Advertisement
Guest User

Untitled

a guest
Jul 4th, 2015
287
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 108.09 KB | None | 0 0
  1. FRST.txt
  2.  
  3. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
  4. Ran by Collin (administrator) on COLLIN on 17-06-2015 21:34:03
  5. Running from C:\Users\Collin\Desktop
  6. Loaded Profiles: Collin (Available Profiles: Collin)
  7. Platform: Windows 8.1 (X64) OS Language: English (United States)
  8. Internet Explorer Version 11 (Default browser: Chrome)
  9. Boot Mode: Normal
  10. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  11.  
  12. ==================== Processes (Whitelisted) =================
  13.  
  14. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  15.  
  16. (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
  17. (Datpol) C:\Program Files (x86)\SpyShelter Firewall\SpyShelterSrv.exe
  18. (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
  19. (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  20. (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
  21. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  22. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
  23. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
  24. (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
  25. (Wistron) C:\Windows\SysWOW64\CtrlPanel.exe
  26. (Microsoft Corporation) C:\Windows\System32\dasHost.exe
  27. () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
  28. (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
  29. (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
  30. () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
  31. (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
  32. () C:\Program Files\acerIR\IRSrv.exe
  33. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
  34. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
  35. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
  36. (PointGrab LTD) C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe
  37. (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
  38. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  39. (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
  40. () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
  41. (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
  42. (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
  43. (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
  44. (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
  45. (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
  46. (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
  47. (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
  48. (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
  49. (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
  50. (Intel Corporation) C:\Windows\System32\igfxtray.exe
  51. (Intel Corporation) C:\Windows\System32\hkcmd.exe
  52. (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
  53. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  54. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  55. (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
  56. (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
  57. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  58. (Spotify Ltd) C:\Users\Collin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
  59. (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
  60. (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
  61. (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
  62. (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
  63. (Wistron) C:\Windows\SysWOW64\CtrlPanel.exe
  64. (PointGrab LTD) C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGPanel.exe
  65. (Corp) C:\Program Files\acerIR\IRListenApp.exe
  66. (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
  67. (ITE Tech. Inc.) C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe
  68. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
  69. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  70. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
  71. (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
  72. (QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
  73. (QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
  74. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  75. (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
  76. (Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
  77. (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
  78. () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
  79. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  80. (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
  81. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
  82. (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
  83. (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
  84. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
  85. (Microsoft Corporation) C:\Windows\System32\rundll32.exe
  86. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  87. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  88. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  89. (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
  90.  
  91.  
  92. ==================== Registry (Whitelisted) ==================
  93.  
  94. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  95.  
  96. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-06-01] (Realtek Semiconductor)
  97. HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2012-11-09] ()
  98. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
  99. HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-18] (Bitdefender)
  100. HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
  101. HKLM-x32\...\Run: [WCtrlPanel] => C:\Windows\SysWOW64\CtrlPanel.exe [229376 2011-05-20] (Wistron)
  102. HKLM-x32\...\Run: [IRApp] => C:\Program Files\acerIR\IRListenApp.exe [359424 2012-05-14] (Corp)
  103. HKLM-x32\...\Run: [CIRAP] => C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe [604304 2012-07-06] (ITE Tech. Inc.)
  104. HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2618680 2015-04-08] (Malwarebytes Corporation)
  105. HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508744 2014-10-26] (QFX Software Corporation)
  106. HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
  107. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
  108. HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
  109. HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
  110. Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
  111. HKLM\...\Policies\Explorer: [NoControlPanel] 0
  112. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [Spotify Web Helper] => C:\Users\Collin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-27] (Spotify Ltd)
  113. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
  114. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
  115. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
  116. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-10] (Bitdefender)
  117. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com)
  118. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
  119. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-10-28] (Microsoft Corporation)
  120. HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-28] (Microsoft Corporation)
  121. HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-28] (Microsoft Corporation)
  122. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hand Gesture Control.lnk [2013-04-25]
  123. ShortcutTarget: Hand Gesture Control.lnk -> C:\Windows\Installer\{4B145183-E986-4585-ADDF-0C73DB575112}\NewShortcut2_B6E756492E054C52892B86CE7391EFC9.exe (Flexera Software LLC)
  124. Startup: C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-11]
  125. ShortcutTarget: Dropbox.lnk -> C:\Users\Collin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
  126. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
  127. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
  128. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
  129. ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  130. ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  131. ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  132. ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
  133. ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
  134. ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
  135. ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
  136. ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  137. ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  138. ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  139. ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
  140. ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
  141. ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
  142.  
  143. ==================== Internet (Whitelisted) ====================
  144.  
  145. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  146.  
  147. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  148. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
  149. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
  150. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
  151. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
  152. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
  153. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
  154. SearchScopes: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001 -> DefaultScope {BA42385E-D3C5-489C-A4A4-F951A3276544} URL =
  155. SearchScopes: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001 -> {BA42385E-D3C5-489C-A4A4-F951A3276544} URL =
  156. BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
  157. BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
  158. BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2012-11-09] (Qualcomm Atheros Commnucations)
  159. BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
  160. BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Collin\Documents\iTools\Plugin\iToolsBHO64.dll [2015-01-17] (iTools.hk)
  161. BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
  162. BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-10] (Bitdefender)
  163. BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
  164. BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
  165. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-12] (Oracle Corporation)
  166. BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
  167. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)
  168. BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Collin\Documents\iTools\Plugin\iToolsBHO.dll [2015-01-17] (iTools.hk)
  169. Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
  170. Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-10] (Bitdefender)
  171. Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
  172. Toolbar: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
  173. Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
  174. Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
  175.  
  176. FireFox:
  177. ========
  178. FF ProfilePath: C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default
  179. FF NetworkProxy: "ftp", "194.44.237.218"
  180. FF NetworkProxy: "ftp_port", 8080
  181. FF NetworkProxy: "gopher", "194.44.237.218"
  182. FF NetworkProxy: "gopher_port", 8080
  183. FF NetworkProxy: "http", "194.44.237.218"
  184. FF NetworkProxy: "http_port", 8080
  185. FF NetworkProxy: "socks", "194.44.237.218"
  186. FF NetworkProxy: "socks_port", 8080
  187. FF NetworkProxy: "ssl", "194.44.237.218"
  188. FF NetworkProxy: "ssl_port", 8080
  189. FF NetworkProxy: "type", 0
  190. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
  191. FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Users\Collin\Documents\iTools\Plugin\npiTools.dll [2015-01-17] ()
  192. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
  193. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
  194. FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-05-26] (Adobe Systems)
  195. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
  196. FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
  197. FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
  198. FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB)
  199. FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
  200. FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
  201. FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Users\Collin\Documents\iTools\Plugin\npiTools.dll [2015-01-17] ()
  202. FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
  203. FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
  204. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
  205. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
  206. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
  207. FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-26] (Pando Networks)
  208. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
  209. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
  210. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
  211. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-05-26] (Adobe Systems)
  212. FF Plugin HKU\S-1-5-21-1346664306-1066439407-2851303791-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-26] (Pando Networks)
  213. FF user.js: detected! => C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\user.js [2014-10-13]
  214. FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
  215. FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
  216. FF Extension: iMacros for Firefox - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-02-01]
  217. FF Extension: Proxy Tool - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\proxytool@proxylist.co.xpi [2014-05-21]
  218. FF Extension: OkayFreedom - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014-12-24]
  219. FF Extension: Greasemonkey - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-16]
  220. FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-01-22]
  221. FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  222. FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
  223. FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-02-01]
  224. FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
  225. FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-01]
  226. FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
  227. FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-03-18]
  228. FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  229. FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
  230. FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
  231.  
  232. Chrome:
  233. =======
  234. CHR Profile: C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default
  235. CHR Extension: (Google Docs) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
  236. CHR Extension: (Google Drive) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
  237. CHR Extension: (YouTube) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
  238. CHR Extension: (Google Search) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
  239. CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-03]
  240. CHR Extension: (Google Wallet) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-17]
  241. CHR Extension: (Gmail) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]
  242. CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
  243.  
  244. ==================== Services (Whitelisted) =================
  245.  
  246. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  247.  
  248. R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
  249. R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations) [File not signed]
  250. S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
  251. S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
  252. R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
  253. R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
  254. S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
  255. R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-09] (Acer Incorporated)
  256. S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
  257. R2 CtrlPanel; C:\Windows\SysWOW64\CtrlPanel.exe [229376 2011-05-20] (Wistron) [File not signed]
  258. R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2015-03-17] () [File not signed]
  259. R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
  260. R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
  261. R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1169616 2015-06-03] (AnchorFree Inc.)
  262. S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-06-03] ()
  263. R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [589520 2015-06-03] ()
  264. R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
  265. S3 idcloakRouting; C:\Program Files (x86)\idcloak VPN\systray\routingservice.exe [38480 2014-09-16] ()
  266. S3 idcloakVPN; C:\Program Files (x86)\idcloak VPN\openvpn\openvpnserv.exe [32568 2014-09-16] (The OpenVPN Project)
  267. R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
  268. R2 IRSrv; C:\Program Files\acerIR\IRSrv.exe [179712 2012-05-10] () [File not signed]
  269. R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
  270. S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
  271. R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [656184 2015-04-08] (Malwarebytes Corporation)
  272. S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
  273. S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
  274. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-08] (Electronic Arts)
  275. R2 PGService; C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe [53616 2012-08-22] (PointGrab LTD)
  276. R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
  277. R4 SpyShelterSrv; C:\Program Files (x86)\SpyShelter Firewall\SpyShelterSrv.exe [45056 2015-05-21] (Datpol) [File not signed]
  278. R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-09] (IObit)
  279. R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
  280. R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-18] (Bitdefender)
  281. S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
  282. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
  283.  
  284. ==================== Drivers (Whitelisted) ====================
  285.  
  286. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  287.  
  288. S3 asvpndrv; C:\Windows\system32\DRIVERS\asvpndrv.sys [31744 2012-02-29] (Astrill)
  289. R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-10] (BitDefender)
  290. R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-02-10] (BitDefender)
  291. R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-10] (BitDefender)
  292. S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
  293. R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-02-10] (BitDefender LLC)
  294. R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
  295. S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
  296. S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2015-02-10] (BitDefender SRL)
  297. R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
  298. R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
  299. S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
  300. R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-04-08] ()
  301. R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-03-18] (BitDefender LLC)
  302. R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-12-23] (AnchorFree Inc.)
  303. S4 IObitUnlocker; C:\Users\Collin\Downloads\RAT Remover\IObit Unlocker\IObitUnlocker.sys [35256 2015-06-13] ()
  304. R3 ITECIRfilter; C:\Windows\system32\DRIVERS\ITECIRfilter.sys [18064 2012-06-20] (ITE Tech. Inc. )
  305. R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
  306. R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
  307. S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
  308. R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-01] (Intel Corporation)
  309. R3 PQAWRwa; C:\Windows\SysWOW64\PQAWDrv.sys [12384 2008-03-01] () [File not signed]
  310. R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [38504 2012-04-16] (Windows (R) Codename Longhorn DDK provider)
  311. R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
  312. R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-12-23] (Anchorfree Inc.)
  313. R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
  314. S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
  315. S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
  316. R4 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
  317. R4 Spyshelter; \??\C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.sys [X]
  318. R4 SpyshelterFw; \??\C:\Program Files (x86)\SpyShelter Firewall\SpyshelterWFP.sys [X]
  319. R4 SpyshelterKb; \??\C:\Program Files (x86)\SpyShelter Firewall\SpyshelterKb.sys [X]
  320.  
  321. ==================== NetSvcs (Whitelisted) ===================
  322.  
  323. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  324.  
  325.  
  326. ==================== One Month Created files and folders ========
  327.  
  328. (If an entry is included in the fixlist, the file/folder will be moved.)
  329.  
  330. 2015-06-17 21:34 - 2015-06-17 21:34 - 00031979 _____ C:\Users\Collin\Desktop\FRST.txt
  331. 2015-06-17 21:33 - 2015-06-17 21:34 - 00000000 ____D C:\FRST
  332. 2015-06-17 21:32 - 2015-06-17 21:32 - 02109952 _____ (Farbar) C:\Users\Collin\Desktop\FRST64.exe
  333. 2015-06-17 21:31 - 2015-06-17 21:31 - 00000085 _____ C:\WINDOWS\wininit.ini
  334. 2015-06-17 21:27 - 2015-06-17 21:27 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
  335. 2015-06-16 15:25 - 2015-06-16 15:25 - 00000022 _____ C:\WINDOWS\S.dirmngr
  336. 2015-06-16 15:21 - 2015-06-17 21:26 - 00000000 ____D C:\Program Files (x86)\SpyShelter Firewall
  337. 2015-06-16 15:19 - 2015-06-16 15:20 - 07191408 _____ (Datpol ) C:\Users\Collin\Downloads\fwsetup.exe
  338. 2015-06-13 16:22 - 2015-06-03 11:18 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
  339. 2015-06-13 16:22 - 2015-06-03 11:18 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
  340. 2015-06-13 15:21 - 2015-06-13 15:22 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
  341. 2015-06-13 15:20 - 2015-06-13 15:20 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  342. 2015-06-13 15:20 - 2015-06-13 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  343. 2015-06-13 15:20 - 2015-06-13 15:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
  344. 2015-06-13 15:20 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
  345. 2015-06-13 15:20 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
  346. 2015-06-13 15:20 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
  347. 2015-06-13 15:19 - 2015-06-13 15:20 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Collin\Downloads\mbam-setup-2.1.6.1022.exe
  348. 2015-06-13 15:16 - 2015-06-17 21:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
  349. 2015-06-13 15:16 - 2015-06-17 21:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
  350. 2015-06-13 15:16 - 2015-06-13 15:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
  351. 2015-06-13 15:15 - 2015-06-13 15:15 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Collin\Downloads\spybot-2.4.exe
  352. 2015-06-13 15:03 - 2015-06-13 15:03 - 00001225 _____ C:\Users\Collin\Desktop\cmd.exe.lnk
  353. 2015-06-13 14:41 - 2015-06-13 14:41 - 03548314 _____ C:\Users\Collin\Downloads\RAT Remover.zip
  354. 2015-06-13 14:41 - 2015-06-13 14:41 - 00000000 ____D C:\Users\Collin\Downloads\RAT Remover
  355. 2015-06-13 14:39 - 2015-06-13 14:39 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Curiolab
  356. 2015-06-13 14:32 - 2015-06-13 14:33 - 148828368 _____ (CURIOLAB S.M.B.A.) C:\Users\Collin\Downloads\ExterminateItSetup.exe
  357. 2015-06-13 13:56 - 2015-06-13 13:56 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
  358. 2015-06-13 13:56 - 2015-06-13 13:56 - 00000840 _____ C:\Users\Public\Desktop\CCleaner.lnk
  359. 2015-06-13 13:56 - 2015-06-13 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  360. 2015-06-13 13:56 - 2015-06-13 13:56 - 00000000 ____D C:\Program Files\CCleaner
  361. 2015-06-13 13:54 - 2015-06-13 13:54 - 06552640 _____ (Piriform Ltd) C:\Users\Collin\Downloads\ccsetup506pro.exe
  362. 2015-06-13 12:32 - 2015-06-13 12:32 - 00000258 _____ C:\WINDOWS\Tasks\ASC7_SkipUac_Collin.job
  363. 2015-06-09 19:06 - 2015-04-08 17:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
  364. 2015-06-09 19:05 - 2015-05-25 08:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
  365. 2015-06-09 19:05 - 2015-05-25 08:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
  366. 2015-06-09 19:05 - 2015-04-13 17:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
  367. 2015-06-09 19:05 - 2015-04-13 17:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
  368. 2015-06-09 19:05 - 2015-04-09 19:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
  369. 2015-06-09 19:05 - 2015-04-09 19:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
  370. 2015-06-09 19:05 - 2015-04-08 17:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
  371. 2015-06-09 19:05 - 2015-04-01 17:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
  372. 2015-06-09 19:05 - 2015-04-01 17:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
  373. 2015-06-09 19:05 - 2015-03-19 22:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
  374. 2015-06-09 19:05 - 2015-03-19 22:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
  375. 2015-06-09 19:05 - 2015-03-19 21:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
  376. 2015-06-09 19:05 - 2015-03-19 21:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
  377. 2015-06-09 19:05 - 2015-03-01 20:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
  378. 2015-06-09 19:05 - 2015-03-01 20:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
  379. 2015-06-09 18:55 - 2015-05-27 09:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
  380. 2015-06-09 18:55 - 2015-05-27 09:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
  381. 2015-06-09 18:55 - 2015-05-22 22:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
  382. 2015-06-09 18:55 - 2015-05-22 22:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
  383. 2015-06-09 18:55 - 2015-05-22 22:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
  384. 2015-06-09 18:55 - 2015-05-22 22:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
  385. 2015-06-09 18:55 - 2015-05-22 22:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
  386. 2015-06-09 18:55 - 2015-05-22 21:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
  387. 2015-06-09 18:55 - 2015-05-22 21:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
  388. 2015-06-09 18:55 - 2015-05-22 21:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
  389. 2015-06-09 18:55 - 2015-05-22 21:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
  390. 2015-06-09 18:55 - 2015-05-22 21:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
  391. 2015-06-09 18:55 - 2015-05-22 21:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
  392. 2015-06-09 18:55 - 2015-05-22 21:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
  393. 2015-06-09 18:55 - 2015-05-22 21:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
  394. 2015-06-09 18:55 - 2015-05-22 21:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
  395. 2015-06-09 18:55 - 2015-05-22 21:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
  396. 2015-06-09 18:55 - 2015-05-22 21:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
  397. 2015-06-09 18:55 - 2015-05-22 21:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
  398. 2015-06-09 18:55 - 2015-05-22 21:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
  399. 2015-06-09 18:55 - 2015-05-22 14:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
  400. 2015-06-09 18:55 - 2015-05-22 14:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
  401. 2015-06-09 18:55 - 2015-05-22 14:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
  402. 2015-06-09 18:55 - 2015-05-22 13:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
  403. 2015-06-09 18:55 - 2015-05-22 13:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
  404. 2015-06-09 18:55 - 2015-05-22 13:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
  405. 2015-06-09 18:55 - 2015-05-22 13:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
  406. 2015-06-09 18:55 - 2015-05-22 13:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
  407. 2015-06-09 18:55 - 2015-05-22 13:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
  408. 2015-06-09 18:55 - 2015-05-22 13:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
  409. 2015-06-09 18:55 - 2015-05-22 13:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
  410. 2015-06-09 18:55 - 2015-05-22 13:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
  411. 2015-06-09 18:55 - 2015-05-22 13:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
  412. 2015-06-09 18:55 - 2015-05-22 13:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
  413. 2015-06-09 18:55 - 2015-05-22 13:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
  414. 2015-06-09 18:55 - 2015-05-22 12:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
  415. 2015-06-09 18:55 - 2015-05-22 12:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
  416. 2015-06-09 18:55 - 2015-05-22 12:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
  417. 2015-06-09 18:55 - 2015-05-22 12:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
  418. 2015-06-09 18:55 - 2015-05-22 12:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
  419. 2015-06-09 18:55 - 2015-05-21 11:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
  420. 2015-06-09 18:55 - 2015-04-24 21:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
  421. 2015-06-09 18:55 - 2015-04-24 21:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
  422. 2015-06-09 18:55 - 2015-04-16 01:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
  423. 2015-06-09 18:55 - 2015-03-31 23:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
  424. 2015-06-09 18:55 - 2015-03-31 23:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
  425. 2015-06-09 18:55 - 2015-03-31 23:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
  426. 2015-06-09 18:55 - 2015-03-31 23:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
  427. 2015-06-09 18:55 - 2015-03-31 22:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
  428. 2015-06-09 18:55 - 2015-03-31 22:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
  429. 2015-06-09 18:55 - 2015-03-31 22:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
  430. 2015-06-09 18:55 - 2015-03-31 21:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
  431. 2015-06-09 18:55 - 2015-03-31 21:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
  432. 2015-06-09 18:55 - 2015-03-31 21:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
  433. 2015-06-09 18:55 - 2015-03-31 21:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
  434. 2015-06-09 18:55 - 2015-03-31 21:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
  435. 2015-06-09 18:55 - 2015-03-31 21:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
  436. 2015-06-07 00:19 - 2015-06-07 00:20 - 00000000 ____D C:\Users\Collin\Downloads\wnetwatcher
  437. 2015-06-07 00:19 - 2015-06-07 00:19 - 00307782 _____ C:\Users\Collin\Downloads\wnetwatcher.zip
  438. 2015-06-05 21:01 - 2015-06-05 21:01 - 00000075 _____ C:\Users\Collin\Desktop\Amazon.txt
  439. 2015-06-05 04:16 - 2015-05-22 08:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
  440. 2015-06-05 04:16 - 2015-05-21 08:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
  441. 2015-06-05 04:16 - 2015-05-21 08:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
  442. 2015-06-05 04:16 - 2015-05-21 08:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
  443. 2015-06-05 04:16 - 2015-05-21 08:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
  444. 2015-06-05 04:16 - 2015-05-21 08:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
  445. 2015-06-05 04:16 - 2015-05-21 08:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
  446. 2015-06-05 04:16 - 2015-04-16 17:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
  447. 2015-06-03 20:14 - 2015-06-03 20:14 - 00000000 ____D C:\ProgramData\bdch
  448. 2015-05-29 16:50 - 2015-05-29 16:50 - 00021481 _____ C:\Users\Collin\Downloads\[kat.cr]a.ap.rocky.at.long.last.a.ap.2015.cdrip.asap.torrent
  449. 2015-05-25 16:02 - 2015-06-12 20:45 - 00001034 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
  450. 2015-05-25 15:17 - 2015-05-25 15:17 - 00011888 _____ C:\Users\Collin\Downloads\[kat.cr]fetty.wap.trap.queen.single.2014.mp3.320.kbps.vbuc.torrent
  451. 2015-05-22 22:28 - 2015-05-22 22:28 - 00000018 _____ C:\Users\Collin\Desktop\Oakley.txt
  452.  
  453. ==================== One Month Modified files and folders ========
  454.  
  455. (If an entry is included in the fixlist, the file/folder will be moved.)
  456.  
  457. 2015-06-17 21:34 - 2015-05-17 17:29 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  458. 2015-06-17 21:34 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
  459. 2015-06-17 21:33 - 2014-04-04 14:21 - 01495348 _____ C:\WINDOWS\WindowsUpdate.log
  460. 2015-06-17 21:31 - 2014-03-17 21:04 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1346664306-1066439407-2851303791-1001
  461. 2015-06-17 21:27 - 2014-05-31 19:06 - 00000000 ____D C:\Program Files (x86)\IObit
  462. 2015-06-17 21:25 - 2014-10-28 21:03 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EC5F37BF-E3B6-4CC0-83E1-1C27A7F9607B}
  463. 2015-06-17 21:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
  464. 2015-06-17 06:10 - 2015-01-05 17:48 - 00000334 _____ C:\WINDOWS\Tasks\iToolsDaemon.job
  465. 2015-06-17 06:08 - 2014-03-17 20:39 - 00000000 ____D C:\Users\Collin\AppData\Local\Adobe
  466. 2015-06-16 15:35 - 2014-03-27 20:42 - 00000000 ____D C:\Users\Collin\AppData\Local\CrashDumps
  467. 2015-06-16 15:30 - 2014-06-11 16:26 - 00000000 ___DO C:\Users\Collin\SkyDrive
  468. 2015-06-16 15:27 - 2015-05-17 17:29 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfff6e6e2919e9.job
  469. 2015-06-16 15:27 - 2014-11-13 13:19 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  470. 2015-06-16 15:27 - 2014-10-19 15:02 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
  471. 2015-06-16 15:27 - 2014-06-01 19:41 - 00165659 _____ C:\MyXML.xml
  472. 2015-06-16 15:27 - 2014-05-31 19:07 - 00000000 ____D C:\ProgramData\ProductData
  473. 2015-06-16 15:27 - 2013-04-25 08:51 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
  474. 2015-06-16 15:26 - 2015-01-05 17:48 - 00003270 _____ C:\WINDOWS\System32\Tasks\iToolsDaemon
  475. 2015-06-16 15:25 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
  476. 2015-06-15 05:02 - 2014-11-19 15:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  477. 2015-06-15 04:52 - 2015-03-06 23:52 - 00000933 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job
  478. 2015-06-15 04:52 - 2015-03-06 23:52 - 00000747 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job
  479. 2015-06-15 04:52 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
  480. 2015-06-14 16:10 - 2015-02-14 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFunBox 2014
  481. 2015-06-14 16:10 - 2015-01-05 18:59 - 00000000 ____D C:\Users\Collin\Desktop\iPhone Tools
  482. 2015-06-13 16:19 - 2013-08-22 09:44 - 05180408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  483. 2015-06-13 16:17 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
  484. 2015-06-13 16:14 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
  485. 2015-06-13 16:14 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
  486. 2015-06-13 16:13 - 2014-04-04 14:06 - 00000000 ____D C:\Users\Collin
  487. 2015-06-13 15:20 - 2014-04-28 22:00 - 00000000 ____D C:\ProgramData\Malwarebytes
  488. 2015-06-13 15:07 - 2014-05-31 19:06 - 00000000 ____D C:\ProgramData\IObit
  489. 2015-06-13 14:13 - 2015-04-08 20:25 - 00000000 ____D C:\ProgramData\BlueStacksSetup
  490. 2015-06-13 14:13 - 2014-03-17 20:52 - 00000000 ____D C:\Users\Collin\AppData\Roaming\uTorrent
  491. 2015-06-12 23:58 - 2014-11-28 23:19 - 00000000 ____D C:\Users\Collin\AppData\Local\Popcorn-Time
  492. 2015-06-12 23:08 - 2014-08-24 18:03 - 00000440 _____ C:\Users\Collin\Desktop\hotmail.txt
  493. 2015-06-12 20:45 - 2015-01-22 21:29 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
  494. 2015-06-12 20:11 - 2015-03-09 15:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
  495. 2015-06-12 20:11 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
  496. 2015-06-12 20:10 - 2015-03-09 15:36 - 00000000 ____D C:\ProgramData\Microsoft Help
  497. 2015-06-12 20:10 - 2012-07-26 00:26 - 00000199 _____ C:\WINDOWS\win.ini
  498. 2015-06-12 20:05 - 2014-03-18 18:06 - 00000000 ____D C:\WINDOWS\system32\MRT
  499. 2015-06-12 20:00 - 2014-02-18 12:40 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  500. 2015-06-12 12:54 - 2014-06-21 00:40 - 00000000 ____D C:\WINDOWS\Minidump
  501. 2015-06-12 06:45 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
  502. 2015-06-09 13:35 - 2014-03-17 21:54 - 00002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  503. 2015-06-09 13:02 - 2014-11-19 15:16 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
  504. 2015-06-08 00:59 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
  505. 2015-06-08 00:57 - 2014-12-13 12:27 - 00000000 ____D C:\WINDOWS\system32\appraiser
  506. 2015-06-08 00:57 - 2014-07-09 22:25 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
  507. 2015-06-07 00:18 - 2013-11-14 02:28 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  508. 2015-06-07 00:16 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
  509. 2015-06-05 17:17 - 2013-04-25 08:51 - 00000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
  510. 2015-05-25 16:07 - 2014-09-25 13:43 - 00000000 ____D C:\Users\Collin\AppData\Local\CyberGhost
  511. 2015-05-19 17:45 - 2015-04-08 14:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
  512. 2015-05-19 17:45 - 2015-04-08 14:10 - 00000000 ___SD C:\WINDOWS\system32\GWX
  513.  
  514. ==================== Files in the root of some directories =======
  515.  
  516. 2014-05-26 01:56 - 2014-11-15 14:57 - 0000132 _____ () C:\Users\Collin\AppData\Roaming\Adobe PNG Format CC Prefs
  517. 2014-04-25 16:40 - 2014-04-25 16:42 - 0000089 _____ () C:\Users\Collin\AppData\Roaming\Omnicoin.conf
  518. 2015-04-22 20:33 - 2015-04-22 20:33 - 0001243 _____ () C:\Users\Collin\AppData\Local\recently-used.xbel
  519. 2015-02-01 17:33 - 2015-02-01 17:33 - 0523888 _____ () C:\ProgramData\1422829361.bdinstall.bin
  520. 2014-06-01 19:47 - 2014-06-01 19:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  521.  
  522. Some files in TEMP:
  523. ====================
  524. C:\Users\Collin\AppData\Local\Temp\dzhdv-6v.dll
  525.  
  526.  
  527. ==================== Bamital & volsnap Check =================
  528.  
  529. (There is no automatic fix for files that do not pass verification.)
  530.  
  531. C:\Windows\System32\winlogon.exe => File is digitally signed
  532. C:\Windows\System32\wininit.exe => File is digitally signed
  533. C:\Windows\explorer.exe => File is digitally signed
  534. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  535. C:\Windows\System32\svchost.exe => File is digitally signed
  536. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  537. C:\Windows\System32\services.exe => File is digitally signed
  538. C:\Windows\System32\User32.dll => File is digitally signed
  539. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  540. C:\Windows\System32\userinit.exe => File is digitally signed
  541. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  542. C:\Windows\System32\rpcss.dll => File is digitally signed
  543. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  544.  
  545.  
  546. LastRegBack: 2015-01-09 07:52
  547.  
  548. ==================== End of log ============================
  549.  
  550.  
  551.  
  552. Addition.txt
  553.  
  554. Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
  555. Ran by Collin at 2015-06-17 21:35:00
  556. Running from C:\Users\Collin\Desktop
  557. Boot Mode: Normal
  558. ==========================================================
  559.  
  560.  
  561. ==================== Accounts: =============================
  562.  
  563. Administrator (S-1-5-21-1346664306-1066439407-2851303791-500 - Administrator - Disabled)
  564. Collin (S-1-5-21-1346664306-1066439407-2851303791-1001 - Administrator - Enabled) => C:\Users\Collin
  565. Guest (S-1-5-21-1346664306-1066439407-2851303791-501 - Limited - Disabled)
  566.  
  567. ==================== Security Center ========================
  568.  
  569. (If an entry is included in the fixlist, it will be removed.)
  570.  
  571. AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
  572. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  573. AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
  574. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  575. AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
  576. FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
  577.  
  578. ==================== Installed Programs ======================
  579.  
  580. (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  581.  
  582. µTorrent (HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
  583. 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
  584. Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
  585. Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
  586. AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3124 - Acer Incorporated)
  587. AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
  588. Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
  589. Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
  590. Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
  591. Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
  592. Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
  593. Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
  594. Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
  595. Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
  596. AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
  597. Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
  598. Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
  599. Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
  600. BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
  601. BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
  602. Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
  603. CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
  604. clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
  605. clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
  606. Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
  607. CtrlPanel (HKLM-x32\...\{85DDD163-47A4-4751-A9F7-61CC86F8EE9C}) (Version: 1.00.0521 - Wistron)
  608. CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
  609. CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
  610. Dropbox (HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
  611. eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
  612. Elgato Game Capture HD (HKLM-x32\...\{0392D055-3112-444D-831A-64DF12D9C151}) (Version: 1.42.19.534 - Elgato Systems GmbH)
  613. Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
  614. Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
  615. Epson E-Web Print (HKLM-x32\...\{E904F572-D7DB-43C1-929F-043F267FC77D}) (Version: 1.22.0000 - SEIKO EPSON CORPORATION)
  616. EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
  617. EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
  618. ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
  619. Game Capture HD v2.3.3.38 (HKLM-x32\...\Game Capture HD v2.3.3.38) (Version: 2.3.3.38 - Elgato Systems)
  620. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
  621. Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
  622. Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
  623. Gpg4win (2.2.4) (HKLM-x32\...\GPG4Win) (Version: 2.2.4 - The Gpg4win Project)
  624. Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
  625. Horizon v2.7.9.3 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.9.3 - Daring Development Inc.)
  626. Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
  627. Hotspot Shield 4.15.3 (HKLM-x32\...\HotspotShield) (Version: 4.15.3 - AnchorFree Inc.)
  628. idcloak VPN (HKLM-x32\...\idcloak VPN) (Version: 2.1.3 - idcloak Technologies Inc.)
  629. Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
  630. iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - )
  631. Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
  632. Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
  633. Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
  634. Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
  635. Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
  636. IR App (HKLM-x32\...\{699D0EFA-5AC2-4DAB-846E-E4EFDA00ACAC}) (Version: 1.0.0.2 - Acer)
  637. ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.02.0014 - ITE)
  638. iTools 3 (HKLM-x32\...\ThinkSky) (Version: - 深圳市创想天空科技有限公司)
  639. iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
  640. Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
  641. KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.5.0.0 - QFX Software Corporation)
  642. Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
  643. Malwarebytes Anti-Exploit version 1.06.1.1019 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.06.1.1019 - Malwarebytes)
  644. Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
  645. Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
  646. Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
  647. Microsoft SkyDrive (HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
  648. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  649. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
  650. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
  651. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
  652. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  653. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  654. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  655. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
  656. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  657. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  658. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  659. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  660. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  661. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  662. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  663. Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
  664. Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
  665. Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
  666. Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
  667. MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
  668. MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
  669. MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
  670. MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
  671. Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
  672. Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
  673. Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
  674. Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
  675. Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
  676. Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
  677. Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
  678. PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
  679. PointGrab Hand Gesture Control (HKLM-x32\...\InstallShield_{4B145183-E986-4585-ADDF-0C73DB575112}) (Version: 3.2.0.10495 - PointGrab)
  680. PointGrab Hand Gesture Control (x32 Version: 3.2.0.10495 - PointGrab) Hidden
  681. PointGrab Hand Gesture Control Tutorial (HKLM-x32\...\InstallShield_{92586A21-3E08-4055-B413-8ACCAAB50A42}) (Version: 3.2.0.9896 - PointGrab)
  682. PointGrab Hand Gesture Control Tutorial (x32 Version: 3.2.0.9896 - PointGrab) Hidden
  683. Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
  684. PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
  685. Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
  686. Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.31 - Qualcomm Atheros)
  687. QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
  688. Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
  689. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
  690. Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
  691. Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
  692. Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
  693. Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
  694. Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
  695. Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
  696. Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
  697. Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
  698. Sling (HKLM-x32\...\{8AF43405-009A-407B-ABDC-54C28AB56B10}) (Version: 4.8.110 - Echostar)
  699. Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
  700. Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
  701. Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.4.0.0 - IObit)
  702. Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
  703. TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
  704. Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
  705. TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
  706. TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
  707. Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
  708. Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
  709. Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
  710. Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
  711. Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
  712. Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
  713. Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
  714.  
  715. ==================== Custom CLSID (Whitelisted): ==========================
  716.  
  717. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  718.  
  719.  
  720. ==================== Restore Points =========================
  721.  
  722. 24-04-2015 21:38:48 Windows Update
  723. 30-04-2015 19:18:41 Installed Sling
  724. 13-05-2015 21:22:27 Windows Update
  725. 19-05-2015 17:44:34 Windows Update
  726. 05-06-2015 20:45:01 Windows Update
  727. 12-06-2015 13:08:56 Windows Update
  728.  
  729. ==================== Hosts content: ===============================
  730.  
  731. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  732.  
  733. 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
  734.  
  735. ==================== Scheduled Tasks (Whitelisted) =============
  736.  
  737. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  738.  
  739. Task: {1543E9C1-5BFD-41A6-BF67-F385CAFB1367} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
  740. Task: {1A9D2212-9B36-4CC0-B86F-6C9D208D252D} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
  741. Task: {1C989C1D-AC65-44AC-8698-4E35654F3410} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-12] (Microsoft Corporation)
  742. Task: {241D295A-88B9-40C6-948B-23513B482C70} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
  743. Task: {2804F5FB-0C09-47B0-A0EE-530529C0601C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
  744. Task: {2839E239-60EB-49CC-AD39-9274029FF370} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
  745. Task: {383FA9DF-2C08-43B3-B156-11E2446B7A26} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
  746. Task: {3F2BA1FF-7E40-478F-9FED-D42D0C3F5605} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
  747. Task: {40638A68-FA1A-44AD-BE58-F5959C62C658} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
  748. Task: {41B9607E-1C2A-40B5-A5BB-07A7DA56387F} - System32\Tasks\GoogleUpdateTaskMachineCore1cfff6e6e2919e9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
  749. Task: {460BC0CD-8789-4A9A-B2C5-F16C3E9A5F73} - System32\Tasks\{F6E777D9-71A8-439E-9EB2-4986FBCDF3B3} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&page=tsBing
  750. Task: {47C989E6-13B3-4C5E-87FE-B437003A8170} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-11] (Egis Technology Inc.)
  751. Task: {4A3D6C2B-4B48-4482-BC6B-C50F07E9BD88} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-buddyboy763@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
  752. Task: {4D77E936-8F19-452F-9E3C-7C9552CAA67A} - System32\Tasks\EPSON XP-410 Series Invitation {F962D1A1-2262-4B5D-AC57-58BEC021FE8F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2014-11-20] (SEIKO EPSON CORPORATION)
  753. Task: {5674A9DF-591C-425F-A945-9B02A29C5CA9} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\SymErr.exe
  754. Task: {56A0C051-C61F-4442-B9C2-097747A69F0D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
  755. Task: {5E2BDDA3-51EA-4327-B0DC-8756759B2142} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
  756. Task: {6270FA12-FBC8-44F8-A71D-54E5B5E73CF1} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
  757. Task: {66C72E69-F064-445A-BA67-48B178E7808E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
  758. Task: {6CD04B2E-7C54-46DC-854D-CB0039FE9402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
  759. Task: {764D90B2-0F82-481A-B28E-B175C29FCF37} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rvex@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
  760. Task: {771EAE20-C704-4011-B96D-F8671CBFA3D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
  761. Task: {7EEBD64D-6664-449E-BA25-D6B21334B7CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
  762. Task: {821B84CB-2C8D-4C80-B3EF-4F31E3FDECCE} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-19] (CyberLink)
  763. Task: {9033483E-E98B-48FC-88E0-3C8295509B77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
  764. Task: {94BB5223-A2E8-4B64-8B98-BFA11A8C8971} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
  765. Task: {98CDBBAB-C6C2-45EF-81CC-0E684A9E8A1F} - System32\Tasks\EPSON XP-410 Series Update {F962D1A1-2262-4B5D-AC57-58BEC021FE8F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2014-11-20] (SEIKO EPSON CORPORATION)
  766. Task: {AF521E24-721B-4DB1-B750-666E58DA915B} - System32\Tasks\AdobeAAMUpdater-1.0-Collin-Collin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
  767. Task: {B7CAF869-ADAE-4FA2-A4E3-3769CA59C796} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2015-01-13] (IObit)
  768. Task: {BFF60542-A527-450F-8479-4485EA01B99A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)
  769. Task: {C8305FE8-A988-4221-93A2-0C650FDEE8F1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
  770. Task: {CA7E9B5F-332B-4153-B6AA-A52F6599D2DF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\SymErr.exe
  771. Task: {CF821E06-2B30-4162-81FB-FD38D11924C0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
  772. Task: {D21F57C8-B4F8-4D54-9220-F26B2ABD4E9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
  773. Task: {DD4810DE-CF74-4E80-B081-ECD3A85A85E0} - System32\Tasks\iToolsDaemon => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [2015-06-09] ()
  774. Task: {DE4EF0F7-6DA0-460C-815B-6F34E3EB1EF0} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-09-20] (Acer Incorporated)
  775. Task: {E8773646-C5A4-41F1-BADB-C06D8CC5BDBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
  776. Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  777. Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Collin.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
  778. Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
  779. Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE:/EXE:{F962D1A1-2262-4B5D-AC57-58BEC021FE8F} /F:UpdateWORKGROUP\COLLIN$
  780. Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
  781. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  782. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfff6e6e2919e9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  783. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  784. Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
  785. Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
  786. Task: C:\WINDOWS\Tasks\iToolsDaemon.job => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
  787. Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
  788.  
  789. ==================== Loaded Modules (Whitelisted) ==============
  790.  
  791. 2015-02-01 17:29 - 2014-08-27 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
  792. 2015-02-01 17:29 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
  793. 2015-02-01 17:29 - 2014-12-17 15:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
  794. 2015-02-01 17:29 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
  795. 2015-05-06 19:09 - 2015-05-06 19:09 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpbr.mdl
  796. 2015-05-06 19:09 - 2015-05-06 19:09 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpdsp.mdl
  797. 2015-05-06 19:09 - 2015-05-06 19:09 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpph.mdl
  798. 2015-05-06 19:09 - 2015-05-06 19:09 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttprbl.mdl
  799. 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
  800. 2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
  801. 2015-03-17 09:21 - 2015-03-17 09:21 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
  802. 2015-06-03 17:59 - 2015-06-03 17:59 - 00589520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
  803. 2013-04-25 08:44 - 2012-05-10 23:36 - 00179712 _____ () C:\Program Files\acerIR\IRSrv.exe
  804. 2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
  805. 2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
  806. 2012-06-21 21:12 - 2012-06-21 21:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
  807. 2015-06-09 21:59 - 2015-06-09 21:59 - 00438648 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
  808. 2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
  809. 2012-11-09 18:06 - 2012-11-09 18:06 - 00384128 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ContactsApi.dll
  810. 2012-11-09 18:04 - 2012-11-09 18:04 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
  811. 2012-11-09 18:06 - 2012-11-09 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
  812. 2015-05-04 14:25 - 2015-05-04 14:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
  813. 2015-03-17 09:07 - 2015-03-17 09:07 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
  814. 2015-03-17 08:54 - 2015-03-17 08:54 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
  815. 2015-03-17 09:07 - 2015-03-17 09:07 - 00070656 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
  816. 2015-03-17 09:10 - 2015-03-17 09:10 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
  817. 2015-03-17 09:01 - 2015-03-17 09:01 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
  818. 2015-06-03 17:57 - 2015-06-03 17:57 - 01749200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
  819. 2015-06-03 18:19 - 2015-06-03 18:19 - 00616144 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.15.3.dll
  820. 2015-04-24 20:03 - 2015-04-24 20:03 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
  821. 2009-03-27 15:02 - 2009-03-27 15:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
  822. 2009-03-27 15:02 - 2009-03-27 15:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
  823. 2014-06-01 19:41 - 2013-12-09 16:10 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
  824. 2014-06-01 19:41 - 2013-12-09 16:10 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
  825. 2014-06-01 19:41 - 2013-12-09 16:10 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
  826. 2015-06-09 21:59 - 2015-06-09 21:59 - 01234296 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MiscCore.dll
  827. 2015-06-09 21:59 - 2015-06-09 21:59 - 00279416 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\TSLib.dll
  828. 2015-06-09 21:59 - 2015-06-09 21:59 - 00548728 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\UICore.dll
  829. 2015-06-09 21:59 - 2015-06-09 21:59 - 00548728 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Sqlite.dll
  830. 2015-06-09 21:59 - 2015-06-09 21:59 - 00103288 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\ZLib.dll
  831. 2014-06-01 19:41 - 2013-12-09 16:10 - 00089920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
  832. 2014-06-01 19:41 - 2013-12-09 16:10 - 00039744 _____ () C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
  833. 2014-06-01 19:41 - 2013-12-09 16:11 - 00041280 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
  834. 2013-04-25 08:49 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
  835. 2015-06-09 13:34 - 2015-06-05 13:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
  836. 2015-06-09 13:34 - 2015-06-05 13:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
  837.  
  838. ==================== Alternate Data Streams (Whitelisted) =========
  839.  
  840. (If an entry is included in the fixlist, only the ADS will be removed.)
  841.  
  842. AlternateDataStreams: C:\Users\Collin\SkyDrive:ms-properties
  843. AlternateDataStreams: C:\Users\Collin\SkyDrive.old:ms-properties
  844. AlternateDataStreams: C:\Users\Collin\Desktop\FRST64.exe:BDU
  845. AlternateDataStreams: C:\Users\Collin\Downloads\BlueStacks-ThinInstaller.exe:BDU
  846. AlternateDataStreams: C:\Users\Collin\Downloads\ccsetup506pro.exe:BDU
  847. AlternateDataStreams: C:\Users\Collin\Downloads\chromeinstall-8u31.exe:BDU
  848. AlternateDataStreams: C:\Users\Collin\Downloads\EpsonConnect130.exe:BDU
  849. AlternateDataStreams: C:\Users\Collin\Downloads\ExterminateItSetup.exe:BDU
  850. AlternateDataStreams: C:\Users\Collin\Downloads\fwsetup.exe:BDU
  851. AlternateDataStreams: C:\Users\Collin\Downloads\gpg4win-2.2.4.exe:BDU
  852. AlternateDataStreams: C:\Users\Collin\Downloads\GRID Workspace-Win.exe:BDU
  853. AlternateDataStreams: C:\Users\Collin\Downloads\ifunbox2014_setup.exe:BDU
  854. AlternateDataStreams: C:\Users\Collin\Downloads\ifunbox_setup (1).exe:BDU
  855. AlternateDataStreams: C:\Users\Collin\Downloads\InstaReg.exe:BDU
  856. AlternateDataStreams: C:\Users\Collin\Downloads\itunes6464setup.exe:BDU
  857. AlternateDataStreams: C:\Users\Collin\Downloads\mbam-setup-2.1.6.1022.exe:BDU
  858. AlternateDataStreams: C:\Users\Collin\Downloads\Popcorn-Time-0.3.7.1-Setup.exe:BDU
  859. AlternateDataStreams: C:\Users\Collin\Downloads\PopcornTime-latest.exe:BDU
  860. AlternateDataStreams: C:\Users\Collin\Downloads\spybot-2.4.exe:BDU
  861. AlternateDataStreams: C:\Users\Collin\Downloads\TrueCrypt-7.2.exe:BDU
  862.  
  863. ==================== Safe Mode (Whitelisted) ===================
  864.  
  865. (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  866.  
  867.  
  868. ==================== EXE Association (Whitelisted) ===============
  869.  
  870. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  871.  
  872.  
  873. ==================== Internet Explorer trusted/restricted ===============
  874.  
  875. (If an entry is included in the fixlist, it will be removed from the registry.)
  876.  
  877. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\008i.com -> 008i.com
  878. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\008k.com -> 008k.com
  879. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\00hq.com -> 00hq.com
  880. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0190-dialers.com -> 0190-dialers.com
  881. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\01i.info -> 01i.info
  882. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
  883. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\05p.com -> 05p.com
  884. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
  885. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
  886. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
  887. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0calories.net -> 0calories.net
  888. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0cj.net -> 0cj.net
  889. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0scan.com -> 0scan.com
  890. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
  891. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
  892. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1-se.com -> 1-se.com
  893. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1001movie.com -> 1001movie.com
  894. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1001night.biz -> 1001night.biz
  895. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\100gal.net -> 100gal.net
  896. IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\100sexlinks.com -> 100sexlinks.com
  897.  
  898. There are 4788 more restricted sites.
  899.  
  900. ==================== Other Areas ============================
  901.  
  902. (Currently there is no automatic fix for this section.)
  903.  
  904. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Collin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop bg.jpg
  905. DNS Servers: 71.10.216.1 - 71.10.216.2
  906.  
  907. ==================== MSCONFIG/TASK MANAGER disabled items ==
  908.  
  909. (Currently there is no automatic fix for this section.)
  910.  
  911. MSCONFIG\startupreg: Adobe Creative Cloud => "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" --showwindow=false --onosstartup=true
  912. MSCONFIG\startupreg: FileZilla Server Interface => c:\program files (x86)\filezilla server\filezilla server interface.exe
  913. HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
  914. HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
  915.  
  916. ==================== FirewallRules (Whitelisted) ===============
  917.  
  918. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  919.  
  920. FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
  921. FirewallRules: [{4421697A-56C5-4895-89C2-0F63740BA250}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  922. FirewallRules: [{41390145-2CAC-4B24-A558-E8DDEE9553E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  923. FirewallRules: [{136DEACF-FB2B-4D63-AC13-78099578E179}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  924. FirewallRules: [{065128F6-A062-4BC4-92A0-5CF3AE9C19A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  925. FirewallRules: [{B80E22AE-ABF6-4B47-B178-2991ED92DBF6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
  926. FirewallRules: [{47805AB1-A6FA-4080-A220-3BF8D0EF0714}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
  927. FirewallRules: [{2646C90E-2087-49CC-9140-4232F6A864E4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
  928. FirewallRules: [{3DC1B1F5-D693-4521-B518-7B75ABA0424C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
  929. FirewallRules: [{723F1A79-D1A3-47F8-91B3-D4464C4B4E20}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
  930. FirewallRules: [{30664A8D-1FD4-4B72-B712-2F03BA65F70E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
  931. FirewallRules: [{12328C00-9CDF-49A0-B74B-CCFD6FF29CFB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
  932. FirewallRules: [{24928BB9-E004-4096-AF7A-805B6BE083DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
  933. FirewallRules: [UDP Query User{F4E77B8D-957D-42CA-8315-21B6DB748C02}C:\program files (x86)\idcloak vpn\idcloakvpn.exe] => (Allow) C:\program files (x86)\idcloak vpn\idcloakvpn.exe
  934. FirewallRules: [TCP Query User{52465AE0-EC91-4FA5-85D9-10AAD90719D0}C:\program files (x86)\idcloak vpn\idcloakvpn.exe] => (Allow) C:\program files (x86)\idcloak vpn\idcloakvpn.exe
  935. FirewallRules: [{2FA338C8-4663-4378-84EC-8730A3723A63}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
  936. FirewallRules: [{5C6F7E7B-2832-491A-A3A9-886D4D9384A1}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
  937. FirewallRules: [{9356491A-3C43-4BBA-B661-2D33B3F63E48}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
  938. FirewallRules: [{1876EBFF-6532-44D1-8330-02EBAF1B1F04}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
  939. FirewallRules: [{D040D671-25E8-4721-852E-0D8E1ECD5A91}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
  940. FirewallRules: [{CBADB845-0252-42B4-90D1-301337BACC24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
  941. FirewallRules: [{259AEC33-B61A-4EE0-BB95-D248D3E1E8DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
  942. FirewallRules: [{887CB016-3CA0-4A85-AA15-EA2C9C197542}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  943. FirewallRules: [{B0F309CD-6461-4B76-AF33-10635339D52D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  944. FirewallRules: [{9D860651-9646-435A-88BC-4EF0FF79ED0F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  945. FirewallRules: [{6442B841-76DE-4A0C-B955-28BB921DE72A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  946. FirewallRules: [{69D6938A-17ED-418F-8AA2-F5CB6F5F314E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
  947. FirewallRules: [{7AC104F8-DFB9-4BD0-82C0-AF3C3BCDDA6F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
  948. FirewallRules: [{B6DB293F-7725-4065-B720-260639F73FCA}] => (Allow) C:\Users\Collin\AppData\Roaming\uTorrent\uTorrent.exe
  949. FirewallRules: [{30A57E24-F58D-4695-844E-F1EE3FC67053}] => (Allow) C:\Users\Collin\AppData\Roaming\uTorrent\uTorrent.exe
  950. FirewallRules: [{E21DBAC7-1081-4FA4-8F99-242DD0B938A7}] => (Allow) C:\Users\Collin\Downloads\uTorrent.exe
  951. FirewallRules: [{C087CB4D-B83B-46E6-86F8-DD9870F65698}] => (Allow) C:\Users\Collin\Downloads\uTorrent.exe
  952. FirewallRules: [{40912554-7839-406D-AAAF-1B440CC7C8C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
  953. FirewallRules: [{98BBDD1B-5B38-4C7B-BA3F-63A64D342667}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
  954. FirewallRules: [{05BC3D9B-40E6-4331-B67F-60D8D05F2774}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
  955. FirewallRules: [{90F2714C-EB4A-4241-A7BF-5C837DAE0242}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
  956. FirewallRules: [{DBF7401B-8882-4F69-9ABD-4D7ED45EEAEB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
  957. FirewallRules: [{16ADB2E3-A60F-4952-A3E0-5590E008E3DB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
  958. FirewallRules: [{6BBE2751-819B-4D84-A7EE-02ADCBF7A836}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
  959. FirewallRules: [{D5B4384E-EC61-40B1-B403-AECFA17D4D44}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
  960. FirewallRules: [{9CFCBA6D-C50F-44E5-907A-14F686851878}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
  961. FirewallRules: [{68311DD1-30E6-440C-B03F-D546C902AB93}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
  962. FirewallRules: [{20A05DA9-6CAF-4F99-B2A5-5A4D589B0ADF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
  963. FirewallRules: [{14D44174-0098-4E52-8F02-15673B2ED3CB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
  964. FirewallRules: [{56FCCA47-DA49-4212-AF9C-6F0C44C9C9BF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
  965. FirewallRules: [{F04F9F9F-36D8-4A13-B7A0-852D1060931C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
  966. FirewallRules: [{5FFE6256-BA2C-42D1-83C7-E957A0177D54}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
  967. FirewallRules: [{AA0864EF-8F4C-4458-AD01-9B936673A2EA}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
  968. FirewallRules: [{400BAB89-DFEB-4DA6-85C5-15D3686C385C}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
  969. FirewallRules: [{57F1D154-6CF4-4D83-BC8F-7E48F1DEE282}] => (Allow) C:\Users\Collin\AppData\Roaming\Dropbox\bin\Dropbox.exe
  970. FirewallRules: [{C30A2C7D-E426-4480-84DD-CAA6B6C49D2E}] => (Allow) C:\Users\Collin\AppData\Roaming\Dropbox\bin\Dropbox.exe
  971. FirewallRules: [{D47AB09A-0630-4F38-984B-9F314E3D6610}] => (Allow) C:\Users\Collin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
  972. FirewallRules: [TCP Query User{D378E477-8CE7-4084-9B5F-2885CF11B04E}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
  973. FirewallRules: [UDP Query User{6B01B677-F7F0-420A-A868-DCB8604144D4}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
  974. FirewallRules: [TCP Query User{8F110AC8-3AC4-429E-82B0-1411D32CD3FB}C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe
  975. FirewallRules: [UDP Query User{E0A18F38-2AE5-448C-AC23-583E0E8BD4E2}C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe
  976. FirewallRules: [TCP Query User{B0AAD80E-DB11-4FF2-8983-310BC8A060AC}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\collin\appdata\roaming\spotify\spotify.exe
  977. FirewallRules: [UDP Query User{47154068-621D-4004-BD30-8C55703B669F}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\collin\appdata\roaming\spotify\spotify.exe
  978. FirewallRules: [{C37C54DD-2ABC-4BE2-B29D-12EF2DBC49C2}] => (Allow) LPort=1604
  979. FirewallRules: [{F2ACF29B-C44E-47CF-A7DD-ECA0D236F121}] => (Allow) LPort=1604
  980. FirewallRules: [TCP Query User{D9868022-EEB0-45A0-8450-C3AFF64EF312}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
  981. FirewallRules: [UDP Query User{A6807CEC-3C44-478F-879B-814E2FE2E79C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
  982. FirewallRules: [TCP Query User{9F9014FC-9118-40A7-8C04-48A9CD2D5293}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
  983. FirewallRules: [UDP Query User{42C8E438-5954-40CD-838B-A9D1C717DD10}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
  984. FirewallRules: [TCP Query User{1195BE4E-9A9C-4142-AA5C-B238EF83125F}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\collin\appdata\roaming\spotify\spotify.exe
  985. FirewallRules: [UDP Query User{E6B4C7ED-269F-4B0F-BB90-257C3075AABD}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\collin\appdata\roaming\spotify\spotify.exe
  986. FirewallRules: [TCP Query User{1A90E0B6-71A7-4BDC-9EC0-AE2C366930FD}C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
  987. FirewallRules: [UDP Query User{86E4300E-5EC0-45BA-BC6A-00D4A5C56FD9}C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
  988. FirewallRules: [{DE8D628D-E8F0-4A1E-A8F6-C55D2B8BA79F}] => (Block) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
  989. FirewallRules: [{4C471F95-1632-48F8-B9ED-3FFD9B066F09}] => (Block) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
  990. FirewallRules: [TCP Query User{164060A8-FB45-4C4D-ABD9-D2566C27B541}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
  991. FirewallRules: [UDP Query User{A23CA021-C262-436A-94C4-F1A06C08141C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
  992. FirewallRules: [{022BFC82-5CFF-4AB6-AF31-4BD983442408}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  993. FirewallRules: [{F624C900-9477-4DDE-B43C-300885759B14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  994. FirewallRules: [{A0E1C7EC-6136-4626-8C76-0E989E303DCB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  995. FirewallRules: [{7F1B3AF1-AF09-47AA-87DA-7FEC343FD5A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  996. FirewallRules: [{BFEBDEC7-9D83-4E54-B09E-9FE7CCDD4565}] => (Allow) C:\Program Files\iTunes\iTunes.exe
  997. FirewallRules: [{FA7AC87A-3BB0-4524-974B-233D52AC50C9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
  998. FirewallRules: [{DADF4E84-72FC-4DF2-84A0-F25199DBC471}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
  999. FirewallRules: [{595E1874-38E2-456A-97C2-F67766EBC673}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
  1000. FirewallRules: [{B265945B-C42F-43C2-A89B-7C794504422F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
  1001. FirewallRules: [{66FCFF4C-5407-4644-9A9C-BE1881125328}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
  1002. FirewallRules: [{271A411D-72A3-42CC-82B5-F06F722D121C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
  1003. FirewallRules: [TCP Query User{2679D3CF-7A1D-4F8C-8A93-C52B59DE6E12}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
  1004. FirewallRules: [UDP Query User{66AECD26-2511-44D3-802D-A71F82ED0FC1}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
  1005. FirewallRules: [TCP Query User{66F1B7E8-37C2-4C03-A545-123AE2342404}C:\programdata\sling\sling.exe] => (Block) C:\programdata\sling\sling.exe
  1006. FirewallRules: [UDP Query User{94B78FD9-8135-4427-BDA5-994B3765A808}C:\programdata\sling\sling.exe] => (Block) C:\programdata\sling\sling.exe
  1007. FirewallRules: [{143EB4FB-914F-4529-BEF4-FC001B1A7BA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  1008.  
  1009. ==================== Faulty Device Manager Devices =============
  1010.  
  1011. Name: Virtual Bluetooth Support (Include Audio)
  1012. Description: Virtual Bluetooth Support (Include Audio)
  1013. Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
  1014. Manufacturer: Qualcomm Atheros Communications
  1015. Service: AthBTPort
  1016. Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
  1017. Resolution: Update the driver
  1018.  
  1019.  
  1020. ==================== Event log errors: =========================
  1021.  
  1022. Application errors:
  1023. ==================
  1024. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1025. Description: Windows cannot load classes registry file.
  1026. DETAIL - The configuration registry database is corrupt.
  1027.  
  1028. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1029. Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
  1030.  
  1031. DETAIL - The configuration registry database is corrupt.
  1032. for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1033.  
  1034. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1035. Description: Windows cannot load classes registry file.
  1036. DETAIL - The configuration registry database is corrupt.
  1037.  
  1038. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1039. Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
  1040.  
  1041. DETAIL - The configuration registry database is corrupt.
  1042. for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1043.  
  1044. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1045. Description: Windows cannot load classes registry file.
  1046. DETAIL - The configuration registry database is corrupt.
  1047.  
  1048. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1049. Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
  1050.  
  1051. DETAIL - The configuration registry database is corrupt.
  1052. for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1053.  
  1054. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1055. Description: Windows cannot load classes registry file.
  1056. DETAIL - The configuration registry database is corrupt.
  1057.  
  1058. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1059. Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
  1060.  
  1061. DETAIL - The configuration registry database is corrupt.
  1062. for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1063.  
  1064. Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1065. Description: Windows cannot load classes registry file.
  1066. DETAIL - The configuration registry database is corrupt.
  1067.  
  1068. Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1069. Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
  1070.  
  1071. DETAIL - The configuration registry database is corrupt.
  1072. for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1073.  
  1074.  
  1075. System errors:
  1076. =============
  1077. Error: (06/17/2015 09:33:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1078. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Amazon.com.Amazon.
  1079.  
  1080. Error: (06/17/2015 09:32:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1081. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: AcerIncorporated.AcerExplorer.
  1082.  
  1083. Error: (06/17/2015 09:32:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1084. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.FreshPaint.
  1085.  
  1086. Error: (06/17/2015 09:32:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1087. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 4DF9E0F8.Netflix.
  1088.  
  1089. Error: (06/17/2015 09:32:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1090. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.XboxCompanion.
  1091.  
  1092. Error: (06/17/2015 09:32:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1093. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: esobiIncorporated.newsXpressoMetro.
  1094.  
  1095. Error: (06/17/2015 09:27:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  1096. Description: The Advanced SystemCare Service 7 service terminated unexpectedly. It has done this 1 time(s).
  1097.  
  1098. Error: (06/17/2015 09:24:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1099. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: HuluLLC.HuluPlus.
  1100.  
  1101. Error: (06/17/2015 09:24:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1102. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 7digitalLtd.7digitalMusicStore.
  1103.  
  1104. Error: (06/17/2015 09:23:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  1105. Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.WindowsReadingList.
  1106.  
  1107.  
  1108. Microsoft Office:
  1109. =========================
  1110. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1111. Description: The configuration registry database is corrupt.
  1112.  
  1113. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1114. Description: The configuration registry database is corrupt.
  1115. C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1116.  
  1117. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1118. Description: The configuration registry database is corrupt.
  1119.  
  1120. Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1121. Description: The configuration registry database is corrupt.
  1122. C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1123.  
  1124. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1125. Description: The configuration registry database is corrupt.
  1126.  
  1127. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1128. Description: The configuration registry database is corrupt.
  1129. C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1130.  
  1131. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1132. Description: The configuration registry database is corrupt.
  1133.  
  1134. Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1135. Description: The configuration registry database is corrupt.
  1136. C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1137.  
  1138. Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
  1139. Description: The configuration registry database is corrupt.
  1140.  
  1141. Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
  1142. Description: The configuration registry database is corrupt.
  1143. C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
  1144.  
  1145.  
  1146. ==================== Memory info ===========================
  1147.  
  1148. Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
  1149. Percentage of memory in use: 34%
  1150. Total physical RAM: 6027.22 MB
  1151. Available physical RAM: 3960.83 MB
  1152. Total Pagefile: 12171.22 MB
  1153. Available Pagefile: 3932.36 MB
  1154. Total Virtual: 131072 MB
  1155. Available Virtual: 131071.8 MB
  1156.  
  1157. ==================== Drives ================================
  1158.  
  1159. Drive c: (Acer) (Fixed) (Total:914.76 GB) (Free:746.22 GB) NTFS
  1160.  
  1161. ==================== MBR & Partition Table ==================
  1162.  
  1163. ========================================================
  1164. Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
  1165.  
  1166. Partition: GPT Partition Type.
  1167.  
  1168. ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement