Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

services and program on shut down [Closed]

msconfig servies

  • This topic is locked This topic is locked
35 replies to this topic

#1 Dan15795

Dan15795

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 18 December 2014 - 10:34 AM

I seem to have a unusual amount of services in msconfig. I have a program on everytime I shutdown computer. My mouse sometimes acts up as well. At the moment mouse is working. The program on shut down is not shown. I have webroot security on computer. thank you for your help


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 18 December 2014 - 03:59 PM

:welcome:

 

I am going to give you instructions to run two programs , the first one is aswMBR to make sure there is not a Rootkit involved.

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  •  
  • Right click the aswMBR icon and select Run as Administrator
  • XP users just Double Click it to run
  • If it says that this computer supports VIRTUALIZATION TECHNOLOGY do you want to use it say Yes
  • Click the Scan button to start scan.
  • Select Quickscan on the dropdown list
  • If you are asked to update the Avast Virus database please allow it to do so.
  • The scan could take 20 minutes or more , please be patient and let it finish
  • It will say Scan Finished when its done.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
 
I just want to see the report....Please Do Not Fix Anything
 
============================================================================
 
 
The second one will just scan your computer and create two logs, here are the instructions, the only thing I need you to change is to take the checkmark out of Services
 

Please download Farbar Recovery Scan Tool and save it to your DESKTOP
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties
 
FRST_zps5d956a1a.jpg
 
 
  •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Just keep the defaults as in the picture checkmarked
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
 
 


 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#3 Dan15795

Dan15795

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 18 December 2014 - 05:21 PM

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-18 17:57:22
-----------------------------
17:57:22.053    OS Version: Windows x64 6.1.7601 Service Pack 1
17:57:22.053    Number of processors: 8 586 0x3A09
17:57:22.063    ComputerName: SPEEDY-PC  UserName: Speedy
17:57:24.224    Initialize success
17:57:24.234    VM: initialized successfully
17:57:24.234    VM: Intel CPU supported
17:57:25.544    VM: supported disk I/O iaStor.sys
17:57:46.766    AVAST engine defs: 14121801
17:57:49.536    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:57:49.546    Disk 0 Vendor: ST1000LM 2AR1 Size: 953869MB BusType: 3
17:57:49.766    VM: Disk 0 MBR read successfully
17:57:49.776    Disk 0 MBR scan
17:57:49.786    Disk 0 Windows 7 default MBR code
17:57:49.786    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       953868 MB offset 64
17:57:49.796    Disk 0 default boot code
17:57:49.836    Disk 0 scanning C:\Windows\system32\drivers
17:58:07.029    Service scanning
17:58:49.296    Modules scanning
17:58:49.296    Disk 0 trace - called modules:
17:58:49.316    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:58:49.316    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007846790]
17:58:49.326    3 CLASSPNP.SYS[fffff88001d1c43f] -> nt!IofCallDriver -> [0xfffffa800751be40]
17:58:49.326    5 ACPI.sys[fffff88000f637a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800761f050]
17:58:53.326    AVAST engine scan C:\Windows
17:58:57.296    AVAST engine scan C:\Windows\system32
18:03:54.838    AVAST engine scan C:\Windows\system32\drivers
18:04:11.870    AVAST engine scan C:\Users\Speedy



#4 Dan15795

Dan15795

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 18 December 2014 - 05:21 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Speedy (administrator) on SPEEDY-PC on 18-12-2014 18:15:17
Running from C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVQ5LDO3
Loaded Profile: Speedy (Available profiles: Speedy & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Farbar) C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVQ5LDO3\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373248 2012-03-28] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-03-30] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe [84464 2011-05-23] ()
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2013-12-04] (ASUS)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2471448 2013-12-13] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [773256 2014-12-10] (Webroot)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [  ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [   ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [    ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncExcl] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncGreen] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncRed] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncYellow] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.15.0.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-12-17]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-02-11]

==================== Services (All) ========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-12-15] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2014-08-18] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2014-10-07] (Apple Inc.)
R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2011-03-27] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2014-10-02] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2014-10-02] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
S3 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
R3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-12] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-13] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2014-07-06] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2014-07-06] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-12-18] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
S3 fsssvc; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1512448 2013-02-06] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-06-30] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-21] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [628448 2012-02-03] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [643880 2014-10-15] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [357144 2014-03-24] (Logitech, Inc.)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [277784 2012-02-28] (Intel Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-12] (Microsoft Corporation)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-12] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-12] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-12] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [934032 2014-11-12] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2014-07-06] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-11-11] (Valve Corporation)
R2 Stereo Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [409800 2014-11-12] (NVIDIA Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
R3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-13] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [363800 2012-02-28] (Intel Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
R3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
R2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [1771544 2013-12-13] (AVG Secure Search)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2013-12-04] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-02] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-02] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [773256 2014-12-10] (Webroot)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-12-13] (AVG Technologies)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-12-10] (Webroot)
U0 SR; No ImagePath
U2 srservice; No ImagePath
U3 aswMBR; \??\C:\Users\Speedy\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Speedy\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 18:10 - 2014-12-18 18:10 - 00002059 _____ () C:\Users\Speedy\Desktop\aswMBR.txt
2014-12-18 17:54 - 2014-12-18 18:15 - 00000000 ____D () C:\FRST
2014-12-18 17:52 - 2014-12-18 18:10 - 00000512 _____ () C:\Users\Speedy\Desktop\MBR.dat
2014-12-18 15:25 - 2014-11-12 15:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-18 15:24 - 2014-12-18 15:24 - 00000000 _____ () C:\Windows\SysWOW64\SETA46E.tmp
2014-12-18 15:24 - 2014-12-18 15:24 - 00000000 _____ () C:\Windows\SysWOW64\SET99EE.tmp
2014-12-18 15:23 - 2014-11-12 19:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-18 15:23 - 2014-11-12 19:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-18 15:23 - 2014-11-12 19:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-18 15:20 - 2014-11-22 05:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-18 15:20 - 2014-11-22 05:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-18 11:06 - 2014-12-18 11:06 - 00000456 _____ () C:\Users\Speedy\Desktop\Annihilate Malware.website
2014-12-18 10:33 - 2014-12-18 10:55 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Nico Mak Computing
2014-12-18 10:27 - 2014-12-18 10:27 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Logitech
2014-12-17 17:56 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 17:56 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 17:56 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-17 17:56 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-17 10:48 - 2014-12-17 10:48 - 00000390 _____ () C:\Users\Speedy\Desktop\The Rare Truth About ###### Size  Psychology Today.website
2014-12-17 02:51 - 2014-12-17 09:02 - 00000000 ____D () C:\ProgramData\SparkTrust
2014-12-17 02:51 - 2014-12-17 02:51 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\SparkTrust
2014-12-17 01:59 - 2014-12-17 01:59 - 00000000 ____D () C:\Users\Speedy\AppData\Local\Logishrd
2014-12-17 01:59 - 2014-12-17 01:59 - 00000000 ____D () C:\Users\Public\Documents\LogiShrd
2014-12-17 01:59 - 2014-12-17 01:59 - 00000000 ____D () C:\Program Files\Logitech
2014-12-17 01:49 - 2014-12-17 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-12-17 01:47 - 2014-12-17 17:43 - 00006983 _____ () C:\Windows\LkmdfCoInst.log
2014-12-17 01:47 - 2014-12-17 17:42 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-12-17 01:46 - 2014-12-17 01:59 - 00023909 _____ () C:\Windows\LDPINST.LOG
2014-12-17 01:46 - 2014-12-17 01:59 - 00000000 ____D () C:\ProgramData\Logitech
2014-12-17 01:46 - 2014-12-17 01:59 - 00000000 ____D () C:\ProgramData\Logishrd
2014-12-17 01:46 - 2014-12-17 01:59 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-12-17 01:41 - 2014-12-17 01:59 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Logitech
2014-12-17 01:41 - 2014-12-17 01:57 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Logishrd
2014-12-16 23:35 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-12-16 23:35 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-16 23:35 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-16 23:35 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-12-16 23:35 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-12-16 23:35 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-16 23:35 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-16 23:35 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-16 23:35 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-12-16 23:35 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-12-16 23:35 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-12-16 23:35 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-12-16 23:35 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-16 23:35 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-16 23:35 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-16 23:35 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-16 23:10 - 2014-12-16 23:20 - 00000368 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy).job
2014-12-16 23:10 - 2014-12-16 23:10 - 00003028 _____ () C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy)
2014-12-16 23:08 - 2014-12-16 23:18 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-12-16 23:08 - 2014-12-16 23:10 - 00000000 ____D () C:\Users\Speedy\AppData\Local\SlimWare Utilities Inc
2014-12-16 23:08 - 2014-12-16 23:08 - 00000000 ____D () C:\Users\Speedy\AppData\Local\Downloaded Installers
2014-12-16 23:08 - 2014-12-16 23:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-12-16 23:08 - 2014-12-16 23:08 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2014-12-16 21:55 - 2014-12-16 21:55 - 00000000 ____D () C:\ProgramData\Synaptics
2014-12-16 13:37 - 2014-12-17 01:15 - 00000478 _____ () C:\Users\Speedy\Desktop\kefir - Google Search.website
2014-12-12 11:27 - 2014-12-12 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-10 06:33 - 2014-12-10 06:33 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:03 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:03 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 20:50 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 20:50 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 20:50 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 20:50 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 20:50 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 20:50 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 20:50 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 20:50 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 20:49 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 20:49 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 20:49 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 20:49 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 20:49 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:49 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 20:49 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 20:49 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 20:49 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:49 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:49 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 20:49 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 20:49 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 20:49 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:49 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 20:49 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 20:49 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:49 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 20:49 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 20:49 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 20:49 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:49 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 20:49 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 20:49 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 20:49 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 20:49 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 20:49 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 20:49 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 20:49 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 20:49 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 20:49 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 20:49 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 20:49 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 20:49 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 20:49 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 20:49 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:49 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 20:49 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 20:49 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 20:49 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:49 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 20:49 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 20:49 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 20:49 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 20:49 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 20:49 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 20:49 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 20:49 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 20:49 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 20:49 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 20:49 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 20:49 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 20:49 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 20:49 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 20:49 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:49 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 20:49 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 20:49 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 20:49 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 20:49 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 20:49 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 20:49 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 20:49 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:49 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:49 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 20:49 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:49 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 20:49 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 20:49 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 20:49 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 20:49 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-11-25 02:51 - 2014-11-25 02:55 - 00007619 _____ () C:\Users\Speedy\AppData\Local\Resmon.ResmonCfg
2014-11-20 16:52 - 2014-11-20 16:52 - 00000000 ____D () C:\Users\Speedy\Desktop\New folder
2014-11-18 14:19 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 14:19 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 14:19 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 14:19 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 18:12 - 2014-11-17 17:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-18 18:09 - 2013-12-04 20:41 - 01481191 _____ () C:\Windows\WindowsUpdate.log
2014-12-18 17:55 - 2014-02-11 00:26 - 00000000 ____D () C:\ProgramData\WRData
2014-12-18 17:45 - 2013-12-04 13:47 - 00000024 _____ () C:\Users\Speedy\random.dat
2014-12-18 17:31 - 2013-12-12 18:05 - 00000024 _____ () C:\Users\Speedy\jagexappletviewer.preferences
2014-12-18 15:39 - 2014-11-13 21:51 - 00000498 _____ () C:\Users\Speedy\Desktop\K-LOVE Contemporary Christian Music - K-LOVE.website
2014-12-18 15:36 - 2009-07-13 23:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 15:36 - 2009-07-13 23:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 15:31 - 2013-12-04 13:47 - 00000045 _____ () C:\Users\Speedy\jagex_cl_runescape_LIVE.dat
2014-12-18 15:30 - 2013-12-04 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-18 15:29 - 2013-12-04 20:51 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-12-18 15:29 - 2013-12-03 23:55 - 00000380 _____ () C:\Users\Speedy\AppData\Roaming\sp_data.sys
2014-12-18 15:28 - 2013-12-04 20:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-18 15:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 15:28 - 2009-07-13 23:51 - 00145585 _____ () C:\Windows\setupact.log
2014-12-18 10:27 - 2014-01-17 02:41 - 00000380 _____ () C:\Users\Guest\AppData\Roaming\sp_data.sys
2014-12-18 10:26 - 2013-12-04 20:51 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-12-18 10:01 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 23:47 - 2013-12-12 17:52 - 00301144 _____ () C:\Windows\PFRO.log
2014-12-16 23:47 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-16 22:51 - 2014-01-21 01:03 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-12-15 05:53 - 2014-11-17 17:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 05:53 - 2014-11-17 17:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 05:53 - 2014-11-17 17:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-15 05:53 - 2014-07-22 10:04 - 00000000 ____D () C:\Users\Speedy\AppData\Local\Adobe
2014-12-14 05:57 - 2013-12-18 22:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-14 05:57 - 2013-12-18 22:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 03:02 - 2013-12-18 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-12 19:12 - 2014-06-03 19:24 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-12 19:12 - 2014-06-03 19:24 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-12 19:12 - 2013-12-05 02:58 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-12 19:12 - 2013-12-05 02:58 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-10 19:20 - 2014-02-11 00:26 - 00154760 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-12-10 19:20 - 2014-02-11 00:26 - 00115680 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-12-10 19:20 - 2014-02-11 00:26 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-12-10 06:33 - 2014-05-06 22:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2013-12-16 16:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:04 - 2013-12-16 16:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 05:26 - 2014-11-13 15:19 - 00000498 _____ () C:\Users\Speedy\Desktop\Summoning - Guides - Zybez Runescape.website
2014-12-07 04:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 19:50 - 2013-12-16 14:41 - 00000000 ____D () C:\Users\Speedy\AppData\Local\CrashDumps
2014-12-01 21:40 - 2014-01-17 02:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\NVIDIA Corporation
2014-11-25 15:08 - 2013-12-04 20:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-24 14:04 - 2013-12-24 15:45 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 14:51 - 2013-12-18 22:46 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Skype
2014-11-22 05:46 - 2013-12-04 01:17 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-11-22 00:52 - 2013-12-12 00:53 - 00000046 _____ () C:\Users\Speedy\jagex_cl_runescape_LIVE1.dat

Files to move or delete:
====================
C:\Users\Speedy\jagex_cl_runescape_LIVE.dat
C:\Users\Speedy\jagex_cl_runescape_LIVE1.dat
C:\Users\Speedy\random.dat

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\wruninstall.exe
C:\Users\Speedy\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Speedy\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Speedy\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Speedy\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-25 18:25

==================== End Of Log ============================



#5 Dan15795

Dan15795

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 18 December 2014 - 05:22 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Speedy at 2014-12-18 18:15:32
Running from C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVQ5LDO3
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.142.60386 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.142.60386 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
AsusScr_G75 Series_ENG (HKLM-x32\...\AsusScr_G75 Series_ENG) (Version: 1.0.0001 - ASUS)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
GameFast (HKLM\...\GameFast_is1) (Version: 1.0.1.1 - ASUSTEK Computer Inc)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rotation Desktop for G Series (HKLM\...\Rotation Desktop for G Series_is1) (Version: 1.1.3.2 - ASUSTEK Computer Inc)
Roxio CinePlayer (HKLM-x32\...\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}) (Version: 5.8.58233.4 - Roxio)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.28 - Webroot)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {25EC74F6-2D93-428F-826A-32F996EB5BCE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {2D826ED8-10C5-4823-BCC4-3DC9D895C26A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {72C8BB70-D555-453B-8C49-B9256101CE19} - System32\Tasks\{BCF0C7DB-97F4-4096-8939-44D0A676B6DF} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
Task: {84D7D60D-17FB-414E-ABC7-F0541DE09175} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {8ADA960D-9896-4E2D-9A04-6566E0F15200} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {8C8A8A3F-739E-4A7E-A0E4-339438A7EBD0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {8CBD5F4A-4A77-47C5-BB12-D280CAFE4829} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {972E77FC-238E-4AF9-8BC2-9CA6FDC51C95} - System32\Tasks\{43EC1D80-D33B-4ADE-8C09-5B8E5159C31F} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
Task: {A5C51242-DB9A-46DB-91F6-415A5D4690BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {A6E7D4AB-2073-46DE-95A7-9036815DE98B} - System32\Tasks\{BCC8F344-D6C6-443B-B9B2-95580BADE0F7} => Iexplore.exe http://ui.skype.com/...?LastError=1618
Task: {AC0DB338-7B93-4C59-8C54-0E35AF73B816} - System32\Tasks\{9248C29D-0471-45C2-BB66-926EBE930B0F} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
Task: {AE0DD6B2-C13A-4525-A111-2C5BC871D4B9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {BE6C94CE-7A89-472C-A800-FBAC4B5F5059} - System32\Tasks\{19265BA4-1AB7-43E1-AC74-1CBF8AB58E9A} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
Task: {D9C815A5-3B4E-44E2-AF11-1B65B04DF445} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (whitelisted) =============

2013-12-04 20:47 - 2014-11-12 16:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-04 21:01 - 2011-03-27 16:23 - 00113840 _____ () C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
2013-12-04 20:50 - 2012-02-21 15:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2013-12-13 15:14 - 2013-12-13 15:14 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-12-04 20:51 - 2012-03-30 07:01 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-12-04 20:51 - 2012-03-30 07:01 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-05-23 04:04 - 2011-05-23 04:04 - 00084464 _____ () C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
2013-12-13 15:14 - 2013-12-13 15:14 - 02471448 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-02-06 03:52 - 2014-02-06 03:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-13 15:14 - 2013-12-13 15:14 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\log4cplusU.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-02-06 22:32 - 2012-02-06 22:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-12-04 20:50 - 2012-02-21 15:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-510759003-1359589821-1816244512-500 - Administrator - Disabled)
Guest (S-1-5-21-510759003-1359589821-1816244512-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-510759003-1359589821-1816244512-1003 - Limited - Enabled)
Speedy (S-1-5-21-510759003-1359589821-1816244512-1001 - Administrator - Enabled) => C:\Users\Speedy

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2014 06:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 17.12.2014.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 42c4

Start Time: 01d01b17d6afd1f7

Termination Time: 10

Application Path: C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OB0Y9KX\FRST64.exe

Report Id: 1ccf8340-870b-11e4-9b54-94dbc9b2d14a

Error: (12/18/2014 03:20:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [0]

Error: (12/16/2014 10:51:15 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Speedy-PC)
Description: HRESULT:0x8004FF0A
Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A.

Error: (12/16/2014 08:57:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a34

Start Time: 01d01937557e40a8

Termination Time: 280

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/16/2014 08:57:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1604

Start Time: 01d019374f905fbe

Termination Time: 1372

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/06/2014 07:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17420, time stamp: 0x545ad233
Faulting module name: kernel32.dll, version: 6.1.7601.18409, time stamp: 0x53159a85
Exception code: 0xc0000005
Fault offset: 0x00011398
Faulting process id: 0x798
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (12/06/2014 11:00:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ccf4

Start Time: 01d01168ed89ca36

Termination Time: 179

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/04/2014 08:58:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15a8

Start Time: 01d0100de7a490f1

Termination Time: 409

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/04/2014 06:50:02 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/04/2014 06:50:02 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

System errors:
=============
Error: (12/18/2014 10:27:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/18/2014 10:27:07 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Error: (12/18/2014 10:27:06 AM) (Source: DCOM) (EventID: 10016) (User: Speedy-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Speedy-PCGuestS-1-5-21-510759003-1359589821-1816244512-501LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (12/18/2014 06:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe17.12.2014.042c401d01b17d6afd1f710C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OB0Y9KX\FRST64.exe1ccf8340-870b-11e4-9b54-94dbc9b2d14a

Error: (12/18/2014 03:20:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [0]

Error: (12/16/2014 10:51:15 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Speedy-PC)
Description: HRESULT:0x8004FF0A
Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A.

Error: (12/16/2014 08:57:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174961a3401d01937557e40a8280C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/16/2014 08:57:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17496160401d019374f905fbe1372C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/06/2014 07:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17420545ad233kernel32.dll6.1.7601.1840953159a85c00000050001139879801d0119f3afd8725C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\kernel32.dllf9983ef7-7daa-11e4-92ee-10bf4821c014

Error: (12/06/2014 11:00:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420ccf401d01168ed89ca36179C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/04/2014 08:58:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1742015a801d0100de7a490f1409C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/04/2014 06:50:02 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/04/2014 06:50:02 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

==================== Memory info ===========================

Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8151.91 MB
Available physical RAM: 5048.8 MB
Total Pagefile: 16301.99 MB
Available Pagefile: 11954.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:931.51 GB) (Free:847.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4BDFF47C)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 18 December 2014 - 06:38 PM

Hi,

 

You have FRST64 running from your Temporary Internet Files, please re read the instructions, it says to download it to your desktop, go ahead and redownload it to your desktop

 

Download the 64 bit version

Please download Farbar Recovery Scan Tool and save it to your DESKTOP

 

Then i am going to attach a file named Fixlist, save it to your desktop where you have FRST64 or the fix wont work, Fixlist is downloaded, open up FRST64 and click on Fix, it will reboot your system and you will see a log on your desktop named FIXLOG, post it please

 

Do this and then we will need to run some other programs

Attached Files



 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#7 Dan15795

Dan15795

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 18 December 2014 - 07:08 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Speedy at 2014-12-18 19:53:07 Run:1
Running from C:\Users\Speedy\Desktop
Loaded Profile: Speedy (Available profiles: Speedy & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDesktop => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value deleted successfully.
HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value deleted successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => Key deleted successfully.
"HKU\.DEFAULT\Software\Classes\.exe" => Key deleted successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => Key not found.
"HKU\S-1-5-19\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-19\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-19\Software\Classes\exefile" => Key not found.
"HKU\S-1-5-20\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-20\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-20\Software\Classes\exefile" => Key not found.
"HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Classes\exefile" => Key not found.

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 919.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====



#8 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 18 December 2014 - 07:11 PM

Great, lets run a few more programs, this will clean you up nicely, run these in order listed please

 

-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  •  
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    ===============================================================================
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked<------------
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished click on VIEW DETAILED LOG
  • When it opens click on COPY TO CLIPBOARD
  • Then paste the log back into this thread for review
  • Exit Malwarebytes


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #9 Dan15795

    Dan15795

      Authentic Member

    • Authentic Member
    • PipPip
    • 25 posts

    Posted 18 December 2014 - 07:27 PM

    # AdwCleaner v4.105 - Report created 18/12/2014 at 20:22:44
    # Updated 08/12/2014 by Xplode
    # Database : 2014-12-16.1 [Live]
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Speedy - SPEEDY-PC
    # Running from : C:\Users\Speedy\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : c2cautoupdatesvc
    Service Deleted : c2cpnrsvc

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
    Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Users\Guest\AppData\Local\AVG SafeGuard toolbar
    Folder Deleted : C:\Users\Guest\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\Speedy\AppData\Local\AVG SafeGuard toolbar
    Folder Deleted : C:\Users\Speedy\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\Speedy\AppData\Roaming\OpenCandy

    ***** [ Scheduled Tasks ] *****

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
    Key Deleted : HKCU\Software\AVG SafeGuard toolbar
    Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17496

    *************************

    AdwCleaner[R0].txt - [3947 octets] - [18/12/2014 20:21:03]
    AdwCleaner[S0].txt - [3865 octets] - [18/12/2014 20:22:44]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3925 octets] ##########



    #10 Dan15795

    Dan15795

      Authentic Member

    • Authentic Member
    • PipPip
    • 25 posts

    Posted 18 December 2014 - 07:33 PM

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.0 (11.29.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Speedy on Thu 12/18/2014 at 20:30:17.13
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    ~~~ Services

     

    ~~~ Registry Values

     

    ~~~ Registry Keys

     

    ~~~ Files

     

    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\sparktrust"
    Successfully deleted: [Folder] "C:\Users\Speedy\AppData\Roaming\sparktrust"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

     

    ~~~ Event Viewer Logs were cleared

     

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 12/18/2014 at 20:31:57.86
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


      Advertisements

    Register to Remove


    #11 Dan15795

    Dan15795

      Authentic Member

    • Authentic Member
    • PipPip
    • 25 posts

    Posted 18 December 2014 - 07:53 PM

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 12/18/2014
    Scan Time: 8:43:25 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2014.12.18.06
    Rootkit Database: v2014.12.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Speedy

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 369061
    Time Elapsed: 7 min, 58 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 1
    Trojan.Agent.Gen, HKU\S-1-5-21-510759003-1359589821-1816244512-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|{79BF4901-1EC4-4726-B3C2-A7859706C6E7}, "C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZP34264D\LeagueofLegends_NA_Installer_05_07_13.exe" /cmdloc "HKCU\Software\Riot Games AiTemp\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}", , [6be3432188f492a4ec01f06b19ebce32]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)

    (end)



    #12 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 18 December 2014 - 08:08 PM

    Good, go ahead and run a new scan with FRST64 just like before, this time be sure to also checkmark Additions and post both logs, take your time, been a Looooooonnnng day, be back in the morning



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #13 Dan15795

    Dan15795

      Authentic Member

    • Authentic Member
    • PipPip
    • 25 posts

    Posted 18 December 2014 - 08:33 PM

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
    Ran by Speedy (administrator) on SPEEDY-PC on 18-12-2014 21:31:26
    Running from C:\Users\Speedy\Desktop
    Loaded Profile: Speedy (Available profiles: Speedy & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
    () C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    () C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Windows\AsScrPro.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373248 2012-03-28] (Alcor Micro Corp.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
    HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-03-30] (VIA)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
    HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
    HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
    HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe [84464 2011-05-23] ()
    HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS)
    HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2013-12-04] (ASUS)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [773256 2014-12-10] (Webroot)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
    ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
    ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
    ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [  ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [   ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [    ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [_WrSyncExcl] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [_WrSyncGreen] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [_WrSyncRed] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
    ShellIconOverlayIdentifiers: [_WrSyncYellow] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
    HKU\S-1-5-21-510759003-1359589821-1816244512-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
    BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
    BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
    BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
    BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
    Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
    DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab
    DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.15.0.cab
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-12-18]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-02-11]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
    R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2011-03-27] () [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
    R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
    S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
    R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
    S2 WRSVC; C:\Program Files\Webroot\WRSA.exe [773256 2014-12-10] (Webroot)
    S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
    S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-12-13] (AVG Technologies)
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
    R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-12-10] (Webroot)
    U0 SR; No ImagePath
    U2 srservice; No ImagePath

    ========================== Drivers MD5 =======================

    C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
    C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
    C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
    C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658
    C:\Windows\SysWOW64\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658
    C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
    C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
    C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
    C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
    C:\Windows\system32\drivers\appid.sys 80B9412C4DE09147581FC935FB4C97AB
    C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
    C:\eSupport\eDriver\I386\AsPrOb64.sys 48C1470F7D119FE1ABAB72BABD8281BB
    C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
    C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\athrx.sys 7D0398396727195CC73D703001D3CFF4
    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 41CEAFFCF3550785E59E3EC9BEE8D97A
    C:\Windows\system32\drivers\avgtpx64.sys A1F53D2A00E64679A1D81B61D2333D06
    C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
    C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
    C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
    C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
    C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
    C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
    C:\Windows\System32\CLFS.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
    C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
    C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
    C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
    C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
    C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
    C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
    C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
    C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
    C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
    C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\fssfltr.sys B3EB502D2C3F47C47415F85387DFAEF1
    C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
    C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
    C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
    C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
    C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
    C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
    C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
    C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
    C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
    C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\iaStor.sys C224331A54571C8C9162F7714400BBBD
    C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
    C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
    C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
    C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
    C:\Windows\System32\DRIVERS\iusb3hcs.sys 6BCEF45131C8B8E1C558BE540B190B3C
    C:\Windows\System32\DRIVERS\iusb3hub.sys F080EADA8715F811B58BD35BB774F2F9
    C:\Windows\System32\DRIVERS\iusb3xhc.sys 0F1756D9396740F053221FA6260FCE66
    C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\kbfiltr.sys E63EF8C3271D014F14E2469CE75FECB4
    C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
    C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
    C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\L1C62x64.sys FC010C7814DDAC17389A7D87EA2EBB39
    C:\Windows\System32\DRIVERS\LEqdUsb.Sys 5EA1731968F2FD0E950DDCE6D36C5134
    C:\Windows\System32\DRIVERS\LHidEqd.Sys 50AC0930F05DFB996F085B49E112E5C9
    C:\Windows\System32\DRIVERS\LHidFilt.Sys 96EB043E2843B5A87A486D0BC6921094
    C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\LMouFilt.Sys A5C1DA229B3B660BBF3BDC30ADBFBB61
    C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
    C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
    C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
    C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
    C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
    C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
    C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
    C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
    C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
    C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
    C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
    C:\Windows\System32\drivers\nvhda64v.sys C87B11EB78428853F9E8495C47E53C10
    C:\Windows\System32\DRIVERS\nvlddmkm.sys 185B4FFECD886A424B57B58AE173FBBE
    C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
    C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 0C4A0D577A6EF1B9D353851668779944
    C:\Windows\System32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
    C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
    C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
    C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
    C:\Windows\System32\drivers\peauth.sys 946010CDFA91469351B22E2620CEBCD8
    C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
    C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
    C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
    C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
    C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\SiSG664.sys 1BC348CF6BAA90EC8E533EF6E6A69933
    C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\Smb_driver.sys E81E48E132216DE7BD5A4E7C89054187
    C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
    C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
    C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
    C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
    C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\SynTP.sys 5338ADD749AD5A3CEA35787F8654C015
    C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
    C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
    C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
    C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
    C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
    C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
    C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
    C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
    C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
    C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
    C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
    C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
    C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
    C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
    C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
    C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
    C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
    C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\viahduaa.sys 3826718E3B26643470094C414AA762CA
    C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
    C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
    C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wimfltr.sys 52DED146E4797E6CCF94799E8E22BB2A
    C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
    C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
    C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
    C:\Windows\System32\drivers\WRkrn.sys B60828CB0F4186466EC9C46996FA636C
    C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
    C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
    C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-18 21:31 - 2014-12-18 21:31 - 00034847 _____ () C:\Users\Speedy\Desktop\FRST.txt
    2014-12-18 20:40 - 2014-12-18 20:40 - 00001122 _____ () C:\Users\Speedy\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-18 20:38 - 2014-12-18 20:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-18 20:38 - 2014-12-18 20:40 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-18 20:38 - 2014-12-18 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-18 20:38 - 2014-12-18 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-18 20:38 - 2014-12-18 20:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-12-18 20:38 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-12-18 20:38 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-12-18 20:38 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-12-18 20:36 - 2014-12-18 20:36 - 00000634 _____ () C:\Users\Speedy\Desktop\JRT.txt
    2014-12-18 20:30 - 2014-12-18 20:30 - 00000000 ____D () C:\Windows\ERUNT
    2014-12-18 20:29 - 2014-12-18 20:29 - 01707646 _____ (Thisisu) C:\Users\Speedy\Desktop\JRT.exe
    2014-12-18 20:20 - 2014-12-18 20:22 - 00000000 ____D () C:\AdwCleaner
    2014-12-18 20:20 - 2014-12-18 20:20 - 02166272 _____ () C:\Users\Speedy\Desktop\AdwCleaner.exe
    2014-12-18 19:50 - 2014-12-18 19:50 - 02121216 _____ (Farbar) C:\Users\Speedy\Downloads\FRST64.exe
    2014-12-18 19:50 - 2014-12-18 19:50 - 02121216 _____ (Farbar) C:\Users\Speedy\Desktop\FRST64.exe
    2014-12-18 18:10 - 2014-12-18 18:10 - 00002059 _____ () C:\Users\Speedy\Desktop\aswMBR.txt
    2014-12-18 17:54 - 2014-12-18 21:31 - 00000000 ____D () C:\FRST
    2014-12-18 17:52 - 2014-12-18 18:10 - 00000512 _____ () C:\Users\Speedy\Desktop\MBR.dat
    2014-12-18 15:25 - 2014-11-12 15:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2014-12-18 15:24 - 2014-12-18 15:24 - 00000000 _____ () C:\Windows\SysWOW64\SETA46E.tmp
    2014-12-18 15:24 - 2014-12-18 15:24 - 00000000 _____ () C:\Windows\SysWOW64\SET99EE.tmp
    2014-12-18 15:23 - 2014-11-12 19:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2014-12-18 15:23 - 2014-11-12 19:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2014-12-18 15:23 - 2014-11-12 19:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2014-12-18 15:20 - 2014-11-22 05:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2014-12-18 15:20 - 2014-11-22 05:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2014-12-18 11:06 - 2014-12-18 11:06 - 00000456 _____ () C:\Users\Speedy\Desktop\Annihilate Malware.website
    2014-12-18 10:33 - 2014-12-18 10:55 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Nico Mak Computing
    2014-12-18 10:27 - 2014-12-18 10:27 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Logitech
    2014-12-17 17:56 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-17 17:56 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-17 17:56 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-17 17:56 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-12-17 10:48 - 2014-12-17 10:48 - 00000390 _____ () C:\Users\Speedy\Desktop\The Rare Truth About ###### Size  Psychology Today.website
    2014-12-17 01:59 - 2014-12-17 01:59 - 00000000 ____D () C:\Users\Speedy\AppData\Local\Logishrd
    2014-12-17 01:59 - 2014-12-17 01:59 - 00000000 ____D () C:\Users\Public\Documents\LogiShrd
    2014-12-17 01:59 - 2014-12-17 01:59 - 00000000 ____D () C:\Program Files\Logitech
    2014-12-17 01:49 - 2014-12-18 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2014-12-17 01:47 - 2014-12-18 19:29 - 00009119 _____ () C:\Windows\LkmdfCoInst.log
    2014-12-17 01:47 - 2014-12-18 19:24 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
    2014-12-17 01:46 - 2014-12-18 18:53 - 00046489 _____ () C:\Windows\LDPINST.LOG
    2014-12-17 01:46 - 2014-12-18 18:53 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
    2014-12-17 01:46 - 2014-12-18 18:52 - 00000000 ____D () C:\ProgramData\Logishrd
    2014-12-17 01:46 - 2014-12-17 01:59 - 00000000 ____D () C:\ProgramData\Logitech
    2014-12-17 01:41 - 2014-12-17 01:59 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Logitech
    2014-12-17 01:41 - 2014-12-17 01:57 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Logishrd
    2014-12-16 23:35 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-12-16 23:35 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-12-16 23:35 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-12-16 23:35 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-12-16 23:35 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-12-16 23:35 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-12-16 23:35 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-12-16 23:35 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-12-16 23:35 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
    2014-12-16 23:35 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2014-12-16 23:35 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2014-12-16 23:35 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-12-16 23:35 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2014-12-16 23:35 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-12-16 23:35 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2014-12-16 23:35 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-12-16 23:10 - 2014-12-16 23:20 - 00000368 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy).job
    2014-12-16 23:10 - 2014-12-16 23:10 - 00003028 _____ () C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy)
    2014-12-16 23:08 - 2014-12-16 23:18 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2014-12-16 23:08 - 2014-12-16 23:10 - 00000000 ____D () C:\Users\Speedy\AppData\Local\SlimWare Utilities Inc
    2014-12-16 23:08 - 2014-12-16 23:08 - 00000000 ____D () C:\Users\Speedy\AppData\Local\Downloaded Installers
    2014-12-16 23:08 - 2014-12-16 23:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2014-12-16 23:08 - 2014-12-16 23:08 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
    2014-12-16 21:55 - 2014-12-16 21:55 - 00000000 ____D () C:\ProgramData\Synaptics
    2014-12-16 13:37 - 2014-12-17 01:15 - 00000478 _____ () C:\Users\Speedy\Desktop\kefir - Google Search.website
    2014-12-12 11:27 - 2014-12-12 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2014-12-10 06:33 - 2014-12-10 06:33 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-10 03:03 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-10 03:03 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-09 20:50 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-09 20:50 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-09 20:50 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-09 20:50 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-09 20:50 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-09 20:50 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-09 20:50 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-09 20:50 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2014-12-09 20:49 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-09 20:49 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-09 20:49 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-09 20:49 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-09 20:49 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-09 20:49 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-09 20:49 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-09 20:49 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-09 20:49 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-09 20:49 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-09 20:49 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-09 20:49 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-09 20:49 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-09 20:49 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-09 20:49 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-09 20:49 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-09 20:49 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-09 20:49 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-09 20:49 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-09 20:49 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-09 20:49 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-09 20:49 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-09 20:49 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-09 20:49 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-09 20:49 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-09 20:49 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-09 20:49 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-09 20:49 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-09 20:49 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-09 20:49 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-09 20:49 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-09 20:49 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-09 20:49 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-09 20:49 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-09 20:49 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-09 20:49 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-09 20:49 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-09 20:49 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-09 20:49 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-09 20:49 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-09 20:49 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-09 20:49 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-09 20:49 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-09 20:49 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-09 20:49 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-09 20:49 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-09 20:49 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-09 20:49 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-09 20:49 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-09 20:49 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-09 20:49 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-09 20:49 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-09 20:49 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-09 20:49 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-09 20:49 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-09 20:49 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-09 20:49 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-09 20:49 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-09 20:49 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-09 20:49 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-09 20:49 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-09 20:49 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-09 20:49 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-09 20:49 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-09 20:49 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-09 20:49 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-09 20:49 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-09 20:49 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-09 20:49 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-09 20:49 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-09 20:49 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-11-25 02:51 - 2014-11-25 02:55 - 00007619 _____ () C:\Users\Speedy\AppData\Local\Resmon.ResmonCfg
    2014-11-20 16:52 - 2014-11-20 16:52 - 00000000 ____D () C:\Users\Speedy\Desktop\New folder
    2014-11-18 14:19 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-18 14:19 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-18 14:19 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-11-18 14:19 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-18 21:28 - 2013-12-04 13:47 - 00000024 _____ () C:\Users\Speedy\random.dat
    2014-12-18 21:12 - 2014-11-17 17:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-18 21:11 - 2013-12-12 18:05 - 00000024 _____ () C:\Users\Speedy\jagexappletviewer.preferences
    2014-12-18 21:10 - 2013-12-04 13:47 - 00000045 _____ () C:\Users\Speedy\jagex_cl_runescape_LIVE.dat
    2014-12-18 20:31 - 2009-07-13 23:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-18 20:31 - 2009-07-13 23:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-18 20:28 - 2013-12-04 20:41 - 01543758 _____ () C:\Windows\WindowsUpdate.log
    2014-12-18 20:26 - 2014-02-11 00:26 - 00000000 ____D () C:\ProgramData\WRData
    2014-12-18 20:24 - 2013-12-12 17:52 - 00301792 _____ () C:\Windows\PFRO.log
    2014-12-18 20:24 - 2013-12-04 20:51 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    2014-12-18 20:24 - 2013-12-04 20:48 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-12-18 20:24 - 2013-12-03 23:55 - 00000380 _____ () C:\Users\Speedy\AppData\Roaming\sp_data.sys
    2014-12-18 20:24 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-18 20:24 - 2009-07-13 23:51 - 00146359 _____ () C:\Windows\setupact.log
    2014-12-18 15:39 - 2014-11-13 21:51 - 00000498 _____ () C:\Users\Speedy\Desktop\K-LOVE Contemporary Christian Music - K-LOVE.website
    2014-12-18 15:30 - 2013-12-04 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2014-12-18 10:27 - 2014-01-17 02:41 - 00000380 _____ () C:\Users\Guest\AppData\Roaming\sp_data.sys
    2014-12-18 10:26 - 2013-12-04 20:51 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    2014-12-18 10:01 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-16 23:47 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-16 22:51 - 2014-01-21 01:03 - 00002052 _____ () C:\Windows\epplauncher.mif
    2014-12-15 05:53 - 2014-11-17 17:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-15 05:53 - 2014-11-17 17:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-15 05:53 - 2014-11-17 17:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-15 05:53 - 2014-07-22 10:04 - 00000000 ____D () C:\Users\Speedy\AppData\Local\Adobe
    2014-12-14 05:57 - 2013-12-18 22:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-12-14 05:57 - 2013-12-18 22:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-12-13 03:02 - 2013-12-18 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-12-12 19:12 - 2014-06-03 19:24 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2014-12-12 19:12 - 2014-06-03 19:24 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2014-12-12 19:12 - 2013-12-05 02:58 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2014-12-12 19:12 - 2013-12-05 02:58 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2014-12-10 19:20 - 2014-02-11 00:26 - 00154760 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
    2014-12-10 19:20 - 2014-02-11 00:26 - 00115680 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
    2014-12-10 19:20 - 2014-02-11 00:26 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
    2014-12-10 06:33 - 2014-05-06 22:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\th-TH
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ar-SA
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-10 06:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-10 03:05 - 2013-12-16 16:17 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-10 03:04 - 2013-12-16 16:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-09 05:26 - 2014-11-13 15:19 - 00000498 _____ () C:\Users\Speedy\Desktop\Summoning - Guides - Zybez Runescape.website
    2014-12-07 04:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-12-06 19:50 - 2013-12-16 14:41 - 00000000 ____D () C:\Users\Speedy\AppData\Local\CrashDumps
    2014-12-01 21:40 - 2014-01-17 02:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\NVIDIA Corporation
    2014-11-25 15:08 - 2013-12-04 20:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-11-24 14:04 - 2013-12-24 15:45 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-11-22 14:51 - 2013-12-18 22:46 - 00000000 ____D () C:\Users\Speedy\AppData\Roaming\Skype
    2014-11-22 05:46 - 2013-12-04 01:17 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
    2014-11-22 00:52 - 2013-12-12 00:53 - 00000046 _____ () C:\Users\Speedy\jagex_cl_runescape_LIVE1.dat

    Files to move or delete:
    ====================
    C:\Users\Speedy\jagex_cl_runescape_LIVE.dat
    C:\Users\Speedy\jagex_cl_runescape_LIVE1.dat
    C:\Users\Speedy\random.dat

    Some content of TEMP:
    ====================
    C:\Users\Speedy\AppData\Local\Temp\Quarantine.exe
    C:\Users\Speedy\AppData\Local\Temp\sqlite3.dll

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    ==================== BCD ================================

    Windows Boot Manager
    --------------------
    identifier              {bootmgr}
    device                  partition=C:
    description             Windows Boot Manager
    locale                  en-US
    inherit                 {globalsettings}
    default                 {current}
    resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
    displayorder            {current}
    toolsdisplayorder       {memdiag}
    timeout                 30

    Windows Boot Loader
    -------------------
    identifier              {current}
    device                  partition=C:
    path                    \Windows\system32\winload.exe
    description             Windows 7
    locale                  en-US
    inherit                 {bootloadersettings}
    recoverysequence        {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
    recoveryenabled         Yes
    osdevice                partition=C:
    systemroot              \Windows
    resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
    nx                      OptIn

    Windows Boot Loader
    -------------------
    identifier              {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
    device                  ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
    path                    \windows\system32\winload.exe
    description             Windows Recovery Environment
    inherit                 {bootloadersettings}
    osdevice                ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
    systemroot              \windows
    nx                      OptIn
    winpe                   Yes

    Resume from Hibernate
    ---------------------
    identifier              {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
    device                  partition=C:
    path                    \Windows\system32\winresume.exe
    description             Windows Resume Application
    locale                  en-US
    inherit                 {resumeloadersettings}
    filedevice              partition=C:
    filepath                \hiberfil.sys
    debugoptionenabled      No

    Windows Memory Tester
    ---------------------
    identifier              {memdiag}
    device                  partition=C:
    path                    \boot\memtest.exe
    description             Windows Memory Diagnostic
    locale                  en-US
    inherit                 {globalsettings}
    badmemoryaccess         Yes

    EMS Settings
    ------------
    identifier              {emssettings}
    bootems                 Yes

    Debugger Settings
    -----------------
    identifier              {dbgsettings}
    debugtype               Serial
    debugport               1
    baudrate                115200

    RAM Defects
    -----------
    identifier              {badmemory}

    Global Settings
    ---------------
    identifier              {globalsettings}
    inherit                 {dbgsettings}
                            {emssettings}
                            {badmemory}

    Boot Loader Settings
    --------------------
    identifier              {bootloadersettings}
    inherit                 {globalsettings}
                            {hypervisorsettings}

    Hypervisor Settings
    -------------------
    identifier              {hypervisorsettings}
    hypervisordebugtype     Serial
    hypervisordebugport     1
    hypervisorbaudrate      115200

    Resume Loader Settings
    ----------------------
    identifier              {resumeloadersettings}
    inherit                 {globalsettings}

    Device options
    --------------
    identifier              {8cb2d9b5-7c05-11de-842e-b4611d44fefa}
    description             Ramdisk Options
    ramdisksdidevice        partition=C:
    ramdisksdipath          \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi

     

    LastRegBack: 2014-11-25 18:25

    ==================== End Of Log ============================



    #14 Dan15795

    Dan15795

      Authentic Member

    • Authentic Member
    • PipPip
    • 25 posts

    Posted 18 December 2014 - 08:34 PM

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
    Ran by Speedy at 2014-12-18 21:32:00
    Running from C:\Users\Speedy\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Webroot SecureAnywhere (Disabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
    AS: Webroot SecureAnywhere (Disabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.142.60386 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 3.1.142.60386 - Alcor Micro Corp.) Hidden
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
    ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
    AsusScr_G75 Series_ENG (HKLM-x32\...\AsusScr_G75 Series_ENG) (Version: 1.0.0001 - ASUS)
    Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
    Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
    GameFast (HKLM\...\GameFast_is1) (Version: 1.0.1.1 - ASUSTEK Computer Inc)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS)
    Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
    Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
    Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
    Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-510759003-1359589821-1816244512-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
    Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Rotation Desktop for G Series (HKLM\...\Rotation Desktop for G Series_is1) (Version: 1.1.3.2 - ASUSTEK Computer Inc)
    Roxio CinePlayer (HKLM-x32\...\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}) (Version: 5.8.58233.4 - Roxio)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
    System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.28 - Webroot)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
    Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-510759003-1359589821-1816244512-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points  =========================

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {25EC74F6-2D93-428F-826A-32F996EB5BCE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
    Task: {2D826ED8-10C5-4823-BCC4-3DC9D895C26A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {72C8BB70-D555-453B-8C49-B9256101CE19} - System32\Tasks\{BCF0C7DB-97F4-4096-8939-44D0A676B6DF} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
    Task: {84D7D60D-17FB-414E-ABC7-F0541DE09175} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {8ADA960D-9896-4E2D-9A04-6566E0F15200} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
    Task: {8C8A8A3F-739E-4A7E-A0E4-339438A7EBD0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
    Task: {8CBD5F4A-4A77-47C5-BB12-D280CAFE4829} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
    Task: {972E77FC-238E-4AF9-8BC2-9CA6FDC51C95} - System32\Tasks\{43EC1D80-D33B-4ADE-8C09-5B8E5159C31F} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
    Task: {A5C51242-DB9A-46DB-91F6-415A5D4690BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
    Task: {A6E7D4AB-2073-46DE-95A7-9036815DE98B} - System32\Tasks\{BCC8F344-D6C6-443B-B9B2-95580BADE0F7} => Iexplore.exe http://ui.skype.com/...?LastError=1618
    Task: {AC0DB338-7B93-4C59-8C54-0E35AF73B816} - System32\Tasks\{9248C29D-0471-45C2-BB66-926EBE930B0F} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
    Task: {AE0DD6B2-C13A-4525-A111-2C5BC871D4B9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
    Task: {BE6C94CE-7A89-472C-A800-FBAC4B5F5059} - System32\Tasks\{19265BA4-1AB7-43E1-AC74-1CBF8AB58E9A} => C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe [2011-11-11] ()
    Task: {D9C815A5-3B4E-44E2-AF11-1B65B04DF445} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
    Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Speedy).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-12-04 20:47 - 2014-11-12 16:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2013-12-04 21:01 - 2011-03-27 16:23 - 00113840 _____ () C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
    2013-12-04 20:50 - 2012-02-21 15:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2013-12-04 20:51 - 2012-03-30 07:01 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
    2013-12-04 20:51 - 2012-03-30 07:01 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
    2011-05-23 04:04 - 2011-05-23 04:04 - 00084464 _____ () C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
    2014-02-06 03:52 - 2014-02-06 03:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2012-01-31 12:25 - 2012-01-31 12:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
    2012-02-06 22:32 - 2012-02-06 22:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2013-12-04 20:50 - 2012-02-21 15:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-510759003-1359589821-1816244512-500 - Administrator - Disabled)
    Guest (S-1-5-21-510759003-1359589821-1816244512-501 - Limited - Enabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-510759003-1359589821-1816244512-1003 - Limited - Enabled)
    Speedy (S-1-5-21-510759003-1359589821-1816244512-1001 - Administrator - Enabled) => C:\Users\Speedy

    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============

    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
    Percentage of memory in use: 23%
    Total physical RAM: 8151.91 MB
    Available physical RAM: 6227.06 MB
    Total Pagefile: 16301.99 MB
    Available Pagefile: 14183.46 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:931.51 GB) (Free:847.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4BDFF47C)
    Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================



    #15 Dan15795

    Dan15795

      Authentic Member

    • Authentic Member
    • PipPip
    • 25 posts

    Posted 18 December 2014 - 08:34 PM

    Users shortcut scan result (x64) Version: 17-12-2014
    Ran by Speedy at 2014-12-18 21:32:25
    Running from C:\Users\Speedy\Desktop
    Boot Mode: Normal
    ==================== Shortcuts =============================
    (The entries could be listed to be restored or removed.)

     

    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk -> C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\Windows\Installer\{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}\fssicon.ico ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio\CinePlayer\CinePlayer.lnk -> C:\Program Files (x86)\Roxio\CinePlayer\5.0\CinePlayer.exe (Sonic Solutions)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Logitech Unifying Software.lnk -> C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe (Logitech, Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Photos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Virtual Camera.lnk -> C:\Windows\Installer\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}\_4AE49D2DDE6B2531E0BD84.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\e-Driver.lnk -> C:\eSupport\eDriver\InstAll.exe (ASUSTek Computer INC.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\GameFast.lnk -> C:\Program Files\ASUS\GameFast\GameFast.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LifeFrame.lnk -> C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe (ASUSTek Computer Inc. All rights reserved.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Power4Gear Hybrid.lnk -> C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_76D1D93228F14F1540EB5E.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Rotation Desktop for G Series.lnk -> C:\Program Files\ASUS\Rotation Desktop for G Series\Rotation Desktop for G Series.exe (ASUS)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\USB Charger Plus.lnk -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_C135493C20DFA7FE7F14D0.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk -> C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe (ASUSTek Computer Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Wireless Console 3.lnk -> C:\Windows\Installer\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}\_6FC4AD3CB38ECE3AA1E7B9.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Compatibility Tool.Lnk -> C:\Program Files (x86)\ASUS\Splendid\Backache.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Utility.Lnk -> C:\Program Files (x86)\ASUS\Splendid\Backbone.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\Links\Desktop.lnk -> C:\Users\Speedy\Desktop ()
    Shortcut: C:\Users\Guest\Links\Downloads.lnk -> C:\Users\Speedy\Downloads ()
    Shortcut: C:\Users\Guest\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
    Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
    Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
    Shortcut: C:\Users\Public\Desktop\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe ()
    Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
    Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
    Shortcut: C:\Users\Speedy\Links\Desktop.lnk -> C:\Users\Speedy\Desktop ()
    Shortcut: C:\Users\Speedy\Links\Downloads.lnk -> C:\Users\Speedy\Downloads ()
    Shortcut: C:\Users\Speedy\Links\SkyDrive.lnk -> C:\Users\Speedy\SkyDrive ()
    Shortcut: C:\Users\Speedy\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
    Shortcut: C:\Users\Speedy\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
    Shortcut: C:\Users\Speedy\Desktop\Game\Diablo III.lnk -> C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\Users\Speedy\Desktop\Game\Play League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk -> C:\Users\Speedy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\License.lnk -> C:\Users\Speedy\jagexcache\jagexlauncher\LICENSE.txt ()
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe ()
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Uninstall Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OWUninstaller.exe (Overwolf LTD)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\LifeFrame.lnk -> C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe (ASUSTek Computer Inc. All rights reserved.)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b15f30ab853b7d31\Diablo III.lnk -> C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7111c0ce965b7246\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)

     

    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere\Webroot SecureAnywhere.lnk -> C:\Program Files\Webroot\WRSA.exe (Webroot) -> -showgui
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere\Tools\Uninstall Webroot.lnk -> C:\Program Files\Webroot\WRSA.exe (Webroot) -> -uninstall
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) -> -q -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) -> -p -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} /qf
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Mouse and Keyboard\Mouse and Keyboard Settings.lnk -> C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Updates\Intel® ME FW Recovery Agent.lnk -> C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe (Intel Corporation) -> --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller consumer
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Reminders.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
    ShortcutWithArgument: C:\ProgramData\ASUS Resource Center\ASUS Resource Center.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
    ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
    ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
    ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
    ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\Users\Public\Desktop\ASUS Resource Center.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
    ShortcutWithArgument: C:\Users\Speedy\Desktop\Game\RuneScape.lnk -> C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk -> C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\RuneScape.lnk -> C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\RuneScape.lnk -> C:\Users\Speedy\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape
    ShortcutWithArgument: C:\Users\Speedy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

    InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
    InternetURL: C:\Users\Guest\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
    InternetURL: C:\Users\Guest\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
    InternetURL: C:\Users\Guest\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
    InternetURL: C:\Users\Guest\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
    InternetURL: C:\Users\Speedy\Favorites\Bartender, Server, Waiter, Waitress, Host, Hostess Jobs in Lake Grove, New York - Bahama Breeze.url -> hxxp://www.careerbuilder.com/JobSeeker/Jobs/JobDetails.aspx?APath=2.21.0.0.0&job_did=JZM447648R5Q8TF21RQ&sc_cmp1=js_jrp_jobclick&IPath=JRKV0C
    InternetURL: C:\Users\Speedy\Favorites\Buy Abundant Runescape Accounts, Cheap Runescape Account, Cheap RS Account and RS Accounts on rs4us..url -> hxxp://www.rs4us.com/AccountDetails.aspx?Guid=650f80c2-23fe-493e-a7a6-a277cbaf438b
    InternetURL: C:\Users\Speedy\Favorites\eastbay Prepare To Win.url -> hxxp://www.eastbay.com/
    InternetURL: C:\Users\Speedy\Favorites\Should a Christian play video games.url -> hxxp://www.gotquestions.org/Christian-video-games.html
    InternetURL: C:\Users\Speedy\Favorites\Support Contact Information for Corporate, Endpoint & Email  Webroot.url -> hxxp://www.webroot.com/us/en/support/business-contact
    InternetURL: C:\Users\Speedy\Favorites\United States Coast Guard Academy.url -> hxxp://www.uscga.info/?utm_source=1327212&utm_medium=cpc&utm_campaign=search&gclid=CIjosv_NxLwCFVFo7Aodky8Avw
    InternetURL: C:\Users\Speedy\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
    InternetURL: C:\Users\Speedy\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
    InternetURL: C:\Users\Speedy\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
    InternetURL: C:\Users\Speedy\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
    InternetURL: C:\Users\Speedy\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
    InternetURL: C:\Users\Speedy\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
    InternetURL: C:\Users\Speedy\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
    InternetURL: C:\Users\Speedy\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
    InternetURL: C:\Users\Speedy\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
    InternetURL: C:\Users\Speedy\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
    InternetURL: C:\Users\Speedy\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
    InternetURL: C:\Users\Speedy\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
    InternetURL: C:\Users\Speedy\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
    InternetURL: C:\Users\Speedy\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
    InternetURL: C:\Users\Speedy\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
    InternetURL: C:\Users\Speedy\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
    InternetURL: C:\Users\Speedy\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
    InternetURL: C:\Users\Speedy\Favorites\Links\Breakthrough with Rod Parsley.url -> https://www.rodparsley.com/
    InternetURL: C:\Users\Speedy\Favorites\Links\Contemporary Christian Music, Internet radio - K-LOVE.url -> hxxp://www.klove.com/
    InternetURL: C:\Users\Speedy\Favorites\Links\Dictionary.com - Free Online English Dictionary.url -> hxxp://dictionary.reference.com/
    InternetURL: C:\Users\Speedy\Favorites\Links\Free TV Shows and Movies - Watch Your Favorite TV Episodes and Movies Online  Hulu.url -> hxxp://www.hulu.com/
    InternetURL: C:\Users\Speedy\Favorites\Links\Google.url -> https://www.google.com/?gws_rd=ssl
    InternetURL: C:\Users\Speedy\Favorites\Links\Home.url -> hxxp://www.thewisdomcenter.tv/
    InternetURL: C:\Users\Speedy\Favorites\Links\Numera.url -> hxxp://www.numera.com/
    InternetURL: C:\Users\Speedy\Favorites\Links\Sign In.url -> https://login.live.c...bcxt=mai&snsc=1
    InternetURL: C:\Users\Speedy\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
    InternetURL: C:\Users\Speedy\Favorites\Links\The RuneScape Wiki.url -> hxxp://runescape.wikia.com/wiki/RuneScape_Wiki
    InternetURL: C:\Users\Speedy\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
    InternetURL: C:\Users\Speedy\Favorites\Links\YouTube.url -> https://www.youtube.com/
    InternetURL: C:\Users\Speedy\Favorites\ASUS E-Service\ASUS Homepage.url -> hxxp://www.asus.com/
    InternetURL: C:\Users\Speedy\Favorites\ASUS E-Service\ASUS Member.url -> hxxp://member.asus.com/
    InternetURL: C:\Users\Speedy\Favorites\ASUS E-Service\ASUS Software Download.url -> hxxp://www.asus.com/support/download
    InternetURL: C:\Users\Speedy\Favorites\ASUS E-Service\ASUS Technical Support.url -> hxxp://www.asus.com/support
    InternetURL: C:\Users\Speedy\Desktop\Welcome to Facebook - Log In, Sign Up or Learn More.url -> https://www.facebook.com/

    ==================== End of log =============================


    Edited by Dan15795, 18 December 2014 - 08:39 PM.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users