Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer doesn't seem to be working any faster after adding 16GB R

Started by Haile Selassie , Nov 09 2015 08:48 AM

  • Please log in to reply

#1
Haile Selassie
Posted 09 November 2015 - 08:48 AM

Haile Selassie

    New Member

  • Member
  • Pip
  • 1 posts

I recently added two 8GB RAM sticks. It doesn't seem to make any difference especially when browsing the internet. Doing other tasks like working in Photoshop show little if any improvement also. I just want to make sure there are not any other issues. Thanks.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Reynard (administrator) on ROMA (09-11-2015 08:37:48)
Running from C:\Users\Reynard\Desktop
Loaded Profiles: Reynard (Available Profiles: Reynard)
Platform: Windows 10 Enterprise (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(UC-Logic Technology Corp.) C:\Windows\System32\drivers\WTSrv.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Mozilla Corporation) C:\Program Files\Waterfox\plugin-container.exe
(HideIPVPN Team) C:\Program Files (x86)\HideIPVPN\HideIPVPNManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-09-26] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [WTClient] => C:\WINDOWS\SysWOW64\WTClient.exe [32768 2009-10-30] (Tablet Driver)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Run: [GoogleChromeAutoLaunch_28175D129705BEA9A5797F05F52DC6F1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Run: [Google Update] => C:\Users\Reynard\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-15] (Google Inc.)
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\RunOnce: [Uninstall C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\RunOnce: [Uninstall C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\RunOnce: [Uninstall C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\RunOnce: [Uninstall C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\MountPoints2: {3c1bcfb3-21d1-11e5-8254-d43d7e972868} - "J:\setup.exe"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\MountPoints2: {c245201d-21eb-11e5-8255-d43d7e972868} - "J:\setup.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{404fa030-002b-43e6-8dee-ff1de46d774b}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{8087a546-62fa-4d43-8ed2-ff9c33a8571a}: [DhcpNameServer] 198.18.0.1 198.18.0.2

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3078263148-1005135028-3090255965-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Reynard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-3078263148-1005135028-3090255965-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Reynard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3078263148-1005135028-3090255965-1001: @talk.google.com/O1DPlugin -> C:\Users\Reynard\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3078263148-1005135028-3090255965-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Reynard\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3078263148-1005135028-3090255965-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Reynard\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Reynard\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Reynard\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Reynard\AppData\Roaming\mozilla\plugins\NPShipRush_FedEx.dll [2015-11-05] (Z-Firm LLC)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-10-31]
FF Extension: Print pages to PDF - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-07-02]
FF Extension: LastPass - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-09-25]
FF Extension: Cookies Manager+ - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-07-02]
FF Extension: Flash and Video Download - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-10-27]
FF Extension: Disable DHE - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-07-12]
FF Extension: Copy Plain Text 2 - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-07-29]
FF Extension: MEGA - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-11-05] [not signed]
FF Extension: Pushbullet - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-07-21]
FF Extension: Youzign - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-07-02]
FF Extension: Pick That Color - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-07-12]
FF Extension: Offcloud - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-10-20]
FF Extension: Google™ Hangouts - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-09-17]
FF Extension: Disable Hello, Pocket & Reader+ - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\[email protected] [2015-09-24]
FF Extension: Remove Cookies for Site - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea}.xpi [2015-07-02]
FF Extension: Session Manager - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-10-30]
FF Extension: X-notifier - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2015-10-27]
FF Extension: NoScript - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-25]
FF Extension: Eat My Cookies - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{96f22570-8722-4891-ac6b-f5924c74a882}.xpi [2015-07-02]
FF Extension: Video DownloadHelper - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-29]
FF Extension: Search By Image (by Google) - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2015-07-26]
FF Extension: Adblock Plus - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: BetterPrivacy - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-07-02]
FF Extension: Evernote Web Clipper - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-07-22]
FF Extension: Greasemonkey - C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-10-25]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-15] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://netvibes.com/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> pic
CHR Profile: C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-06]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-10-27]
CHR Extension: (Google Docs) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-06]
CHR Extension: (Google Drive) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Honey) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-10-31]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2015-08-18]
CHR Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco [2015-10-31]
CHR Extension: (ASINspector PRO) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbejbeejfiepblooifmpefcmobpcde [2015-11-09]
CHR Extension: (Adblock Plus) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-30]
CHR Extension: (Google Search) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (+Music) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjklapimfghfjjinidpblloipjnnpgb [2015-07-06]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-07-06]
CHR Extension: (Sumo Paint) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod [2015-07-06]
CHR Extension: (Easy Clock) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplbpgapoedppajbikieafefmcceaagn [2015-07-06]
CHR Extension: (Visual CV: Online Resume Builder) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaficoeoafjilohgbmjkiflobhcbifnl [2015-07-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-10-18]
CHR Extension: (GIMP on rollApp) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2015-07-06]
CHR Extension: (Google Sheets) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-06]
CHR Extension: (Atari - Centipede) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakkiekmjcipgjlnenigjfgemakojanh [2015-07-06]
CHR Extension: (pic2pixlr) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\geedlmpoiiblchcmafdmlpjiclhnpkif [2015-08-11]
CHR Extension: (Forget Me - Clean History, Cookies & more) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekpdemielcmiiiackmeoppdgaggjgda [2015-07-06]
CHR Extension: (Google Docs Offline) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (ScriptBlock) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2015-09-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-10-26]
CHR Extension: (IE Tab) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-09-30]
CHR Extension: (Shopify) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\idaeohdpfinhnceknkmjdmdkopdifaee [2015-07-06]
CHR Extension: (DS Amazon Quick View) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg [2015-07-28]
CHR Extension: (KingsRoad) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcbablgmkkdnioiekpgjfacejkfomlg [2015-07-06]
CHR Extension: (Walmart Deals App) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\khopmdnhncdeojhcdpelanocficgdfng [2015-10-05]
CHR Extension: (Space Waster Terminator) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjjcjkbofonaamkgcpcimodogbpbbbgb [2015-07-06]
CHR Extension: (Google Hangouts) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-11-09]
CHR Extension: (ASINspector) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaoiieggncbfabanjgeangdocikpccb [2015-11-09]
CHR Extension: (Offcloud for Chrome) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhenombkbjeannffjnhcnelokhkfndch [2015-10-08]
CHR Extension: (Popup my Bookmarks) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni [2015-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Origami Player) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiomepakkenneiifjocbinkmmampfbdn [2015-07-21]
CHR Extension: (Psykopaint) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-07-06]
CHR Extension: (Evernote Web Clipper) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-09-30]
CHR Extension: (Gmail) - C:\Users\Reynard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2278152 2015-09-02] (Broadcom Corporation.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-07-17] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2011-09-23] (UC-Logic Technology Corp.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-09-02] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 CsrBtPort; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-02] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-06-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2015-09-26] (Research In Motion Limited)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 vflt; C:\Windows\system32\DRIVERS\vfilter.sys [24064 2013-06-30] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\System32\drivers\virtualnet.sys [17408 2013-06-30] (Shrew Soft Inc) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-09 08:37 - 2015-11-09 08:38 - 00032287 _____ C:\Users\Reynard\Desktop\FRST.txt
2015-11-09 08:37 - 2015-11-09 08:37 - 00000000 ____D C:\FRST
2015-11-09 08:36 - 2015-11-09 08:36 - 02198528 _____ (Farbar) C:\Users\Reynard\Desktop\FRST64.exe
2015-11-09 08:26 - 2015-11-09 08:26 - 00016148 _____ C:\WINDOWS\system32\ROMA_Reynard_HistoryPrediction.bin
2015-11-09 08:06 - 2015-11-09 08:06 - 01712128 _____ C:\Users\Reynard\Desktop\adwcleaner_5.019.exe
2015-11-09 02:11 - 2015-11-09 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-11-08 17:47 - 2015-11-08 17:47 - 00000000 ___HD C:\OneDriveTemp
2015-11-07 07:24 - 2015-07-13 11:57 - 3572916313 _____ C:\Users\Reynard\Desktop\Crushing Ecommerce.zip
2015-11-05 21:41 - 2015-11-05 21:41 - 00002051 _____ C:\Users\Public\Desktop\ShipRush for FedEx - Ecommerce Edition.lnk
2015-11-05 21:41 - 2015-11-05 21:41 - 00000000 ____D C:\Users\Public\Documents\Z-Firm LLC
2015-11-05 21:41 - 2015-11-05 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShipRush
2015-11-05 21:41 - 2015-11-05 21:41 - 00000000 ____D C:\Program Files (x86)\Z-Firm LLC
2015-11-05 21:40 - 2015-11-05 21:40 - 65973104 _____ (Z-Firm LLC www.shiprush.com) C:\Users\Reynard\Downloads\ShipRush_v11_FedEx_Ecommerce.exe
2015-11-05 21:40 - 2015-11-05 21:40 - 00000000 ____D C:\Users\Reynard\AppData\Roaming\Downloaded Installations
2015-11-04 01:27 - 2015-11-04 01:27 - 00000000 ____D C:\WINDOWS\WICCodecs
2015-11-04 01:27 - 2015-11-04 01:27 - 00000000 ____D C:\Users\Public\Documents\FastPictureViewer Codec Pack
2015-11-04 01:27 - 2015-11-04 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPictureViewer
2015-11-04 01:25 - 2015-11-04 01:25 - 27074560 _____ C:\Users\Reynard\Downloads\FastPictureViewerCodecPack.msi
2015-11-02 19:39 - 2015-11-04 01:27 - 00000000 ____D C:\Program Files (x86)\HideIPVPN
2015-11-02 19:39 - 2015-11-02 19:39 - 07159871 _____ C:\Users\Reynard\Downloads\HideIPVPN-v4.0.0.0-install.exe
2015-11-02 19:39 - 2015-11-02 19:39 - 00001092 _____ C:\Users\Reynard\Desktop\HideIPVPN.lnk
2015-11-02 19:39 - 2015-11-02 19:39 - 00000000 ____D C:\Users\Reynard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HideIPVPN
2015-10-29 18:09 - 2015-10-29 18:09 - 138912016 _____ (Microsoft Corporation) C:\Users\Reynard\Downloads\msert.exe
2015-10-29 15:51 - 2015-10-27 17:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-29 15:51 - 2015-10-27 17:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-29 15:51 - 2015-10-21 06:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-29 15:51 - 2015-10-21 06:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-29 15:51 - 2015-10-21 06:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-29 15:51 - 2015-10-21 06:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-29 15:51 - 2015-10-21 06:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-29 15:51 - 2015-10-21 05:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-29 15:51 - 2015-10-21 05:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-29 15:51 - 2015-10-21 05:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-29 15:51 - 2015-10-21 05:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-29 15:51 - 2015-10-21 05:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-29 15:51 - 2015-10-21 05:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-29 15:51 - 2015-10-21 05:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-29 15:51 - 2015-10-21 05:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-29 15:51 - 2015-10-21 05:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-29 15:51 - 2015-10-21 05:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-29 15:51 - 2015-10-20 23:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-29 15:51 - 2015-10-20 23:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-29 15:51 - 2015-10-20 23:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-29 15:51 - 2015-10-20 23:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-29 15:51 - 2015-10-20 23:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-29 15:51 - 2015-10-20 23:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-29 15:51 - 2015-10-20 23:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-29 15:51 - 2015-10-20 22:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-29 15:50 - 2015-10-21 06:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-29 15:50 - 2015-10-21 05:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-29 15:50 - 2015-10-21 05:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-29 15:50 - 2015-10-21 05:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-29 15:50 - 2015-10-21 05:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-29 15:50 - 2015-10-21 05:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-29 15:50 - 2015-10-20 23:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-29 15:50 - 2015-10-20 22:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-29 15:50 - 2015-10-20 22:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-24 16:34 - 2015-10-24 16:34 - 00000000 ____D C:\Users\Reynard\Desktop\Archive-cca8
2015-10-24 16:33 - 2015-08-20 21:06 - 35446483 _____ C:\Users\Reynard\Desktop\Archive-cca8.zip
2015-10-23 18:31 - 2015-10-23 18:31 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-23 18:31 - 2015-10-02 20:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-23 18:29 - 2015-10-02 22:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-23 18:29 - 2015-10-02 22:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-23 17:08 - 2015-10-23 17:08 - 00001011 _____ C:\Users\Public\Desktop\IPVanish.lnk
2015-10-23 17:08 - 2015-10-23 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2015-10-22 01:51 - 2015-10-22 01:51 - 00000000 ____D C:\Users\Public\Documents\APP
2015-10-20 22:32 - 2015-10-20 13:29 - 656736965 _____ C:\Users\Reynard\Desktop\eCom Empire.zip
2015-10-16 11:10 - 2015-10-16 11:10 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2015-10-16 11:10 - 2015-10-16 11:10 - 00000951 _____ C:\Users\Public\Desktop\Waterfox.lnk
2015-10-16 11:10 - 2015-10-16 11:10 - 00000000 ____D C:\Program Files\Waterfox
2015-10-16 11:09 - 2015-10-16 11:09 - 72173960 _____ C:\Users\Reynard\Downloads\Waterfox 40.0.3 Setup.exe
2015-10-15 11:39 - 2015-10-22 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-13 15:30 - 2015-10-10 01:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 15:30 - 2015-10-05 21:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 15:30 - 2015-10-05 20:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 15:30 - 2015-09-30 22:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 15:30 - 2015-09-30 22:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 15:30 - 2015-09-30 22:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 15:30 - 2015-09-30 22:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 15:30 - 2015-09-30 22:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 15:30 - 2015-09-30 21:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 15:30 - 2015-09-24 22:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 15:30 - 2015-09-24 22:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 15:30 - 2015-09-24 21:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 15:30 - 2015-09-24 21:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 15:30 - 2015-09-24 21:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 15:30 - 2015-09-24 21:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 15:30 - 2015-09-24 21:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 15:30 - 2015-09-24 21:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 15:30 - 2015-09-24 21:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 15:30 - 2015-09-24 21:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 15:30 - 2015-09-24 21:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 15:30 - 2015-09-24 21:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 15:30 - 2015-09-24 21:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 15:30 - 2015-09-24 21:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 15:30 - 2015-09-24 21:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 15:30 - 2015-09-24 21:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 15:30 - 2015-09-24 21:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 15:30 - 2015-09-24 21:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 15:30 - 2015-09-24 21:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 15:30 - 2015-09-24 21:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 15:30 - 2015-09-24 21:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 15:30 - 2015-09-24 21:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 15:30 - 2015-09-24 21:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 15:30 - 2015-09-24 20:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 15:30 - 2015-09-24 20:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 15:30 - 2015-09-24 20:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 15:30 - 2015-09-24 20:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 15:30 - 2015-09-24 20:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 15:30 - 2015-09-24 20:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 15:30 - 2015-09-24 20:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 15:30 - 2015-09-24 20:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 15:30 - 2015-09-24 20:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 15:30 - 2015-09-24 20:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 15:30 - 2015-09-24 20:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 15:30 - 2015-09-24 20:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 15:30 - 2015-09-24 20:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 15:30 - 2015-09-24 20:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 15:30 - 2015-09-24 20:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 15:30 - 2015-09-24 20:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 15:30 - 2015-09-24 20:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 15:30 - 2015-09-24 20:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 15:30 - 2015-09-24 20:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 15:30 - 2015-09-24 20:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 15:30 - 2015-09-24 20:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 15:30 - 2015-09-24 20:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 15:30 - 2015-09-24 20:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 15:30 - 2015-09-24 20:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 15:30 - 2015-09-24 20:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 15:30 - 2015-09-24 20:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-09 08:37 - 2015-07-08 20:39 - 00000584 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3078263148-1005135028-3090255965-1001.job
2015-11-09 08:32 - 2015-07-02 01:49 - 00000000 ____D C:\Users\Reynard\AppData\LocalLow\LastPass
2015-11-09 08:23 - 2015-07-03 17:45 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-09 08:21 - 2015-07-06 14:56 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-09 08:15 - 2015-09-08 11:29 - 00000000 ____D C:\AdwCleaner
2015-11-09 08:09 - 2015-08-25 11:29 - 00000000 ____D C:\Users\Reynard\AppData\Roaming\PortForward.com
2015-11-09 08:07 - 2015-07-10 06:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-09 08:01 - 2015-08-25 13:16 - 00000000 ____D C:\Users\Reynard\AppData\Roaming\qBittorrent
2015-11-09 08:01 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-09 07:55 - 2015-07-02 00:45 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{65CE6534-6BFC-4857-8478-3E0C8A760976}
2015-11-09 07:53 - 2015-07-26 13:38 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3078263148-1005135028-3090255965-1001UA.job
2015-11-09 07:22 - 2015-07-08 20:39 - 00000680 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3078263148-1005135028-3090255965-1001.job
2015-11-09 05:53 - 2015-07-26 13:38 - 00000874 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3078263148-1005135028-3090255965-1001Core.job
2015-11-09 02:11 - 2015-08-25 13:15 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-11-09 02:03 - 2015-07-15 02:13 - 00000000 ____D C:\Users\Reynard\Desktop\jdownloader 2 Beta
2015-11-08 19:21 - 2015-07-06 14:56 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-08 17:53 - 2015-07-31 04:00 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-08 17:47 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-08 17:47 - 2015-07-01 23:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-08 17:47 - 2015-07-01 23:21 - 00000000 __RDO C:\Users\Reynard\SkyDrive
2015-11-08 17:46 - 2015-07-10 03:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-07 18:01 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-06 12:42 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-06 07:32 - 2015-07-08 20:39 - 00003832 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3078263148-1005135028-3090255965-1001
2015-11-06 07:32 - 2015-07-08 20:39 - 00003736 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3078263148-1005135028-3090255965-1001
2015-11-05 21:41 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Registration
2015-11-04 01:42 - 2015-07-15 02:42 - 00000034 _____ C:\Users\Reynard\AppData\Roaming\AdobeWLCMCache.dat
2015-11-04 01:40 - 2015-09-11 06:04 - 00000885 _____ C:\Users\Reynard\Desktop\Physical Product Profits.lnk
2015-11-04 01:28 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-04 01:27 - 2015-09-09 23:56 - 00000000 ____D C:\Users\Reynard\Desktop\INT1 Task 1-3
2015-11-03 00:55 - 2015-07-31 05:05 - 00002378 _____ C:\Users\Reynard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-31 04:34 - 2015-08-13 02:14 - 00000000 ____D C:\Users\Reynard\Documents\Dose Files
2015-10-30 21:07 - 2015-07-08 19:47 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 02:54 - 2015-07-29 19:41 - 00000000 ____D C:\Users\Reynard\AppData\Roaming\Skype
2015-10-30 01:59 - 2015-07-01 23:20 - 00000000 ____D C:\Users\Reynard\AppData\Local\Packages
2015-10-29 18:34 - 2015-09-21 06:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-29 16:51 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-25 12:48 - 2015-07-31 03:49 - 00000000 ____D C:\Users\Reynard
2015-10-23 18:31 - 2015-07-31 03:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-23 18:31 - 2015-07-10 06:20 - 00033941 _____ C:\WINDOWS\setupact.log
2015-10-23 18:31 - 2015-07-03 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-23 17:13 - 2015-09-03 15:54 - 00000000 ____D C:\Users\Reynard\AppData\Local\IPVanish
2015-10-23 17:08 - 2015-09-03 15:53 - 00000000 ____D C:\Program Files (x86)\IPVanish
2015-10-23 17:08 - 2015-07-03 19:33 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-22 13:08 - 2015-07-31 03:43 - 00022436 _____ C:\WINDOWS\PFRO.log
2015-10-22 13:08 - 2015-07-02 00:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-22 13:08 - 2015-07-01 23:16 - 00000000 ____D C:\Program Files\KMSpico
2015-10-22 13:07 - 2015-07-03 17:10 - 00000000 ____D C:\ProgramData\Oracle
2015-10-22 13:06 - 2015-08-28 16:38 - 00000000 ____D C:\Users\Reynard\.oracle_jre_usage
2015-10-22 13:06 - 2015-07-31 05:23 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-22 13:06 - 2015-07-31 05:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 13:06 - 2015-07-31 05:22 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-15 21:10 - 2015-07-10 05:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-15 21:10 - 2015-07-10 05:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 08:11 - 2015-07-08 19:48 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-10-15 08:11 - 2015-07-08 19:48 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-10-15 08:11 - 2015-07-08 19:48 - 00002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-10-15 01:48 - 2015-08-22 20:21 - 35446336 _____ C:\Users\Reynard\Desktop\play.zip
2015-10-13 16:02 - 2015-07-15 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-13 16:02 - 2015-07-15 20:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 16:00 - 2013-08-22 07:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-10-13 15:54 - 2015-07-01 23:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 15:50 - 2015-07-01 23:36 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-10 09:12 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Files in the root of some directories =======

2015-08-08 04:33 - 2015-08-08 04:33 - 0000088 _____ () C:\Users\Reynard\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2015-08-25 13:23 - 2015-08-25 13:23 - 0000088 _____ () C:\Users\Reynard\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
2015-07-15 02:42 - 2015-11-04 01:42 - 0000034 _____ () C:\Users\Reynard\AppData\Roaming\AdobeWLCMCache.dat
2015-08-08 04:43 - 2015-08-08 04:43 - 0000120 _____ () C:\Users\Reynard\AppData\Roaming\GWMC-I92M
2015-08-08 04:33 - 2015-08-25 13:23 - 0000236 _____ () C:\Users\Reynard\AppData\Roaming\RO39-2M3Q
2015-07-07 01:08 - 2015-09-10 01:23 - 0001456 _____ () C:\Users\Reynard\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-08-25 12:57 - 2015-08-25 12:57 - 0001168 _____ () C:\Users\Reynard\AppData\Local\recently-used.xbel
2015-09-21 08:02 - 2015-09-21 08:02 - 0000017 _____ () C:\Users\Reynard\AppData\Local\resmon.resmoncfg
2015-07-31 03:48 - 2015-07-31 03:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Reynard\AppData\Local\Temp\DeleteShipRush34Icons.exe
C:\Users\Reynard\AppData\Local\Temp\dotNetFx40_Web_Setup.exe
C:\Users\Reynard\AppData\Local\Temp\ICReinstall_Mipony_Setup.exe
C:\Users\Reynard\AppData\Local\Temp\IPVanish-Setup-2.0.5718.21304.exe
C:\Users\Reynard\AppData\Local\Temp\IPVanish-Setup-2.0.5752.25355.exe
C:\Users\Reynard\AppData\Local\Temp\JingSetup.exe
C:\Users\Reynard\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Reynard\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Reynard\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Reynard\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Reynard\AppData\Local\Temp\nvStInst.exe
C:\Users\Reynard\AppData\Local\Temp\proxy_vole623208461393574403.dll
C:\Users\Reynard\AppData\Local\Temp\SetSerialNumberRegistryCMD.exe
C:\Users\Reynard\AppData\Local\Temp\setup_01D7.exe
C:\Users\Reynard\AppData\Local\Temp\setup_1521.exe
C:\Users\Reynard\AppData\Local\Temp\setup_178C.exe
C:\Users\Reynard\AppData\Local\Temp\setup_1C8A.exe
C:\Users\Reynard\AppData\Local\Temp\setup_21FC.exe
C:\Users\Reynard\AppData\Local\Temp\setup_3CC9.exe
C:\Users\Reynard\AppData\Local\Temp\setup_457A.exe
C:\Users\Reynard\AppData\Local\Temp\setup_5294.exe
C:\Users\Reynard\AppData\Local\Temp\setup_6B74.exe
C:\Users\Reynard\AppData\Local\Temp\setup_72E6.exe
C:\Users\Reynard\AppData\Local\Temp\Windows7ShortcutMassager.exe
C:\Users\Reynard\AppData\Local\Temp\_ir_sf_temp_0DirectorSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-02 01:36

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Reynard (2015-11-09 08:38:22)
Running from C:\Users\Reynard\Desktop
Windows 10 Enterprise (X64) (2015-07-31 11:02:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3078263148-1005135028-3090255965-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3078263148-1005135028-3090255965-503 - Limited - Disabled)
Guest (S-1-5-21-3078263148-1005135028-3090255965-501 - Limited - Disabled)
Reynard (S-1-5-21-3078263148-1005135028-3090255965-1001 - Administrator - Enabled) => C:\Users\Reynard

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Master Collection CC 2014 (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C2}) (Version: 8 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (Version: 5.7.1 - Adobe Systems Incorporated) Hidden
Adobe Scout CC (Version: 1.1.3.354121 - Adobe Systems Incorporated) Hidden
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR)
Arbitrage Underdog Black Label Edition v3.2.5 (HKLM-x32\...\{F48E7A76-1A81-401C-ArbUDogBLACKG8976-KWV12}_is1) (Version:  - Arbitrage Underdog)
Arbitrage Underdog Pro v3.2 (HKLM-x32\...\{F48E7A76-1A81-401C-ArbUDogPsdROGG8976-KWV12}_is1) (Version:  - Arbitrage Underdog)
Azon Keyword Generator V4 (HKLM-x32\...\Azon Keyword Generator V44.0.0.1) (Version: 4.0.0.1 - InnAnTech Industries Inc.)
Azon Product Inspector V4 (HKLM-x32\...\Azon Product Inspector V44.0.0.7) (Version: 4.0.0.7 - InnAnTech Industries Inc.)
Azon Top 100 Analyzer V4 (HKLM-x32\...\Azon Top 100 Analyzer V44.0.0.7) (Version: 4.0.0.7 - InnAnTech Industries Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dynamic Auto-Painter PRO 4 version 4.1 (HKLM\...\{8051C506-A55A-44F4-8A67-7A9BBA68FE25}_is1) (Version: 4.1 - Mediachance.com)
FastPictureViewer Codec Pack 3.8.0.96 (HKLM-x32\...\{4BBC0DC9-1AE7-4058-8D7C-16CF6FC40CBF}) (Version: 3.8.0.96 - Axel Rietschin Software Developments)
FreshKey (HKLM-x32\...\FreshKey) (Version: 1.5.3 - Infomastery, LLC)
FreshKey (x32 Version: 1.5.3 - Infomastery, LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.4.2.3880 (HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\GoToMeeting) (Version: 7.4.2.3880 - CitrixOnline)
HideIPVPN (HKLM-x32\...\HideIPVPN) (Version: 4.0.0.0 - HideIPVPN.com)
Hot Item Finder (HKLM-x32\...\Hot Item Finder2.1.1.8) (Version: 2.1.1.8 - InnAnTech Industries Inc.)
I-Doser Premium (HKLM-x32\...\I-Doser) (Version: 5.0 - I-Doser.com)
IPVanish (x32 Version: 2.0.5752.25355 - IPVanish.com) Hidden
IPVanish VPN (HKLM-x32\...\{e8deab5f-f732-47cb-ab96-2c3a0357b718}) (Version: 2.0.5752.25355 - IPVanish.com)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Kingdoms of Amalur - Reckoning (HKLM-x32\...\Kingdoms of Amalur - Reckoning_is1) (Version:  - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Kodi (HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\Kodi) (Version:  - XBMC-Foundation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0a1 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PeaZip 5.7.2 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
qBittorrent 3.2.5 (HKLM-x32\...\qBittorrent) (Version: 3.2.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.4.1) (Version: 7.4.1 - Applian Technologies Inc.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
ShipRush for FedEx - Ecommerce Edition (HKLM-x32\...\{EC52C0A6-5889-11E4-8B1A-005056C00008}) (Version: 11.0.8.4014 - Z-Firm LLC)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Tablet Driver V5.02 (HKLM-x32\...\TabletDriver) (Version:  - )
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Waterfox 40.0.3 (x64 en-US) (HKLM\...\Waterfox 40.0.3 (x64 en-US)) (Version: 40.0.3 - Mozilla)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Reynard\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Reynard\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Reynard\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Reynard\AppData\Local\Citrix\GoToMeeting\3499\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Reynard\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Reynard\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

23-10-2015 17:08:37 IPVanish VPN
29-10-2015 16:50:40 Windows Update
04-11-2015 01:26:49 Installed FastPictureViewer Codec Pack 3.8.0.96
05-11-2015 21:41:05 Installed ShipRush for FedEx - Ecommerce Edition
09-11-2015 08:09:14 Revo Uninstaller Pro's restore point - Port Forward Network Utilities
09-11-2015 08:10:30 Revo Uninstaller Pro's restore point - Nmap 6.49BETA4
09-11-2015 08:13:01 Revo Uninstaller Pro's restore point - MiPony 2.3.0
09-11-2015 08:14:09 Revo Uninstaller Pro's restore point - Applian Director

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C0657F-F248-41F5-8234-C60889F4D57A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {2BB9F167-759D-443E-AA2E-D1D14A7B55FD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {34E93AAF-6B23-47EE-8017-1140B55696A4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {48252690-2266-4D26-9D1D-C10B43BECDF0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {4996140A-D4F6-4ED7-9E1F-93CE28086A79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5A0F3B02-40AF-4324-A193-DA7159169818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5F09AE0A-75F0-4A37-A17D-7ADC3374C575} - System32\Tasks\G2MUploadTask-S-1-5-21-3078263148-1005135028-3090255965-1001 => C:\Users\Reynard\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe [2015-11-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {60390ED8-3228-4062-AF3D-4562CF33B6BC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {67CAB264-272E-46EC-A253-7AC0506440DE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6F148EE0-B348-40F0-9389-9B32C33CC38F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {73431F67-C801-41D0-8A68-3CC8D70C127D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7D70BC1A-E20A-4B6B-8B20-AD718FE2784E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3078263148-1005135028-3090255965-1001UA => C:\Users\Reynard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {8178E039-094D-4C16-BA32-2182645E8FC4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8895A04A-3D65-4BAC-A245-8EB29C172A11} - \AutoKMS -> No File <==== ATTENTION
Task: {8C276FAA-C586-4B4A-A1F1-585AC8D5632C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9AB8BB29-C495-4BE0-90FD-8900FF40B347} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A2E93E3B-A095-4213-9252-A0314E40CC33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A753274C-AD7C-4ACF-BB50-BE5DAD951887} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3078263148-1005135028-3090255965-1001Core => C:\Users\Reynard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {BF5FCD36-684A-4E76-8FD0-924F311D729D} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {D096E226-74CD-4811-B07B-66353168D15E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {D1865B5E-8288-4695-AA58-A602ECAFCAD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D4906A12-EE57-4C80-8862-DFA6925062F4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {D6CE0850-3423-4795-B2BD-E93A360F2E80} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E1B4481F-1626-4ED3-9C9E-639E3E924B50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {E8966964-C2B2-461C-8744-BA43D736406C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EC5A9CFA-831E-4011-A02C-5824BB97609B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {F8FA9899-2A22-4474-AB1C-D5064CD61C94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FA533CDE-021C-4408-A41C-BBC5F1CA7A66} - System32\Tasks\G2MUpdateTask-S-1-5-21-3078263148-1005135028-3090255965-1001 => C:\Users\Reynard\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe [2015-11-06] (Citrix Online, a division of Citrix Systems, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3078263148-1005135028-3090255965-1001.job => C:\Users\Reynard\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3078263148-1005135028-3090255965-1001.job => C:\Users\Reynard\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3078263148-1005135028-3090255965-1001Core.job => C:\Users\Reynard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3078263148-1005135028-3090255965-1001UA.job => C:\Users\Reynard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 06:40 - 2015-07-31 06:40 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-01 23:25 - 2015-10-02 20:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-18 20:19 - 2015-08-11 03:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-30 22:14 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 22:14 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-30 22:14 - 2015-09-16 23:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-09-30 22:14 - 2015-09-16 23:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 22:14 - 2015-09-16 23:42 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-09-30 22:14 - 2015-09-16 23:43 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-09-30 22:14 - 2015-09-16 23:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 22:14 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 04:59 - 2015-07-10 04:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-30 22:15 - 2015-09-16 23:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 22:14 - 2015-09-16 23:49 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-09-30 22:14 - 2015-09-16 23:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 05:00 - 2015-07-10 07:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-09-25 14:00 - 2015-09-25 14:00 - 01267200 _____ () C:\Users\Reynard\AppData\Roaming\Mozilla\Firefox\Profiles\zxm5le52.default\extensions\[email protected]\platform\WINNT_x86_64-msvc\components\lpxpcom_x86_64.dll
2015-10-22 19:20 - 2015-10-22 19:20 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-10-17 11:23 - 2015-10-17 11:23 - 24258248 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
2015-10-27 03:54 - 2015-10-27 03:54 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 03:54 - 2015-10-27 03:54 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-27 03:54 - 2015-10-27 03:54 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-21 06:08 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-21 06:08 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-21 06:08 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-21 06:08 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-21 06:08 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-07-03 16:55 - 2015-10-04 02:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-26 20:21 - 2015-10-20 08:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-26 20:21 - 2015-10-20 08:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05E9FFE5

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\Software\Classes\.exe:  =>  <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Reynard\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "ASYNCMAC"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_28175D129705BEA9A5797F05F52DC6F1"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3078263148-1005135028-3090255965-1001\...\StartupApproved\Run: => "Google Update"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5D9EBEA0-9144-44B6-9E51-FDC727330CEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{79AF20D5-DB6A-41C2-B065-54E0363B46AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5BD4C06D-9194-4015-90D8-C8E6352BDCF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{42167D60-DE7D-4A4C-A44E-2A7333CF8F8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F2F61D76-CB96-436D-A3B1-6E88742BE4D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{18403A57-CE94-4C0A-963F-EF3EF4E71AD4}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{52A96D79-D9CF-4AB9-8AAA-D7B17440C075}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [UDP Query User{182558AF-33A3-4657-ADE6-B6D6192F4B06}C:\program files (x86)\electronic arts\kingdoms of amalur - reckoning\reckoning.exe] => (Block) C:\program files (x86)\electronic arts\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [TCP Query User{C4555004-89CC-4212-915D-106D6B13F4DA}C:\program files (x86)\electronic arts\kingdoms of amalur - reckoning\reckoning.exe] => (Block) C:\program files (x86)\electronic arts\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [{B6CDB1BC-6230-48A5-B150-EFF7815F4D74}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C8461B08-0D06-4836-B25C-3681EAD3AA4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B1E171AD-00C4-46F3-B3D7-0727B34CA43F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0F30F546-0239-4D02-BD88-DA139430B9BB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8A56E4E3-6395-4D8A-B132-EF8A32F80429}] => (Allow) LPort=7935
FirewallRules: [{357E234F-508F-418F-AEAD-FBB24B60E883}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{6E0BD7FA-9A56-4D2F-8595-D63F98467C03}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{8DCED528-00DE-4BD9-86E5-20A331D1E58B}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe
FirewallRules: [{F9FE6F8A-822E-42BF-83B1-C80B7A15A0F0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0CE36BFF-3EC0-4E9E-A495-BCA6EC923738}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D127FBFC-14E9-441C-9535-A0D48C676F31}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4647597A-D3A1-44FA-9FD0-205B5327534E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BDE4C67-A20F-4220-A22B-378BCC26673A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{7D1EC614-3F5B-445C-9C59-0C1451052E7D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{CAA898BB-4FC3-4FB6-B2DE-8E8537CAB015}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{C1CCCAC8-BB43-4757-AB3C-0B2DD87E4138}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{ACD726AA-95D2-45FA-8AF3-7AA99124CE6F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A9B2E036-E3FC-49E9-B9C1-7C8587C72832}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C2CF6F4E-2D21-4734-A5C8-B05654D9BD4C}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{E3F15381-C0FA-488A-8133-690322F27780}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{81E45C90-F3FC-4EA2-9FBD-577CD4761D80}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{B1193C17-5995-4F9F-950B-40105142835B}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0886C903-B942-439A-BF6C-0777FA96D5CE}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{0010A0D4-64D6-443E-BCC2-98933722A601}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{14EBE79A-4CC4-4A43-AD03-C500F0E5E79A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{82820C15-541A-43CD-A729-004B00A22C30}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{995089DF-2F70-431E-BB49-B8BA79A341A3}] => (Allow) LPort=2869
FirewallRules: [{7E512BA9-1A9D-461A-B026-BF6B1BCB9CFE}] => (Allow) LPort=1900
FirewallRules: [{5551856F-6F6E-4394-B2D3-41218AC566F0}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{7B88BB99-517F-4ACF-B2F6-C22F5E35A25D}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{2B5FB441-E787-491A-B45D-C699A5A3CFF3}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{5036AEF2-125D-4FDA-86C2-DCCFC08CE8A6}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{E6C9E8DF-04E8-4934-B683-840AC24445BD}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{D76FBAE4-C619-4A8C-911D-F86AE3D4602D}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [TCP Query User{21681CE7-4787-4162-A611-00AC66EAC54C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EBD56937-8C61-4FCC-B45F-391519A45907}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{92D3B19B-E0E7-42E7-8E0C-E2484AB6E207}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{3D00533D-82F9-471F-8D6B-F236806CB17A}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{91F7F36A-3E2B-43BF-B52A-1C64E4C58424}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{A4509CD3-E425-4477-AC09-B9348CB11587}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{B422B44D-6A38-407B-8B98-465FFD3E1BAC}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [{FD1682D6-2D92-4CCF-B505-E20C49AA3345}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{7EA19310-3BD4-40E3-97A3-9F4A43F2C410}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2015 08:14:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (11/09/2015 08:13:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (11/09/2015 08:10:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (11/09/2015 08:09:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (11/09/2015 08:09:04 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {95099cf6-b68b-45e5-a06c-a2eefd91705a}

Error: (11/09/2015 01:31:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMA)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/07/2015 10:16:22 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6856) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (11/07/2015 10:16:22 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6856) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

Error: (11/07/2015 10:16:12 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6856) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (11/07/2015 10:16:12 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6856) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (11/09/2015 08:01:49 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/09/2015 01:31:20 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/08/2015 05:52:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error:
%%0

Error: (11/08/2015 05:48:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/08/2015 05:48:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/08/2015 05:48:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/08/2015 05:48:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/08/2015 05:48:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/08/2015 05:48:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/08/2015 05:48:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


CodeIntegrity:
===================================
  Date: 2015-11-09 08:19:26.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:44.361
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:44.292
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:44.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:44.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:44.078
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:44.010
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:43.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:43.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-08 19:37:43.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX™-6300 Six-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 28621.5 MB
Available physical RAM: 20966.01 MB
Total Virtual: 32973.5 MB
Available Virtual: 24397.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.57 GB) (Free:81.92 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (IOMEGA_HDD) (Fixed) (Total:232.88 GB) (Free:14.43 GB) NTFS
Drive g: () (Fixed) (Total:465.66 GB) (Free:43.12 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (Seagate Expansion Drive) (Fixed) (Total:1397.26 GB) (Free:904.01 GB) NTFS
Drive i: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:1608.41 GB) NTFS
Drive j: (Win10.X86.en-US) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A6B2A0F7)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 98E23309)
Partition 1: (Not Active) - (Size=101 MB) - (Type=42)
Partition 2: (Active) - (Size=465.7 GB) - (Type=42)
Partition 3: (Not Active) - (Size=24 KB) - (Type=42)

========================================================
Disk: 2 (Size: 1397.3 GB) (Disk ID: 6E6CDE3E)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 2C5E2D14)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 5F0A8442)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 


  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP