Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

node.exe*32 is using up a lot of my CPU Usage and I can't figure o


  • This topic is locked This topic is locked

#1
SunnySeven

SunnySeven

    Member

  • Member
  • PipPip
  • 47 posts

I'm not sure if this is a virus or malware or what so I wasn't sure where to ask. The laptop I'm using right now was given to me a little over year ago so I did my best to clean it from the previous owner however, there were some small things that kind of worried me that I could never get a good anwser through google so I might need some help on that as well. I know this site is really great at helping me clean a PC/laptop so I wondered if you guy(s) could help me solve my high CPU usage and maybe some other things.

 

My main problem is sometimes when I start my laptop node.exe would eat up a lot of my CPU usage and could cause my laptop to run slow. When I check the Resource Monitor it would look like this.

Gg36Y2C.jpg

 

node.exe would make a new line then terminate itself over and over eating up my CPU usage.

 

 

 

 

node.exe isn't the only sevice that's doing this as well. conhost.exe is also doing this.

 

BSN193r.jpg

 

I don't know what's using either of these sevices are but when I try to end node.exe process in the tast manager, I get an error message saying "The opration could not be completed. The handle is invalid". Whenever node.exe would eat up my CPU usage I would have to restart my laptop inorder for it to go back to normal. Not all the time node.exe would use up a lot of my CPU usage, some days its normal, some days its not. Its been doing this for a few months now so I don't really know when this all started or why. I've done multiple scans with Avria, Malware Bytes, and RogueKiller whenever this ahppens but nothing has come up.

 

Again I have no clue what either node.exe and conhost.exe even do or what programs is even using it. I just want it to stop or gone if possable or if there's anything else wrong too. Here are my FRST logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by Bam (administrator) on ALEXUS-LAPTOP (10-08-2015 13:01:33)
Running from C:\Users\Bam\Desktop
Loaded Profiles: Bam (Available Profiles: Alexus & Bam)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fork, Ltd.) C:\Windows\Prey\wpxsvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dynamic DNS Services  http://www.dyndnsservices.com) C:\Program Files (x86)\Enterprise DDNS Client\ddnsclient.exe
( ) C:\Windows\System32\dlbkcoms.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Flux Software LLC) C:\Users\Bam\AppData\Local\FluxSoftware\Flux\flux.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296768 2010-11-11] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1029200 2010-12-31] (Dritek System Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-07-09] (Raptr, Inc)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\devpro\devpro cardmanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\devpro\devpro cardmanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\devpro\devpro cardmanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\devpro\devpro cardmanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\wlandecrypt.exe <====== ATTENTION
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1287237156-432140034-664281531-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1287237156-432140034-664281531-1004\...\Run: [f.lux] => C:\Users\Bam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1287237156-432140034-664281531-1004\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-1287237156-432140034-664281531-1004\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-06-23] (Sandboxie Holdings, LLC)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Alexus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2012-07-31]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1287237156-432140034-664281531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.1.95/login.html
HKU\S-1-5-21-1287237156-432140034-664281531-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
URLSearchHook: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> Default = {2b2505fa-fd68-0144-9128-cd617bdca8c2}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> DefaultScope {FDB3EBEA-4BDB-40E2-8A16-48044DD7D0E5} URL = http://search.yahoo....f-8&fr=chr-yie9
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> {A282BCD6-C91D-45F2-8D09-449DAF3B155A} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> {BDE902A5-53E2-401B-A22A-B67B4F10257B} URL = http://search.yahoo....f-8&fr=chr-yie9
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> {C878DDCD-6288-43DD-90CF-43922381DB88} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> {EB48C840-27A4-4A63-9A80-33355278CAAA} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> {F54298D7-CBAC-4EDE-8909-DD03B0C3FBA5} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1287237156-432140034-664281531-1004 -> {FDB3EBEA-4BDB-40E2-8A16-48044DD7D0E5} URL = http://search.yahoo....f-8&fr=chr-yie9
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: QTTabBar AutoLoader -> {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-14] (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: QTTabBar AutoLoader -> {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM - QTTab Standard Buttons - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTab Standard Buttons - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/...tupClient64.cab
DPF: HKLM-x32 {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} http://aolsvc.aol.co...Web.1.0.0.9.cab
DPF: HKLM-x32 {357A8DEC-0CAC-4D8D-9869-C2C356B844F7} http://192.168.1.88/RSVideoOcx.cab
DPF: HKLM-x32 {4ED0ADAD-9FFA-4315-9E02-6B21A9F5C235}
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.c...stem/iCloud.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://teamaccess.t...SetupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1EA06B39-8C8E-4190-81B8-F5FEB66E3774}: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895
FF DefaultSearchEngine: DuckDuckGo
FF DefaultSearchEngine.US: DuckDuckGo
FF SearchEngineOrder.1:
FF Homepage: hxxp://forecast.weather.gov/MapClick.php?lat=32.43655422709696&lon=-85.04315579130594&site=all&smap=1
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: Xmarks - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: KeeFox - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: DownloadHelper - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-06-13]
FF Extension: Bazzacuda Image Saver Plus - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\{FF2FA6A4-B3B1-11DD-B910-6C9A55D89593} [2015-06-06]
FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: PinTabAlt - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-07-01]
FF Extension: Old Default Image Style - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: Google Translator for Firefox - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: uBlock Origin - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: uMatrix - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\[email protected] [2015-06-06]
FF Extension: Text Link - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2015-06-06]
FF Extension: Light Switch - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\{600452e8-6851-46db-80fd-fa571b2deaa7}.xpi [2015-06-06]
FF Extension: DownThemAll! - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-06]
FF Extension: Greasemonkey - C:\Users\Bam\AppData\Roaming\Mozilla\Firefox\Profiles\o3kb2ei8.default-1433625596895\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-06-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-02]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dblenjbcjgmfggkdngpkgpohpkikcjpj] - C:\Users\Alexus\AppData\Local\Temp\dblenjbcjgmfggkdngpkgpohpkikcjpj.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [85435 2011-11-19] () [File not signed]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [141466 2011-11-19] () [File not signed]
R2 CronService; c:\Windows\Prey\wpxsvc.exe [611854 2015-04-20] (Fork, Ltd.) [File not signed]
R2 DDNS Enterprise Client; C:\Program Files (x86)\Enterprise DDNS Client\ddnsclient.exe [53248 2012-07-31] (Dynamic DNS Services  http://www.dyndnsservices.com) [File not signed]
R2 dlbk_device; C:\Windows\system32\dlbkcoms.exe [567024 2007-06-25] ( )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2010-11-11] (NTI Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC)
R2 vmware-view-usbd; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2433024 2012-09-05] (VMware, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-01] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-06-28] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-10 13:01 - 2015-08-10 13:03 - 00052754 _____ C:\Users\Bam\Desktop\FRST.txt
2015-08-10 13:00 - 2015-08-10 13:01 - 00000000 ____D C:\FRST
2015-08-10 12:50 - 2015-08-10 12:50 - 02171392 _____ (Farbar) C:\Users\Bam\Desktop\FRST64.exe
2015-08-09 05:08 - 2015-08-09 05:08 - 00000000 ____D C:\Users\Bam\AppData\Local\{2280AD06-A418-4769-96E4-9549A69F3505}
2015-08-08 08:54 - 2015-08-08 09:07 - 00000660 _____ C:\Users\Bam\Downloads\g question.txt
2015-08-08 05:21 - 2015-08-08 05:21 - 00000000 ____D C:\Users\Bam\AppData\Local\{9A8E89D2-3A61-4C80-B310-0844BB91F1D6}
2015-08-07 22:11 - 2015-08-07 22:16 - 00000000 ____D C:\Users\Bam\Downloads\Final Fantasy Crystal Chronicles - The Crystal Bearers (U)(PROMiNENT)
2015-08-07 04:15 - 2015-08-07 04:16 - 00000000 ____D C:\Users\Bam\AppData\Local\{6EE93A23-E037-462F-BEC5-20D13CAD3C12}
2015-08-06 11:45 - 2015-08-06 11:45 - 00000000 ___HD C:\$Windows.~BT
2015-08-04 05:02 - 2015-08-04 05:02 - 00000000 ____D C:\Users\Bam\AppData\Local\{1832808D-61B7-4A64-B4F9-3E89EC874029}
2015-08-02 05:03 - 2015-08-02 05:03 - 00000000 ____D C:\Users\Bam\AppData\Local\{5BF4FA55-EA96-4C14-81A2-7965CDA0E6DA}
2015-08-01 05:29 - 2015-08-01 05:29 - 00000000 ____D C:\Users\Bam\AppData\Local\{E321C493-9AE8-4C9E-B93C-AD35F35ACE38}
2015-07-30 13:49 - 2015-08-10 10:31 - 00000896 _____ C:\Windows\setupact.log
2015-07-30 13:49 - 2015-07-30 13:49 - 00000000 _____ C:\Windows\setuperr.log
2015-07-30 05:45 - 2015-07-30 05:45 - 00000000 ____D C:\Users\Bam\AppData\Local\{F99D7C10-92B0-485A-9981-BAB648FDE4DE}
2015-07-29 03:28 - 2015-07-29 03:28 - 00000000 ___RD C:\Sandbox
2015-07-29 03:11 - 2015-08-06 03:11 - 00001796 _____ C:\Windows\Sandboxie.ini
2015-07-29 03:11 - 2015-07-29 03:10 - 00000900 _____ C:\Users\Bam\Desktop\Sandboxed Web Browser.lnk
2015-07-29 03:10 - 2015-07-29 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-07-29 03:10 - 2015-07-29 03:10 - 00000000 ____D C:\Program Files\Sandboxie
2015-07-28 03:38 - 2015-07-28 03:38 - 00000000 ____D C:\Users\Bam\AppData\Local\{8F22AD99-071F-448E-806C-957DB9C9547C}
2015-07-26 04:56 - 2015-07-26 04:57 - 00000000 ____D C:\Users\Bam\AppData\Local\{89CF8C19-A506-4BCE-9171-CBD2B4D7CFFB}
2015-07-25 04:16 - 2015-07-25 04:16 - 00000000 ____D C:\Users\Bam\AppData\Local\{3711DCAB-5034-4DEB-A66E-3C2526715CFF}
2015-07-24 16:32 - 2015-08-07 16:53 - 00000000 ____D C:\Users\Bam\Downloads\Tag Force Special Patcher
2015-07-24 16:30 - 2015-08-07 16:54 - 00000000 ____D C:\Users\Bam\Downloads\Yu-Gi-Oh! Arc-V Tag Force Special [Eng] v02
2015-07-22 06:08 - 2015-07-22 06:08 - 00000000 ____D C:\Users\Bam\AppData\Local\{F25D3CAD-B5C6-441D-9B4D-B42AAE35D0A9}
2015-07-21 05:16 - 2015-07-21 05:16 - 00000000 ____D C:\Users\Bam\AppData\Local\{D248EFFA-8454-41E3-994C-DECF47D4D107}
2015-07-21 00:14 - 2015-07-21 00:14 - 00331264 _____ C:\Users\Bam\Downloads\codemgr.exe
2015-07-20 13:35 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 13:35 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 13:35 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 13:35 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 13:35 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 13:35 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 13:35 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 13:35 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 13:35 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 13:35 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 04:24 - 2015-07-18 04:25 - 00000000 ____D C:\Users\Bam\AppData\Local\{292DFDE1-3063-4E59-A9CB-0E7A619FE4BB}
2015-07-17 15:40 - 2015-07-17 15:40 - 00000000 ____D C:\Users\Bam\AppData\Local\AppEx Networks
2015-07-16 13:07 - 2015-07-16 13:07 - 00000000 ____D C:\Users\Bam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-16 13:06 - 2015-07-16 13:06 - 00000000 ____D C:\ProgramData\ATI
2015-07-16 13:04 - 2015-07-16 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-07-16 13:04 - 2015-07-16 13:04 - 00000000 ____D C:\Program Files\AMD Quick Stream
2015-07-16 13:04 - 2015-04-03 01:14 - 00229056 _____ (AppEx Networks Corporation) C:\Windows\system32\Drivers\appexDrv.sys
2015-07-16 13:03 - 2015-07-16 13:03 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507161303235806.log
2015-07-16 13:02 - 2015-07-16 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-15 07:35 - 2015-07-09 13:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 07:35 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 07:35 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 07:35 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 07:35 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 07:35 - 2015-07-09 13:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 07:35 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 07:35 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 07:35 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 07:35 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 07:35 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 07:35 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 07:35 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 07:35 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 07:35 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 07:35 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 07:35 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 07:35 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 07:35 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 07:35 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 07:35 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 07:35 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 07:35 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 07:35 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 07:35 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 07:35 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 07:35 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 07:35 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 07:35 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 07:35 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 07:35 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 07:35 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 07:34 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 07:34 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 07:34 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 07:34 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 07:34 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 07:34 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 07:34 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 07:34 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 07:34 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 07:34 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 07:34 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 07:34 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 07:34 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 07:34 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 07:34 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 07:34 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 07:34 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 07:34 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 07:34 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 07:34 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 07:34 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 07:34 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 07:34 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 07:34 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 07:34 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 07:34 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 07:34 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 07:34 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 07:34 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 07:34 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 07:34 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 07:34 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 07:34 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 07:34 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 07:34 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 07:34 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 07:34 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 07:34 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 07:34 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 07:34 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 07:34 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 07:34 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 07:34 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 07:34 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 07:34 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 07:34 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 07:34 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 07:34 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 07:34 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 07:34 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 07:34 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 07:34 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 07:34 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 07:34 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 07:33 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 07:33 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 07:33 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 07:33 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 07:33 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 07:33 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 07:33 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 07:33 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 07:33 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 07:33 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 07:33 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 07:33 - 2015-07-01 16:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 07:33 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 07:33 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 07:33 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 07:33 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 07:33 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 07:33 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 07:33 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 07:33 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 07:33 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 07:33 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 07:33 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 07:33 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 07:33 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 07:33 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 07:33 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 07:33 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 07:33 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 07:33 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 07:33 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 07:33 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 07:33 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 04:35 - 2015-07-15 04:35 - 00000000 ____D C:\Users\Bam\AppData\Local\{6F685406-4A7A-43C3-B9BD-67BF141AD40B}
2015-07-15 03:14 - 2015-07-15 03:14 - 00000000 ____D C:\Users\Bam\Downloads\d2x-cios-installer-3.1-v6-v7-v8-v10-wii
2015-07-14 20:34 - 2015-07-14 20:34 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 20:33 - 2015-07-14 20:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-14 20:33 - 2015-07-14 20:33 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-14 20:26 - 2015-07-14 20:26 - 00000000 _____ C:\Windows\SysWOW64\REN57C9.tmp
2015-07-14 20:26 - 2015-07-14 20:25 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-14 20:25 - 2015-07-14 20:25 - 00000000 ____D C:\Program Files\Java
2015-07-14 14:15 - 2015-07-14 14:58 - 00000000 ____D C:\Users\Bam\Downloads\ModMii6.3.1
2015-07-14 05:59 - 2015-07-14 05:59 - 00000000 ____D C:\Users\Bam\AppData\Local\{0470A054-B279-4180-A338-D55335E1719D}
2015-07-14 02:54 - 2015-07-14 02:54 - 00000000 ____D C:\wbfs
2015-07-14 02:45 - 2015-07-14 03:16 - 00000000 ____D C:\Users\Bam\Downloads\WiiBackupManager_Build78
2015-07-13 17:10 - 2015-07-13 22:39 - 00000000 ____D C:\Users\Bam\Downloads\ShowMiiWads 1.4 x64
2015-07-13 16:38 - 2015-07-13 16:38 - 00000000 ____D C:\Users\Bam\Downloads\11391-WAD-Manager_v1.7
2015-07-13 14:49 - 2015-07-13 14:49 - 00000532 _____ C:\Users\Bam\Downloads\meta.xml
2015-07-13 14:44 - 2015-07-13 14:44 - 01628160 _____ C:\Users\Bam\Downloads\loader.dol
2015-07-13 14:08 - 2015-07-13 14:08 - 00000000 ____D C:\Users\Bam\Downloads\d2x-v10-beta52
2015-07-13 13:34 - 2015-07-15 03:18 - 00000000 ____D C:\Users\Bam\Documents\Wii Back Up
2015-07-13 02:27 - 2015-07-13 02:27 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-07-11 05:31 - 2015-07-11 05:31 - 00000000 ____D C:\Users\Bam\AppData\Local\{C924358E-9DF0-4DDE-960A-2BE970420B3D}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-10 13:04 - 2013-09-18 20:16 - 00000000 ____D C:\ProgramData\BitMeterOS
2015-08-10 12:54 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-10 12:54 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-10 12:53 - 2014-02-27 01:28 - 00000000 ____D C:\Users\Bam\Desktop\foobar2000
2015-08-10 12:24 - 2014-05-24 09:10 - 00007596 _____ C:\Users\Bam\AppData\Local\Resmon.ResmonCfg
2015-08-10 12:19 - 2012-04-08 10:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-10 10:38 - 2011-01-27 12:09 - 01454056 _____ C:\Windows\WindowsUpdate.log
2015-08-10 10:37 - 2011-04-02 10:53 - 00000000 ____D C:\ProgramData\clear.fi
2015-08-10 10:35 - 2015-06-04 00:38 - 00000000 ____D C:\Users\Bam\AppData\Roaming\Raptr
2015-08-10 10:35 - 2011-01-27 12:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-10 10:31 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-09 14:22 - 2015-03-28 17:13 - 00000000 ____D C:\Users\Bam\Downloads\Chan
2015-08-09 03:44 - 2014-09-19 22:29 - 00000000 ____D C:\Users\Bam\Documents\Torrent
2015-08-08 13:07 - 2014-06-16 13:55 - 00000000 ____D C:\Users\Bam\Documents\Charts
2015-08-08 03:16 - 2009-07-14 01:13 - 00786578 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-07 16:56 - 2014-09-06 16:05 - 00000000 ____D C:\Users\Bam\AppData\Roaming\KeePass
2015-08-07 13:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-06 21:06 - 2014-01-24 15:15 - 00000000 ____D C:\Users\Bam\AppData\Local\CrashDumps
2015-08-06 12:57 - 2014-05-06 09:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-06 11:46 - 2007-07-11 21:49 - 00000000 ____D C:\Windows\Panther
2015-08-05 08:13 - 2014-04-22 06:34 - 00000000 ____D C:\Users\Bam\Documents\Places
2015-08-02 00:14 - 2015-06-08 03:14 - 00000000 ____D C:\Users\Bam\Downloads\#gamemp3s Archive 2010
2015-07-31 22:19 - 2014-08-12 13:25 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-31 14:58 - 2015-04-20 15:53 - 00000000 ____D C:\Windows\Prey
2015-07-31 13:10 - 2014-03-10 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-30 05:39 - 2015-03-31 17:44 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-30 05:39 - 2014-10-08 07:29 - 00000000 ____D C:\Users\Bam\AppData\Roaming\MPC-HC
2015-07-28 07:47 - 2011-01-17 19:44 - 00000000 ____D C:\Program Files (x86)\Acer Games
2015-07-28 07:46 - 2011-09-25 00:31 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-07-28 07:46 - 2011-01-17 19:44 - 00000000 ____D C:\ProgramData\WildTangent
2015-07-28 07:46 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-28 07:40 - 2015-06-12 22:53 - 00000000 ____D C:\Program Files\Waterfox
2015-07-28 07:39 - 2015-04-30 23:30 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-28 07:39 - 2014-01-05 21:27 - 00000000 ____D C:\Program Files\CCleaner
2015-07-27 17:46 - 2015-01-02 03:02 - 00000600 _____ C:\Users\Bam\AppData\Roaming\winscp.rnd
2015-07-24 16:41 - 2015-06-09 00:36 - 00000141 _____ C:\Users\Bam\Downloads\Vita GAME notes.txt
2015-07-23 06:20 - 2014-03-10 00:06 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-23 06:20 - 2014-03-10 00:06 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-21 14:16 - 2009-07-14 00:45 - 00414328 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-18 19:32 - 2015-05-31 14:45 - 21971528 _____ C:\Users\Bam\Desktop\RogueKillerX64.exe
2015-07-18 19:32 - 2014-11-18 16:18 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-16 13:05 - 2015-06-04 00:38 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-16 13:03 - 2012-05-11 21:21 - 00000000 ____D C:\Program Files\AMD
2015-07-16 13:03 - 2012-05-11 21:21 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-16 13:01 - 2011-01-27 12:18 - 00000000 ____D C:\ProgramData\AMD
2015-07-16 12:42 - 2012-02-07 22:23 - 00000000 ____D C:\AMD
2015-07-15 16:44 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 15:13 - 2014-12-10 14:03 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 15:13 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 09:33 - 2011-04-01 21:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 09:20 - 2013-08-17 20:36 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 21:19 - 2012-04-08 10:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 21:19 - 2012-04-08 10:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 21:19 - 2011-05-30 14:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 20:34 - 2014-10-26 08:29 - 00000000 ____D C:\Users\Bam\AppData\Local\Adobe
2015-07-14 20:33 - 2011-01-17 20:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-14 20:32 - 2011-01-17 20:05 - 00000000 ____D C:\ProgramData\Adobe
2015-07-14 20:27 - 2012-04-29 01:06 - 00000000 ____D C:\Program Files (x86)\Java

==================== Files in the root of some directories =======

2014-02-14 00:04 - 2014-02-14 00:04 - 0000000 _____ () C:\Users\Bam\AppData\Roaming\RSDevID.fig
2014-02-14 00:04 - 2015-07-07 07:37 - 0000057 _____ () C:\Users\Bam\AppData\Roaming\RSIpAndPort.fig
2015-01-02 03:02 - 2015-07-27 17:46 - 0000600 _____ () C:\Users\Bam\AppData\Roaming\winscp.rnd
2015-06-24 08:04 - 2015-06-24 08:07 - 0005120 _____ () C:\Users\Bam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-27 04:52 - 2014-09-27 04:52 - 0000855 _____ () C:\Users\Bam\AppData\Local\recently-used.xbel
2014-05-24 09:10 - 2015-08-10 12:24 - 0007596 _____ () C:\Users\Bam\AppData\Local\Resmon.ResmonCfg
2011-01-27 12:35 - 2011-01-27 12:43 - 0016198 _____ () C:\ProgramData\ArcadeDeluxe5.log
2014-02-14 00:04 - 2015-06-25 16:06 - 0000281 _____ () C:\ProgramData\RSUserCfg.ini

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1052.dll


Some files in TEMP:
====================
C:\Users\Alexus\AppData\Local\Temp\avgnt.exe
C:\Users\Alexus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxnkzaf.dll
C:\Users\Alexus\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Alexus\AppData\Local\Temp\lowproc.exe
C:\Users\Alexus\AppData\Local\Temp\lpuninstall.exe
C:\Users\Alexus\AppData\Local\Temp\stubhelper.dll
C:\Users\Bam\AppData\Local\Temp\avgnt.exe
C:\Users\Bam\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-04 16:37

==================== End of log ============================

 

 

 

Here's the Addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Bam (2015-08-10 13:05:21)
Running from C:\Users\Bam\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1287237156-432140034-664281531-500 - Administrator - Disabled)
Alexus (S-1-5-21-1287237156-432140034-664281531-1001 - Administrator - Enabled) => C:\Users\Alexus
Bam (S-1-5-21-1287237156-432140034-664281531-1004 - Administrator - Enabled) => C:\Users\Bam
Guest (S-1-5-21-1287237156-432140034-664281531-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1287237156-432140034-664281531-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.69 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1306 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1306 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3001 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.66 - Hulubulu Software)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Autodesk MapGuide® Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.6.11 - Autodesk, Inc.)
Avery Template (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000011}) (Version: 2.0.0.0 - Avery)
Avery Wizard 4.0 (HKLM-x32\...\{F97272B4-82C4-46B2-BCF1-C4D6E8CAB3E6}) (Version: 4.0.4 - Avery)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Backup Assistant Plus (HKLM-x32\...\Backup Assistant Plus) (Version:  - Verizon Wireless)
Backup Manager V3 (x32 Version: 3.0.0.69 - NTI Corporation) Hidden
BitMeter OS (HKLM-x32\...\BitMeterOS) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1223.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1223.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7209 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.41.1.0 - Conexant)
CryptoPrevent v4.3.0 (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CrystalDiskInfo 6.2.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.5.1 - oldsch00l)
DDNS Client -- Adams-Land Micro Systems (HKLM-x32\...\Enterprise DDNS Client) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dream Day True Love (x32 Version: 2.2.0.97 - WildTangent) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
f.lux (HKU\S-1-5-21-1287237156-432140034-664281531-1004\...\Flux) (Version:  - )
Granado Espada Online (HKLM-x32\...\Granado Espada Online_is1) (Version:  - IMC Games Co., Ltd.)
Honeyview (HKLM\...\Honeyview) (Version: 5.11 - Bandisoft.com)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{BB94D541-A747-4A5D-B0ED-72FA5C158EA5}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
K-Lite Codec Pack 10.9.2 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.2 - )
KViewActiveX (HKLM-x32\...\KViewActiveX) (Version:  - Oem)
KViewCenter (HKLM-x32\...\KViewCenter) (Version:  - KGuard)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.0.5 - Acer Inc.)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LG Verizon United Drivers (HKLM-x32\...\{4EBAC12E-B672-4682-BE44-8780E121CB61}) (Version: 2.4.0 - LG Electronics)
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaEspresso (x32 Version: 1.0.1210_33255 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.3.4630 - Barnesandnoble.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
Open Freely (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66C3}_is1) (Version: 1.0 - Download Freely, LLC)
Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
qBittorrent 3.1.10 (HKLM-x32\...\qBittorrent) (Version: 3.1.10 - The qBittorrent project)
Qcma (HKLM\...\Qcma) (Version: 0.3.9 - codestation)
QTTabBar 1.5.0.0 Beta 2 (HKLM-x32\...\{7EDF4F60-E41A-4D55-8400-A633443C0065}) (Version: 1.5.260 - Quizo and Paul Accisano)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapport (Version: 3.5.1205.12 - Trusteer) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sandboxie 4.20 (64-bit) (HKLM\...\Sandboxie) (Version: 4.20 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Sims2Pack Clean Installer (HKLM-x32\...\Sims2Pack Clean Installer) (Version:  - )
SocialRibbons LP2 (HKLM-x32\...\SocialRibbons LP2) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
Video Player (HKLM-x32\...\{A47656D1-D0BA-4179-A964-152F7A0BB960}) (Version: 1.2.14 - DVR Soft) <==== ATTENTION
Virtual Families (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VMware Horizon View Client (HKLM\...\{F8405E6D-9795-4DB7-8052-B39498A61384}) (Version: 2.3.0.16109 - VMware, Inc.)
VMware View Client (HKLM\...\{FD5860F0-B650-11E1-8F5C-DE526188709B}) (Version: 5.2.0.848202 - VMware, Inc.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3005 - Acer Incorporated)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - libusb-win32 PS Vita Type B (02/23/2013 1.2.6.0) (HKLM\...\E88FB411ED92EFDB9BF3A5F94548DA4956C0D97B) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version:  - Wisdom Software Inc.)
XnViewMP 0.72 (HKLM\...\XnViewMP_is1) (Version: 0.72 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1287237156-432140034-664281531-1004_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll (Bandisoft.com)

==================== Restore Points =========================

02-08-2015 19:00:09 Windows Backup
05-08-2015 13:50:04 Windows Update
06-08-2015 12:56:48 Windows Modules Installer
06-08-2015 12:59:59 Windows Modules Installer
09-08-2015 19:00:11 Windows Backup

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045C95B1-A226-481B-A09A-09F8F0A58F10} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {2261BD30-DDF8-4E31-BF77-1360F62E1C6F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {378B00D6-9BF2-4780-BDC5-9AF9382C423C} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {4B6C30BA-060D-4ED1-B3CB-1D8CF2176F13} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {4C50323B-429F-424C-8FCC-8BCCFF8C7A61} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {52D95F5D-EE86-4504-8C10-597374DCC8CF} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2010-12-23] (CyberLink Corp.)
Task: {57931A09-C949-4017-ADC0-52CAEE78CAFA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {5EBF3D61-175C-4FBF-8799-77F8D8FFBEC6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {62F59733-9727-4A61-BFDA-BA1DC775FBBC} - System32\Tasks\{BBCB50C5-B527-4AE4-8D68-1DF947B85082} => pcalua.exe -a "C:\Program Files (x86)\Sims2Pack Clean Installer\Sims2Pack Clean Installer.exe" -d "C:\Program Files (x86)\Sims2Pack Clean Installer"
Task: {6308C967-4DC8-403E-ADBD-69A079746005} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {7BDD10DF-7910-4E4B-926C-5876A442F136} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2010-12-23] (Acer Incorporated)
Task: {80757B0D-66F2-42C5-BB08-702EC0699414} - System32\Tasks\{EFC64CD9-F9B7-4E3E-A515-F9BDF96A5799} => Firefox.exe http://ui.skype.com/...red;notincluded
Task: {8279EFD1-4E4E-4492-B827-6F42C2A6F6CB} - System32\Tasks\{21124BF8-9995-44F4-82FD-5C9165E1FD04} => pcalua.exe -a C:\Users\Bam\Downloads\iview438_setup.exe -d C:\Users\Bam\Downloads
Task: {8848DF60-4144-4344-882F-499DFE37EC02} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {8AD49411-D5BC-4E5B-89FB-3F0836C7AF60} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {C2F7AD45-DAD4-40FA-90DD-376FEFDCA576} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {C47F89F4-7F70-4E41-95D4-5ECC6185AF13} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {C7914227-C325-4E59-A88B-A23858289A3B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C7FC0E14-EAB1-41E8-96B3-0D4D3EDDB8AE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CCED3258-D8B4-4B54-958D-D11043CCAE5E} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {CFB745CC-BF87-4AEB-83E5-D0E2B6758C35} - System32\Tasks\{2E605571-CE94-40A3-B2CA-F00CE5241594} => Firefox.exe http://ui.skype.com/...red;notincluded
Task: {D909DE9F-483F-4CEE-9251-A735419E49DD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E785C184-776B-41BE-A7D2-239579AE70D1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {EA532FBE-6C6B-4E3E-AAAB-3888FEDF2940} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {F2932A6F-C2A6-4FA2-8E97-6E8E7B150392} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2010-12-23] (CyberLink)
Task: {F4585A79-6A2E-42E9-A84D-CFC89FA4B8E6} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1287237156-432140034-664281531-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2011-11-11 19:16 - 2007-02-28 09:53 - 00116224 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlbkpp6c.dll
2015-06-22 21:37 - 2015-06-22 21:37 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-11-19 03:27 - 2011-11-19 03:27 - 00085435 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
2011-11-19 03:27 - 2011-11-19 03:27 - 00141466 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-04-23 01:54 - 2011-04-23 01:54 - 00083968 _____ () C:\Program Files (x86)\QTTabBar\QTHookLib64.dll
2011-04-06 22:04 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2009-01-21 20:45 - 2009-01-21 20:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-05-12 05:49 - 2014-05-12 05:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-28 14:29 - 2014-07-28 14:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 14:32 - 2014-07-28 14:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 14:29 - 2014-07-28 14:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 14:31 - 2014-07-28 14:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-06-22 21:37 - 2015-06-22 21:37 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-11-11 21:22 - 2010-11-11 21:22 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2010-11-11 21:22 - 2010-11-11 21:22 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2010-11-11 21:22 - 2010-11-11 21:22 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2010-12-23 18:46 - 2010-12-23 18:46 - 00210312 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2015-06-13 23:29 - 2015-01-23 06:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1287237156-432140034-664281531-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Bam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation®.lnk => C:\Windows\pss\Content Manager Assistant for PlayStation®.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^KViewCenter.lnk => C:\Windows\pss\KViewCenter.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Bam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ScreenHunter 6.0 Free.lnk => C:\Windows\pss\ScreenHunter 6.0 Free.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: VideoDownloadConverter Home Page Guard 64 bit => "C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe"
MSCONFIG\startupreg: VideoDownloadConverter Search Scope Monitor => "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: VideoDownloadConverter_4z Browser Plugin Loader => C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E05DB1B3-3474-4FB2-ADBC-F259E00218E2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AB813FC2-15D6-4A2C-ADCC-39D86CADBD81}] => (Allow) LPort=2869
FirewallRules: [{9B88BBF4-79E7-4A58-887D-C519A994C872}] => (Allow) LPort=1900
FirewallRules: [{FAB5E715-C61C-4990-9624-F8D2CB2AE73B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6B476498-53D0-4DF1-B1F1-67AE3EAF3CAD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{8FFC2CCE-A375-4708-8A24-86F3707844F1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{E97941E0-0FCE-4AD5-8506-D3308510477E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{147EEEEF-5149-4D53-B3C9-A2D99054D8BB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{E4FC1D9D-5759-4BB9-80A1-49D9B913E2BB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{0DE02A21-A2EA-4437-A4AF-680F05775595}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{409CBAC2-CB40-489A-AD23-506E923AEDF5}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{E70F9BE6-327A-4530-B151-3B7B98158B2F}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{4A624ED0-0A6D-42AE-B04C-2AC53849AE84}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A2A67C90-B026-4BCE-96EC-8BE9D2279983}] => (Allow) C:\Users\Alexus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{73FFB43F-10BD-4710-8CFD-92B0A011DE9A}] => (Allow) C:\Users\Alexus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BAEAC18F-A71E-4CD3-AFFC-DD25AA745139}C:\users\alexus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\alexus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{07A4A0C3-6380-424B-B9D7-C0277C3719FE}C:\users\alexus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\alexus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{B748E765-239F-4CB8-8AB2-55F3C79DE51A}] => (Allow) C:\Program Files (x86)\SocialRibbons LP2\TroubleShooter.exe
FirewallRules: [{F7DA44BA-D036-43E3-B6C9-B2CD57A13515}] => (Allow) C:\Program Files (x86)\SocialRibbons LP2\TroubleShooter.exe
FirewallRules: [TCP Query User{43200FEF-115A-48A3-9D0F-62A7C6446D8C}C:\program files\backup assistant plus\verizon.exe] => (Allow) C:\program files\backup assistant plus\verizon.exe
FirewallRules: [UDP Query User{FC7CF019-AEF9-40EF-9C5E-7F59B9D70EA2}C:\program files\backup assistant plus\verizon.exe] => (Allow) C:\program files\backup assistant plus\verizon.exe
FirewallRules: [TCP Query User{250BBC33-3553-4C2F-8AE2-DABB7530B3FD}C:\program files\backup assistant plus\v cast backup scheduler.exe] => (Allow) C:\program files\backup assistant plus\v cast backup scheduler.exe
FirewallRules: [UDP Query User{E42962F7-6391-4D86-A888-C8DF917ADF38}C:\program files\backup assistant plus\v cast backup scheduler.exe] => (Allow) C:\program files\backup assistant plus\v cast backup scheduler.exe
FirewallRules: [{0F5EE2E9-4ED9-477E-A560-3F2AFD17B9B0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{2AE109DC-729A-4181-B15E-C7C3052CADA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{497D515D-7B1F-4186-BACB-186C24028529}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B5A1F848-551D-4010-B7ED-B67B365D08E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1CEFB434-747B-4805-AEAE-63A22FBD4A93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{07495CE9-D593-4E56-8C71-56F0626E9B54}C:\program files\backup assistant plus\v cast backup scheduler.exe] => (Block) C:\program files\backup assistant plus\v cast backup scheduler.exe
FirewallRules: [UDP Query User{428B741A-3C77-475C-8168-621C092A5399}C:\program files\backup assistant plus\v cast backup scheduler.exe] => (Block) C:\program files\backup assistant plus\v cast backup scheduler.exe
FirewallRules: [{4A4FD123-E531-43F7-A047-FC8D22F0DDB4}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CE0211E4-5F87-4CD9-B3A1-E756C4C5EA3D}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{D7E33B3D-B194-4E6D-9A27-A636852F412F}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{57318E80-0C65-452C-ADC5-B2871A449F7E}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{441FD7B6-73F5-4053-8CAD-9FE198F9D804}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{87D88E95-C907-4106-ADE9-100B4E6298DF}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{BF72E3A0-DD0D-449F-881C-8791C55BB2B3}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{F8DEBBDE-FDA5-4F8B-9312-F1429FC718A8}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{BA3F603C-AF82-4623-BCBA-BC5B6684941B}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{3345F578-1AA1-48BC-AAD8-C84BF97A0104}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{1E921028-2CCF-439E-ABDE-1E141F12B9A4}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{54E9EEDE-6E95-4322-B37F-C6457FC0BA5C}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{C56DB53C-7FC5-4181-9494-F39B7C7E80A9}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{F71A51FF-9CF8-45ED-BF3A-EDD7B5757ED6}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{54E62550-BDC2-4C94-AD13-D409434C04E8}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{B94A2956-9200-41FB-BE96-88CB419F6963}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{898773E1-54C5-4A44-995B-FF58070F646B}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{0A099A85-2F8F-47EB-999F-AEEFE05C4F83}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{1FEC0033-8BA4-4EF3-ACEE-F756F60DAB47}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{A0839E41-B0E9-49A7-9FF4-E417D4F69164}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{96743043-68C9-47AC-9D0A-FCC00A439FCF}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{8FF2829B-DC73-46AB-828B-8D2754837545}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{9704B0D8-B11C-47A0-B058-A2A9BDDB9A2B}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{19968BFF-0151-48C4-B236-A56C76CBC1BF}C:\program files\qcma\qcma.exe] => (Allow) C:\program files\qcma\qcma.exe
FirewallRules: [UDP Query User{3C906DC5-F109-4463-BFF3-E7847B364AE2}C:\program files\qcma\qcma.exe] => (Allow) C:\program files\qcma\qcma.exe
FirewallRules: [{D840F30E-E58E-4E36-B56C-4981993E8CBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{435B2BAA-2EB1-48DB-AEB9-BC27FA93F846}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5FF29CB-6F1C-4D5E-A4B3-81A090F107D0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D5F24B01-3FC3-439D-AE5C-6D560ED73B8E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E70F0C62-52C3-4C09-A54F-D4A8185FE300}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF679B4E-2F80-4C06-8EE0-68F05C91C3DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D08FD62A-097B-46A5-B90E-5FF0F17E8696}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{87764E8C-5676-475E-BF5E-D8F61587B0DC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{853D15E6-BE9D-4C9D-BFB6-9A410E6EDFF8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6BAC053B-1FB8-493C-8246-20D3FE8BF44C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{29B386B1-2058-4B55-97F2-BA87803504AA}] => (Allow) c:\Windows\Prey\versions\1.4.1\bin\node.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2015 06:21:52 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/09/2015 06:21:52 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/08/2015 05:53:26 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5732.  Message ID: [0x2509].

Error: (08/07/2015 01:33:18 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:32:23 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:28:18 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:27:23 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:26:17 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:25:22 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:24:18 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System


System errors:
=============
Error: (08/09/2015 08:22:20 AM) (Source: SbieDrv) (EventID: 1412) (User: )
Description: SBIE1412 In text: [DefaultBox] \??\%SystemDrive%\Sandbox\%USER%\%SANDBOX%

Error: (08/09/2015 08:22:20 AM) (Source: SbieDrv) (EventID: 1406) (User: )
Description: SBIE1406 Missing or invalid expansion for SystemDrive:  [C0000189]

Error: (08/09/2015 07:54:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/09/2015 04:14:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/06/2015 11:49:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240055: Upgrade to Windows 10 Home.

Error: (08/06/2015 11:39:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AntiVirSchedulerService service.

Error: (08/02/2015 05:00:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/01/2015 03:54:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/30/2015 05:09:00 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/28/2015 09:22:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.


Microsoft Office:
=========================
Error: (08/09/2015 06:21:52 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/09/2015 06:21:52 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/08/2015 05:53:26 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5732.  Message ID: [0x2509].

Error: (08/07/2015 01:33:18 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:32:23 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:28:18 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:27:23 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:26:17 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:25:22 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System

Error: (08/07/2015 01:24:18 PM) (Source: DDNS Enterprise Client) (EventID: 5) (User: )
Description: The remote name could not be resolved: 'www.kguard.org' System


CodeIntegrity:
===================================
  Date: 2013-04-28 23:01:22.117
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 23:01:21.807
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 23:00:39.499
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 23:00:39.140
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 22:59:59.527
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 22:59:59.153
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD E-350 Processor
Percentage of memory in use: 51%
Total physical RAM: 3818.9 MB
Available physical RAM: 1855.32 MB
Total Virtual: 6467.11 MB
Available Virtual: 3902.63 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:217.79 GB) (Free:73.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BD132AE1)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=217.8 GB) - (Type=07 NTFS)

==================== End of log ============================


Edited by SunnySeven, 10 August 2015 - 12:55 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there your problem is Prey a security project programme
 
Did you install this ? https://help.preypro...ey-from-windows
  • 0

#3
SunnySeven

SunnySeven

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I see now, thanks. Yes I did install Prey almost a year ago. It's strange that its doing this now all of a sudden. Maybe something was corrupted, I'll try removing or reinstalling and see if maybe that fixes it. That solves my main problem. Thanks again.


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Let me know if that works please

If it does not then we will look deeper
  • 0

#5
SunnySeven

SunnySeven

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Just posting to say I haven't left or forgotten. I just need one more day or two to make sure everything went alright.


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
For sure :)
  • 0

#7
SunnySeven

SunnySeven

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Alright, sorry for the wait. I believe everything is working fine now. I just wanna say thanks for taking your time with my problem and helping me out.


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#9
SunnySeven

SunnySeven

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I removed everything with DELFIX and installed Unchecky. I'll try to make it a habbit to update and scan with Malwarebytes more. I'll wait and see if anything comes else up.


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I only use MBAM when I remember, sometimes 6 months can pass :)
  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP