipher\_ARC4.pyd
2015-03-03 15:19 - 2013-05-16 01:43 - 00127488 _____ () C:\Users\Medic\.odrive\bin\current\pyexpat.pyd
2015-03-03 15:19 - 2014-01-08 20:32 - 00006144 _____ () C:\Users\Medic\.odrive\bin\current\tornado.speedups.pyd
2015-03-03 15:19 - 2012-10-27 10:20 - 00025600 _____ () C:\Users\Medic\.odrive\bin\current\win32cred.pyd
2015-07-08 20:33 - 2014-12-15 17:41 - 00007680 _____ () c:\users\medic\appdata\local\temp\tmpudknjq\pycrypto-2.6.1-py2.7-win32.egg-tmp\Crypto\Util\strxor.pyd
2015-03-03 15:19 - 2014-07-18 20:45 - 00877056 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\platforms\qwindows.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00032256 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qdds.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00021504 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qgif.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00027648 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qicns.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00020992 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qico.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00381952 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qjp2.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00204800 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qjpeg.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00218112 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qmng.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00015872 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qsvg.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00015360 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qtga.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00307712 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qtiff.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00014848 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qwbmp.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00252928 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\imageformats\qwebp.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00036352 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\bearer\qgenericbearer.dll
2015-03-03 15:19 - 2014-07-18 20:45 - 00038912 _____ () C:\Users\Medic\.odrive\bin\current\qt5_plugins\bearer\qnativewifibearer.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-08 20:28 - 2015-07-08 20:28 - 17418416 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
2013-03-06 03:27 - 2012-02-21 16:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\CN26M570RZ05QB:NW
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1118339841-1434331689-2435812366-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Medic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ApacheNoguskaNolaPro => 2
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: DMXSender => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: Market Traders: MTI 4.00 update permissions manager. 12448. => 2
MSCONFIG\Services: Mikogo-Service => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mediatek Wireless Utility.lnk => C:\Windows\pss\Mediatek Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Medic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GridMove.lnk => C:\Windows\pss\GridMove.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 6510 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 6510 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^Medic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StockTicker7.lnk => C:\Windows\pss\StockTicker7.lnk.Startup
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BbInstallUser => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe
MSCONFIG\startupreg: BbPrintMonitor => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Epson Stylus NX420(Network) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_S32F8.tmp" /EF "HKCU"
MSCONFIG\startupreg: EPSON185D99 (Epson Stylus NX420) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_SC0D5.tmp" /EF "HKCU"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_F259CE2B07E2BF21642C420D57C5C091 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GrooveMonitor => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [TCP Query User{91F9ED30-FD70-4F2E-A5FE-D1B2450B5107}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{757948EA-289C-43E4-9E4E-8E934A93C132}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{3EE034EE-3C05-48C4-A9EB-3B567AB9A452}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A6F1A771-B1A4-45A1-B6D1-6D5F95346AAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BCB402C-998B-40B4-8F02-CB8CF1AEDD9E}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{62C5BD8C-FDC0-4B80-A4A1-F84C023578E4}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{F6C6BABE-FAEE-4966-B255-A61DFC7B76FA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6DEED114-E28A-46CB-8B89-F7DC0E2D3C6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D62AB060-EECD-433C-A1AD-C38BBF730325}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1F8CFF69-E0D0-49D9-99ED-A055817E5A14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A36C707A-8094-4CE8-8C5C-BA34A3C8548E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBF243DB-7570-42D0-B132-F8F05ED31F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DDDB6552-A256-445F-90D0-5C224C2E9911}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D852C89A-2E09-4E79-B73E-910A7AE74FD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{937898DD-D641-4544-AA17-0826183B49B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AE5186D5-7080-481D-9A60-6A2936EC9E06}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [UDP Query User{8601A4AA-8F51-4B42-B00F-2E412878A1B8}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [{701DC386-EEBC-47F8-A2D0-735C6F57ED79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D10A0144-B4F6-49FC-BAAF-6211BEED246B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5CB31803-D766-4480-9590-9ADB1A98EE8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E570DEAA-0AF1-46F5-90AE-E1254BBB958C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3D31F935-E628-434A-879B-1E0F01238208}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{55B4906E-CED9-4876-96DA-F2799D2BCE49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2015 09:00:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (07/08/2015 09:00:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (07/08/2015 09:00:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 09:00:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2012

Error: (07/08/2015 09:00:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2012

Error: (07/08/2015 09:00:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 09:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (07/08/2015 09:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (07/08/2015 09:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 06:41:03 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


System errors:
=============
Error: (07/08/2015 08:33:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/08/2015 08:32:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.0.0 service failed to start due to the following error:
%%2

Error: (07/08/2015 08:32:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DriverLINX Port I/O Driver service failed to start due to the following error:
%%1275

Error: (07/08/2015 08:32:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\DLPortIO.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/08/2015 08:31:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/08/2015 08:30:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.0.0 service failed to start due to the following error:
%%2

Error: (07/08/2015 08:30:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DriverLINX Port I/O Driver service failed to start due to the following error:
%%1275

Error: (07/08/2015 08:30:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\DLPortIO.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/08/2015 08:30:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:28:30 PM on ‎7/‎8/‎2015 was unexpected.

Error: (07/08/2015 08:22:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office:
=========================
Error: (07/08/2015 09:00:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (07/08/2015 09:00:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (07/08/2015 09:00:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 09:00:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2012

Error: (07/08/2015 09:00:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2012

Error: (07/08/2015 09:00:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 09:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (07/08/2015 09:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (07/08/2015 09:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/08/2015 06:41:03 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


==================== Memory info ===========================

Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 29%
Total physical RAM: 16336.99 MB
Available physical RAM: 11585.95 MB
Total Virtual: 81680.19 MB
Available Virtual: 75985.65 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:213.15 GB) (Free:94.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Media) (Fixed) (Total:698.63 GB) (Free:452.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FE50551B)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of log ============================


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi do you still require assistance ? If so could you post a fresh FRST scan please
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: freeze, btasupport.com

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP