Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- FRST.txt
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
- Ran by Collin (administrator) on COLLIN on 17-06-2015 21:34:03
- Running from C:\Users\Collin\Desktop
- Loaded Profiles: Collin (Available Profiles: Collin)
- Platform: Windows 8.1 (X64) OS Language: English (United States)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
- (Datpol) C:\Program Files (x86)\SpyShelter Firewall\SpyShelterSrv.exe
- (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
- (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
- (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
- (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
- (Wistron) C:\Windows\SysWOW64\CtrlPanel.exe
- (Microsoft Corporation) C:\Windows\System32\dasHost.exe
- () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
- (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
- (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
- () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
- (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
- () C:\Program Files\acerIR\IRSrv.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
- (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
- (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
- (PointGrab LTD) C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe
- (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
- (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
- () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
- (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
- (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
- (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
- (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
- (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
- (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
- (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
- (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
- (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
- (Intel Corporation) C:\Windows\System32\igfxtray.exe
- (Intel Corporation) C:\Windows\System32\hkcmd.exe
- (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
- (Intel Corporation) C:\Windows\System32\igfxpers.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
- (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
- (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
- (Spotify Ltd) C:\Users\Collin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
- (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
- (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
- (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
- (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
- (Wistron) C:\Windows\SysWOW64\CtrlPanel.exe
- (PointGrab LTD) C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGPanel.exe
- (Corp) C:\Program Files\acerIR\IRListenApp.exe
- (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
- (ITE Tech. Inc.) C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
- (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
- (QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
- (QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
- (Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
- (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
- () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
- (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
- (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
- (Microsoft Corporation) C:\Windows\System32\rundll32.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
- ==================== Registry (Whitelisted) ==================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-06-01] (Realtek Semiconductor)
- HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2012-11-09] ()
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
- HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-18] (Bitdefender)
- HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
- HKLM-x32\...\Run: [WCtrlPanel] => C:\Windows\SysWOW64\CtrlPanel.exe [229376 2011-05-20] (Wistron)
- HKLM-x32\...\Run: [IRApp] => C:\Program Files\acerIR\IRListenApp.exe [359424 2012-05-14] (Corp)
- HKLM-x32\...\Run: [CIRAP] => C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe [604304 2012-07-06] (ITE Tech. Inc.)
- HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2618680 2015-04-08] (Malwarebytes Corporation)
- HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508744 2014-10-26] (QFX Software Corporation)
- HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
- HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
- HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
- Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
- HKLM\...\Policies\Explorer: [NoControlPanel] 0
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [Spotify Web Helper] => C:\Users\Collin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-27] (Spotify Ltd)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-10] (Bitdefender)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-10-28] (Microsoft Corporation)
- HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-28] (Microsoft Corporation)
- HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-28] (Microsoft Corporation)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hand Gesture Control.lnk [2013-04-25]
- ShortcutTarget: Hand Gesture Control.lnk -> C:\Windows\Installer\{4B145183-E986-4585-ADDF-0C73DB575112}\NewShortcut2_B6E756492E054C52892B86CE7391EFC9.exe (Flexera Software LLC)
- Startup: C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-11]
- ShortcutTarget: Dropbox.lnk -> C:\Users\Collin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
- ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
- ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
- ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
- ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
- ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
- ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
- ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
- ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
- ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
- ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
- ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
- ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
- ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
- ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
- ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
- SearchScopes: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001 -> DefaultScope {BA42385E-D3C5-489C-A4A4-F951A3276544} URL =
- SearchScopes: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001 -> {BA42385E-D3C5-489C-A4A4-F951A3276544} URL =
- BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
- BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
- BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2012-11-09] (Qualcomm Atheros Commnucations)
- BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
- BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Collin\Documents\iTools\Plugin\iToolsBHO64.dll [2015-01-17] (iTools.hk)
- BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
- BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-10] (Bitdefender)
- BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
- BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-12] (Oracle Corporation)
- BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)
- BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Collin\Documents\iTools\Plugin\iToolsBHO.dll [2015-01-17] (iTools.hk)
- Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
- Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-10] (Bitdefender)
- Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
- Toolbar: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
- Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
- Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
- FireFox:
- ========
- FF ProfilePath: C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default
- FF NetworkProxy: "ftp", "194.44.237.218"
- FF NetworkProxy: "ftp_port", 8080
- FF NetworkProxy: "gopher", "194.44.237.218"
- FF NetworkProxy: "gopher_port", 8080
- FF NetworkProxy: "http", "194.44.237.218"
- FF NetworkProxy: "http_port", 8080
- FF NetworkProxy: "socks", "194.44.237.218"
- FF NetworkProxy: "socks_port", 8080
- FF NetworkProxy: "ssl", "194.44.237.218"
- FF NetworkProxy: "ssl_port", 8080
- FF NetworkProxy: "type", 0
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
- FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Users\Collin\Documents\iTools\Plugin\npiTools.dll [2015-01-17] ()
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
- FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
- FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-05-26] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
- FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
- FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
- FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB)
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
- FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Users\Collin\Documents\iTools\Plugin\npiTools.dll [2015-01-17] ()
- FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
- FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
- FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-26] (Pando Networks)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-05-26] (Adobe Systems)
- FF Plugin HKU\S-1-5-21-1346664306-1066439407-2851303791-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-03-26] (Pando Networks)
- FF user.js: detected! => C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\user.js [2014-10-13]
- FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
- FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
- FF Extension: iMacros for Firefox - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-02-01]
- FF Extension: Proxy Tool - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\proxytool@proxylist.co.xpi [2014-05-21]
- FF Extension: OkayFreedom - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014-12-24]
- FF Extension: Greasemonkey - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\a80mbqxq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-16]
- FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-01-22]
- FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
- FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
- FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-02-01]
- FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
- FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-01]
- FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
- FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-03-18]
- FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
- FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
- FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
- Chrome:
- =======
- CHR Profile: C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Docs) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
- CHR Extension: (Google Drive) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
- CHR Extension: (YouTube) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
- CHR Extension: (Google Search) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
- CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-03]
- CHR Extension: (Google Wallet) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-17]
- CHR Extension: (Gmail) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]
- CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
- ==================== Services (Whitelisted) =================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
- R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations) [File not signed]
- S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
- S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
- R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
- R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
- S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
- R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-09] (Acer Incorporated)
- S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
- R2 CtrlPanel; C:\Windows\SysWOW64\CtrlPanel.exe [229376 2011-05-20] (Wistron) [File not signed]
- R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2015-03-17] () [File not signed]
- R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
- R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
- R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1169616 2015-06-03] (AnchorFree Inc.)
- S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-06-03] ()
- R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [589520 2015-06-03] ()
- R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
- S3 idcloakRouting; C:\Program Files (x86)\idcloak VPN\systray\routingservice.exe [38480 2014-09-16] ()
- S3 idcloakVPN; C:\Program Files (x86)\idcloak VPN\openvpn\openvpnserv.exe [32568 2014-09-16] (The OpenVPN Project)
- R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
- R2 IRSrv; C:\Program Files\acerIR\IRSrv.exe [179712 2012-05-10] () [File not signed]
- R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
- S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
- R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [656184 2015-04-08] (Malwarebytes Corporation)
- S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
- S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
- S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-08] (Electronic Arts)
- R2 PGService; C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe [53616 2012-08-22] (PointGrab LTD)
- R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
- R4 SpyShelterSrv; C:\Program Files (x86)\SpyShelter Firewall\SpyShelterSrv.exe [45056 2015-05-21] (Datpol) [File not signed]
- R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-09] (IObit)
- R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
- R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-18] (Bitdefender)
- S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
- ==================== Drivers (Whitelisted) ====================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 asvpndrv; C:\Windows\system32\DRIVERS\asvpndrv.sys [31744 2012-02-29] (Astrill)
- R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-10] (BitDefender)
- R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-02-10] (BitDefender)
- R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-10] (BitDefender)
- S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
- R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-02-10] (BitDefender LLC)
- R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
- S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
- S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2015-02-10] (BitDefender SRL)
- R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
- R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
- S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
- R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-04-08] ()
- R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-03-18] (BitDefender LLC)
- R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-12-23] (AnchorFree Inc.)
- S4 IObitUnlocker; C:\Users\Collin\Downloads\RAT Remover\IObit Unlocker\IObitUnlocker.sys [35256 2015-06-13] ()
- R3 ITECIRfilter; C:\Windows\system32\DRIVERS\ITECIRfilter.sys [18064 2012-06-20] (ITE Tech. Inc. )
- R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
- R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
- S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
- R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-01] (Intel Corporation)
- R3 PQAWRwa; C:\Windows\SysWOW64\PQAWDrv.sys [12384 2008-03-01] () [File not signed]
- R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [38504 2012-04-16] (Windows (R) Codename Longhorn DDK provider)
- R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
- R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-12-23] (Anchorfree Inc.)
- R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
- S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
- S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
- R4 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
- R4 Spyshelter; \??\C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.sys [X]
- R4 SpyshelterFw; \??\C:\Program Files (x86)\SpyShelter Firewall\SpyshelterWFP.sys [X]
- R4 SpyshelterKb; \??\C:\Program Files (x86)\SpyShelter Firewall\SpyshelterKb.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-06-17 21:34 - 2015-06-17 21:34 - 00031979 _____ C:\Users\Collin\Desktop\FRST.txt
- 2015-06-17 21:33 - 2015-06-17 21:34 - 00000000 ____D C:\FRST
- 2015-06-17 21:32 - 2015-06-17 21:32 - 02109952 _____ (Farbar) C:\Users\Collin\Desktop\FRST64.exe
- 2015-06-17 21:31 - 2015-06-17 21:31 - 00000085 _____ C:\WINDOWS\wininit.ini
- 2015-06-17 21:27 - 2015-06-17 21:27 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
- 2015-06-16 15:25 - 2015-06-16 15:25 - 00000022 _____ C:\WINDOWS\S.dirmngr
- 2015-06-16 15:21 - 2015-06-17 21:26 - 00000000 ____D C:\Program Files (x86)\SpyShelter Firewall
- 2015-06-16 15:19 - 2015-06-16 15:20 - 07191408 _____ (Datpol ) C:\Users\Collin\Downloads\fwsetup.exe
- 2015-06-13 16:22 - 2015-06-03 11:18 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
- 2015-06-13 16:22 - 2015-06-03 11:18 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
- 2015-06-13 15:21 - 2015-06-13 15:22 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
- 2015-06-13 15:20 - 2015-06-13 15:20 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2015-06-13 15:20 - 2015-06-13 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2015-06-13 15:20 - 2015-06-13 15:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
- 2015-06-13 15:20 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
- 2015-06-13 15:20 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
- 2015-06-13 15:20 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
- 2015-06-13 15:19 - 2015-06-13 15:20 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Collin\Downloads\mbam-setup-2.1.6.1022.exe
- 2015-06-13 15:16 - 2015-06-17 21:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
- 2015-06-13 15:16 - 2015-06-17 21:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
- 2015-06-13 15:16 - 2015-06-13 15:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
- 2015-06-13 15:15 - 2015-06-13 15:15 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Collin\Downloads\spybot-2.4.exe
- 2015-06-13 15:03 - 2015-06-13 15:03 - 00001225 _____ C:\Users\Collin\Desktop\cmd.exe.lnk
- 2015-06-13 14:41 - 2015-06-13 14:41 - 03548314 _____ C:\Users\Collin\Downloads\RAT Remover.zip
- 2015-06-13 14:41 - 2015-06-13 14:41 - 00000000 ____D C:\Users\Collin\Downloads\RAT Remover
- 2015-06-13 14:39 - 2015-06-13 14:39 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Curiolab
- 2015-06-13 14:32 - 2015-06-13 14:33 - 148828368 _____ (CURIOLAB S.M.B.A.) C:\Users\Collin\Downloads\ExterminateItSetup.exe
- 2015-06-13 13:56 - 2015-06-13 13:56 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
- 2015-06-13 13:56 - 2015-06-13 13:56 - 00000840 _____ C:\Users\Public\Desktop\CCleaner.lnk
- 2015-06-13 13:56 - 2015-06-13 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
- 2015-06-13 13:56 - 2015-06-13 13:56 - 00000000 ____D C:\Program Files\CCleaner
- 2015-06-13 13:54 - 2015-06-13 13:54 - 06552640 _____ (Piriform Ltd) C:\Users\Collin\Downloads\ccsetup506pro.exe
- 2015-06-13 12:32 - 2015-06-13 12:32 - 00000258 _____ C:\WINDOWS\Tasks\ASC7_SkipUac_Collin.job
- 2015-06-09 19:06 - 2015-04-08 17:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
- 2015-06-09 19:05 - 2015-05-25 08:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
- 2015-06-09 19:05 - 2015-05-25 08:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
- 2015-06-09 19:05 - 2015-04-13 17:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
- 2015-06-09 19:05 - 2015-04-13 17:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
- 2015-06-09 19:05 - 2015-04-09 19:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
- 2015-06-09 19:05 - 2015-04-09 19:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
- 2015-06-09 19:05 - 2015-04-08 17:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
- 2015-06-09 19:05 - 2015-04-01 17:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
- 2015-06-09 19:05 - 2015-04-01 17:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
- 2015-06-09 19:05 - 2015-03-19 22:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
- 2015-06-09 19:05 - 2015-03-19 22:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
- 2015-06-09 19:05 - 2015-03-19 21:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
- 2015-06-09 19:05 - 2015-03-19 21:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
- 2015-06-09 19:05 - 2015-03-01 20:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
- 2015-06-09 19:05 - 2015-03-01 20:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
- 2015-06-09 18:55 - 2015-05-27 09:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
- 2015-06-09 18:55 - 2015-05-27 09:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
- 2015-06-09 18:55 - 2015-05-22 22:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
- 2015-06-09 18:55 - 2015-05-22 22:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
- 2015-06-09 18:55 - 2015-05-22 22:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
- 2015-06-09 18:55 - 2015-05-22 22:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
- 2015-06-09 18:55 - 2015-05-22 22:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
- 2015-06-09 18:55 - 2015-05-22 21:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
- 2015-06-09 18:55 - 2015-05-22 21:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
- 2015-06-09 18:55 - 2015-05-22 21:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
- 2015-06-09 18:55 - 2015-05-22 21:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
- 2015-06-09 18:55 - 2015-05-22 21:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
- 2015-06-09 18:55 - 2015-05-22 21:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
- 2015-06-09 18:55 - 2015-05-22 21:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
- 2015-06-09 18:55 - 2015-05-22 21:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
- 2015-06-09 18:55 - 2015-05-22 21:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
- 2015-06-09 18:55 - 2015-05-22 21:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
- 2015-06-09 18:55 - 2015-05-22 21:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
- 2015-06-09 18:55 - 2015-05-22 21:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
- 2015-06-09 18:55 - 2015-05-22 21:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
- 2015-06-09 18:55 - 2015-05-22 14:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
- 2015-06-09 18:55 - 2015-05-22 14:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
- 2015-06-09 18:55 - 2015-05-22 14:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
- 2015-06-09 18:55 - 2015-05-22 13:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
- 2015-06-09 18:55 - 2015-05-22 13:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
- 2015-06-09 18:55 - 2015-05-22 13:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
- 2015-06-09 18:55 - 2015-05-22 13:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
- 2015-06-09 18:55 - 2015-05-22 13:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
- 2015-06-09 18:55 - 2015-05-22 13:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
- 2015-06-09 18:55 - 2015-05-22 13:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
- 2015-06-09 18:55 - 2015-05-22 13:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
- 2015-06-09 18:55 - 2015-05-22 13:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
- 2015-06-09 18:55 - 2015-05-22 13:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
- 2015-06-09 18:55 - 2015-05-22 13:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
- 2015-06-09 18:55 - 2015-05-22 13:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
- 2015-06-09 18:55 - 2015-05-22 12:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
- 2015-06-09 18:55 - 2015-05-22 12:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
- 2015-06-09 18:55 - 2015-05-22 12:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
- 2015-06-09 18:55 - 2015-05-22 12:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
- 2015-06-09 18:55 - 2015-05-22 12:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
- 2015-06-09 18:55 - 2015-05-21 11:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
- 2015-06-09 18:55 - 2015-04-24 21:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
- 2015-06-09 18:55 - 2015-04-24 21:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
- 2015-06-09 18:55 - 2015-04-16 01:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
- 2015-06-09 18:55 - 2015-03-31 23:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
- 2015-06-09 18:55 - 2015-03-31 23:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
- 2015-06-09 18:55 - 2015-03-31 23:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
- 2015-06-09 18:55 - 2015-03-31 23:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
- 2015-06-09 18:55 - 2015-03-31 22:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
- 2015-06-09 18:55 - 2015-03-31 22:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
- 2015-06-09 18:55 - 2015-03-31 22:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
- 2015-06-09 18:55 - 2015-03-31 21:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
- 2015-06-09 18:55 - 2015-03-31 21:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
- 2015-06-09 18:55 - 2015-03-31 21:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
- 2015-06-09 18:55 - 2015-03-31 21:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
- 2015-06-09 18:55 - 2015-03-31 21:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
- 2015-06-09 18:55 - 2015-03-31 21:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
- 2015-06-07 00:19 - 2015-06-07 00:20 - 00000000 ____D C:\Users\Collin\Downloads\wnetwatcher
- 2015-06-07 00:19 - 2015-06-07 00:19 - 00307782 _____ C:\Users\Collin\Downloads\wnetwatcher.zip
- 2015-06-05 21:01 - 2015-06-05 21:01 - 00000075 _____ C:\Users\Collin\Desktop\Amazon.txt
- 2015-06-05 04:16 - 2015-05-22 08:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
- 2015-06-05 04:16 - 2015-05-21 08:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
- 2015-06-05 04:16 - 2015-05-21 08:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
- 2015-06-05 04:16 - 2015-05-21 08:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
- 2015-06-05 04:16 - 2015-05-21 08:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
- 2015-06-05 04:16 - 2015-05-21 08:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
- 2015-06-05 04:16 - 2015-05-21 08:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
- 2015-06-05 04:16 - 2015-04-16 17:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
- 2015-06-03 20:14 - 2015-06-03 20:14 - 00000000 ____D C:\ProgramData\bdch
- 2015-05-29 16:50 - 2015-05-29 16:50 - 00021481 _____ C:\Users\Collin\Downloads\[kat.cr]a.ap.rocky.at.long.last.a.ap.2015.cdrip.asap.torrent
- 2015-05-25 16:02 - 2015-06-12 20:45 - 00001034 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
- 2015-05-25 15:17 - 2015-05-25 15:17 - 00011888 _____ C:\Users\Collin\Downloads\[kat.cr]fetty.wap.trap.queen.single.2014.mp3.320.kbps.vbuc.torrent
- 2015-05-22 22:28 - 2015-05-22 22:28 - 00000018 _____ C:\Users\Collin\Desktop\Oakley.txt
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-06-17 21:34 - 2015-05-17 17:29 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- 2015-06-17 21:34 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
- 2015-06-17 21:33 - 2014-04-04 14:21 - 01495348 _____ C:\WINDOWS\WindowsUpdate.log
- 2015-06-17 21:31 - 2014-03-17 21:04 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1346664306-1066439407-2851303791-1001
- 2015-06-17 21:27 - 2014-05-31 19:06 - 00000000 ____D C:\Program Files (x86)\IObit
- 2015-06-17 21:25 - 2014-10-28 21:03 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EC5F37BF-E3B6-4CC0-83E1-1C27A7F9607B}
- 2015-06-17 21:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
- 2015-06-17 06:10 - 2015-01-05 17:48 - 00000334 _____ C:\WINDOWS\Tasks\iToolsDaemon.job
- 2015-06-17 06:08 - 2014-03-17 20:39 - 00000000 ____D C:\Users\Collin\AppData\Local\Adobe
- 2015-06-16 15:35 - 2014-03-27 20:42 - 00000000 ____D C:\Users\Collin\AppData\Local\CrashDumps
- 2015-06-16 15:30 - 2014-06-11 16:26 - 00000000 ___DO C:\Users\Collin\SkyDrive
- 2015-06-16 15:27 - 2015-05-17 17:29 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfff6e6e2919e9.job
- 2015-06-16 15:27 - 2014-11-13 13:19 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- 2015-06-16 15:27 - 2014-10-19 15:02 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
- 2015-06-16 15:27 - 2014-06-01 19:41 - 00165659 _____ C:\MyXML.xml
- 2015-06-16 15:27 - 2014-05-31 19:07 - 00000000 ____D C:\ProgramData\ProductData
- 2015-06-16 15:27 - 2013-04-25 08:51 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- 2015-06-16 15:26 - 2015-01-05 17:48 - 00003270 _____ C:\WINDOWS\System32\Tasks\iToolsDaemon
- 2015-06-16 15:25 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2015-06-15 05:02 - 2014-11-19 15:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- 2015-06-15 04:52 - 2015-03-06 23:52 - 00000933 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job
- 2015-06-15 04:52 - 2015-03-06 23:52 - 00000747 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job
- 2015-06-15 04:52 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
- 2015-06-14 16:10 - 2015-02-14 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFunBox 2014
- 2015-06-14 16:10 - 2015-01-05 18:59 - 00000000 ____D C:\Users\Collin\Desktop\iPhone Tools
- 2015-06-13 16:19 - 2013-08-22 09:44 - 05180408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
- 2015-06-13 16:17 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
- 2015-06-13 16:14 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
- 2015-06-13 16:14 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
- 2015-06-13 16:13 - 2014-04-04 14:06 - 00000000 ____D C:\Users\Collin
- 2015-06-13 15:20 - 2014-04-28 22:00 - 00000000 ____D C:\ProgramData\Malwarebytes
- 2015-06-13 15:07 - 2014-05-31 19:06 - 00000000 ____D C:\ProgramData\IObit
- 2015-06-13 14:13 - 2015-04-08 20:25 - 00000000 ____D C:\ProgramData\BlueStacksSetup
- 2015-06-13 14:13 - 2014-03-17 20:52 - 00000000 ____D C:\Users\Collin\AppData\Roaming\uTorrent
- 2015-06-12 23:58 - 2014-11-28 23:19 - 00000000 ____D C:\Users\Collin\AppData\Local\Popcorn-Time
- 2015-06-12 23:08 - 2014-08-24 18:03 - 00000440 _____ C:\Users\Collin\Desktop\hotmail.txt
- 2015-06-12 20:45 - 2015-01-22 21:29 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
- 2015-06-12 20:11 - 2015-03-09 15:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
- 2015-06-12 20:11 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
- 2015-06-12 20:10 - 2015-03-09 15:36 - 00000000 ____D C:\ProgramData\Microsoft Help
- 2015-06-12 20:10 - 2012-07-26 00:26 - 00000199 _____ C:\WINDOWS\win.ini
- 2015-06-12 20:05 - 2014-03-18 18:06 - 00000000 ____D C:\WINDOWS\system32\MRT
- 2015-06-12 20:00 - 2014-02-18 12:40 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2015-06-12 12:54 - 2014-06-21 00:40 - 00000000 ____D C:\WINDOWS\Minidump
- 2015-06-12 06:45 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
- 2015-06-09 13:35 - 2014-03-17 21:54 - 00002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2015-06-09 13:02 - 2014-11-19 15:16 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
- 2015-06-08 00:59 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
- 2015-06-08 00:57 - 2014-12-13 12:27 - 00000000 ____D C:\WINDOWS\system32\appraiser
- 2015-06-08 00:57 - 2014-07-09 22:25 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
- 2015-06-07 00:18 - 2013-11-14 02:28 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2015-06-07 00:16 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
- 2015-06-05 17:17 - 2013-04-25 08:51 - 00000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- 2015-05-25 16:07 - 2014-09-25 13:43 - 00000000 ____D C:\Users\Collin\AppData\Local\CyberGhost
- 2015-05-19 17:45 - 2015-04-08 14:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
- 2015-05-19 17:45 - 2015-04-08 14:10 - 00000000 ___SD C:\WINDOWS\system32\GWX
- ==================== Files in the root of some directories =======
- 2014-05-26 01:56 - 2014-11-15 14:57 - 0000132 _____ () C:\Users\Collin\AppData\Roaming\Adobe PNG Format CC Prefs
- 2014-04-25 16:40 - 2014-04-25 16:42 - 0000089 _____ () C:\Users\Collin\AppData\Roaming\Omnicoin.conf
- 2015-04-22 20:33 - 2015-04-22 20:33 - 0001243 _____ () C:\Users\Collin\AppData\Local\recently-used.xbel
- 2015-02-01 17:33 - 2015-02-01 17:33 - 0523888 _____ () C:\ProgramData\1422829361.bdinstall.bin
- 2014-06-01 19:47 - 2014-06-01 19:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
- Some files in TEMP:
- ====================
- C:\Users\Collin\AppData\Local\Temp\dzhdv-6v.dll
- ==================== Bamital & volsnap Check =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\System32\winlogon.exe => File is digitally signed
- C:\Windows\System32\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\System32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\System32\services.exe => File is digitally signed
- C:\Windows\System32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\System32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\System32\rpcss.dll => File is digitally signed
- C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2015-01-09 07:52
- ==================== End of log ============================
- Addition.txt
- Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
- Ran by Collin at 2015-06-17 21:35:00
- Running from C:\Users\Collin\Desktop
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1346664306-1066439407-2851303791-500 - Administrator - Disabled)
- Collin (S-1-5-21-1346664306-1066439407-2851303791-1001 - Administrator - Enabled) => C:\Users\Collin
- Guest (S-1-5-21-1346664306-1066439407-2851303791-501 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
- FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
- 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
- Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
- Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
- AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3124 - Acer Incorporated)
- AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
- Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
- Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
- Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
- Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
- Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
- Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
- Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
- AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
- Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
- Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
- Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
- BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
- BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
- Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
- CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
- clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
- clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
- Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
- CtrlPanel (HKLM-x32\...\{85DDD163-47A4-4751-A9F7-61CC86F8EE9C}) (Version: 1.00.0521 - Wistron)
- CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
- CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
- Dropbox (HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
- eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
- Elgato Game Capture HD (HKLM-x32\...\{0392D055-3112-444D-831A-64DF12D9C151}) (Version: 1.42.19.534 - Elgato Systems GmbH)
- Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
- Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
- Epson E-Web Print (HKLM-x32\...\{E904F572-D7DB-43C1-929F-043F267FC77D}) (Version: 1.22.0000 - SEIKO EPSON CORPORATION)
- EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
- EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
- ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
- Game Capture HD v2.3.3.38 (HKLM-x32\...\Game Capture HD v2.3.3.38) (Version: 2.3.3.38 - Elgato Systems)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
- Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
- Gpg4win (2.2.4) (HKLM-x32\...\GPG4Win) (Version: 2.2.4 - The Gpg4win Project)
- Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
- Horizon v2.7.9.3 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.9.3 - Daring Development Inc.)
- Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
- Hotspot Shield 4.15.3 (HKLM-x32\...\HotspotShield) (Version: 4.15.3 - AnchorFree Inc.)
- idcloak VPN (HKLM-x32\...\idcloak VPN) (Version: 2.1.3 - idcloak Technologies Inc.)
- Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
- iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - )
- Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
- Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
- Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
- Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
- IR App (HKLM-x32\...\{699D0EFA-5AC2-4DAB-846E-E4EFDA00ACAC}) (Version: 1.0.0.2 - Acer)
- ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.02.0014 - ITE)
- iTools 3 (HKLM-x32\...\ThinkSky) (Version: - 深圳市创想天空科技有限公司)
- iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
- Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
- KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.5.0.0 - QFX Software Corporation)
- Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
- Malwarebytes Anti-Exploit version 1.06.1.1019 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.06.1.1019 - Malwarebytes)
- Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
- Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
- Microsoft SkyDrive (HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
- Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
- MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
- MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
- MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
- MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
- Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
- Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
- Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
- Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
- Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
- Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
- Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
- PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
- PointGrab Hand Gesture Control (HKLM-x32\...\InstallShield_{4B145183-E986-4585-ADDF-0C73DB575112}) (Version: 3.2.0.10495 - PointGrab)
- PointGrab Hand Gesture Control (x32 Version: 3.2.0.10495 - PointGrab) Hidden
- PointGrab Hand Gesture Control Tutorial (HKLM-x32\...\InstallShield_{92586A21-3E08-4055-B413-8ACCAAB50A42}) (Version: 3.2.0.9896 - PointGrab)
- PointGrab Hand Gesture Control Tutorial (x32 Version: 3.2.0.9896 - PointGrab) Hidden
- Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
- PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
- Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
- Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.31 - Qualcomm Atheros)
- QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
- Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
- Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
- Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
- Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
- Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
- Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
- Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
- Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
- Sling (HKLM-x32\...\{8AF43405-009A-407B-ABDC-54C28AB56B10}) (Version: 4.8.110 - Echostar)
- Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
- Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
- Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.4.0.0 - IObit)
- Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
- TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
- Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
- TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
- TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
- Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
- Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
- Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
- Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
- Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
- Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
- Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== Restore Points =========================
- 24-04-2015 21:38:48 Windows Update
- 30-04-2015 19:18:41 Installed Sling
- 13-05-2015 21:22:27 Windows Update
- 19-05-2015 17:44:34 Windows Update
- 05-06-2015 20:45:01 Windows Update
- 12-06-2015 13:08:56 Windows Update
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {1543E9C1-5BFD-41A6-BF67-F385CAFB1367} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
- Task: {1A9D2212-9B36-4CC0-B86F-6C9D208D252D} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
- Task: {1C989C1D-AC65-44AC-8698-4E35654F3410} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-12] (Microsoft Corporation)
- Task: {241D295A-88B9-40C6-948B-23513B482C70} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
- Task: {2804F5FB-0C09-47B0-A0EE-530529C0601C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
- Task: {2839E239-60EB-49CC-AD39-9274029FF370} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
- Task: {383FA9DF-2C08-43B3-B156-11E2446B7A26} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
- Task: {3F2BA1FF-7E40-478F-9FED-D42D0C3F5605} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
- Task: {40638A68-FA1A-44AD-BE58-F5959C62C658} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
- Task: {41B9607E-1C2A-40B5-A5BB-07A7DA56387F} - System32\Tasks\GoogleUpdateTaskMachineCore1cfff6e6e2919e9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
- Task: {460BC0CD-8789-4A9A-B2C5-F16C3E9A5F73} - System32\Tasks\{F6E777D9-71A8-439E-9EB2-4986FBCDF3B3} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&page=tsBing
- Task: {47C989E6-13B3-4C5E-87FE-B437003A8170} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-11] (Egis Technology Inc.)
- Task: {4A3D6C2B-4B48-4482-BC6B-C50F07E9BD88} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-buddyboy763@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
- Task: {4D77E936-8F19-452F-9E3C-7C9552CAA67A} - System32\Tasks\EPSON XP-410 Series Invitation {F962D1A1-2262-4B5D-AC57-58BEC021FE8F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2014-11-20] (SEIKO EPSON CORPORATION)
- Task: {5674A9DF-591C-425F-A945-9B02A29C5CA9} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\SymErr.exe
- Task: {56A0C051-C61F-4442-B9C2-097747A69F0D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
- Task: {5E2BDDA3-51EA-4327-B0DC-8756759B2142} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
- Task: {6270FA12-FBC8-44F8-A71D-54E5B5E73CF1} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
- Task: {66C72E69-F064-445A-BA67-48B178E7808E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
- Task: {6CD04B2E-7C54-46DC-854D-CB0039FE9402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
- Task: {764D90B2-0F82-481A-B28E-B175C29FCF37} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rvex@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
- Task: {771EAE20-C704-4011-B96D-F8671CBFA3D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
- Task: {7EEBD64D-6664-449E-BA25-D6B21334B7CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
- Task: {821B84CB-2C8D-4C80-B3EF-4F31E3FDECCE} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-19] (CyberLink)
- Task: {9033483E-E98B-48FC-88E0-3C8295509B77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
- Task: {94BB5223-A2E8-4B64-8B98-BFA11A8C8971} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
- Task: {98CDBBAB-C6C2-45EF-81CC-0E684A9E8A1F} - System32\Tasks\EPSON XP-410 Series Update {F962D1A1-2262-4B5D-AC57-58BEC021FE8F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2014-11-20] (SEIKO EPSON CORPORATION)
- Task: {AF521E24-721B-4DB1-B750-666E58DA915B} - System32\Tasks\AdobeAAMUpdater-1.0-Collin-Collin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
- Task: {B7CAF869-ADAE-4FA2-A4E3-3769CA59C796} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2015-01-13] (IObit)
- Task: {BFF60542-A527-450F-8479-4485EA01B99A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)
- Task: {C8305FE8-A988-4221-93A2-0C650FDEE8F1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
- Task: {CA7E9B5F-332B-4153-B6AA-A52F6599D2DF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\SymErr.exe
- Task: {CF821E06-2B30-4162-81FB-FD38D11924C0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
- Task: {D21F57C8-B4F8-4D54-9220-F26B2ABD4E9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
- Task: {DD4810DE-CF74-4E80-B081-ECD3A85A85E0} - System32\Tasks\iToolsDaemon => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [2015-06-09] ()
- Task: {DE4EF0F7-6DA0-460C-815B-6F34E3EB1EF0} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-09-20] (Acer Incorporated)
- Task: {E8773646-C5A4-41F1-BADB-C06D8CC5BDBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
- Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Collin.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
- Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
- Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {F962D1A1-2262-4B5D-AC57-58BEC021FE8F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE:/EXE:{F962D1A1-2262-4B5D-AC57-58BEC021FE8F} /F:UpdateWORKGROUP\COLLIN$
- Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfff6e6e2919e9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
- Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
- Task: C:\WINDOWS\Tasks\iToolsDaemon.job => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
- Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
- ==================== Loaded Modules (Whitelisted) ==============
- 2015-02-01 17:29 - 2014-08-27 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
- 2015-02-01 17:29 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
- 2015-02-01 17:29 - 2014-12-17 15:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
- 2015-02-01 17:29 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
- 2015-05-06 19:09 - 2015-05-06 19:09 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpbr.mdl
- 2015-05-06 19:09 - 2015-05-06 19:09 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpdsp.mdl
- 2015-05-06 19:09 - 2015-05-06 19:09 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpph.mdl
- 2015-05-06 19:09 - 2015-05-06 19:09 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttprbl.mdl
- 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
- 2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
- 2015-03-17 09:21 - 2015-03-17 09:21 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
- 2015-06-03 17:59 - 2015-06-03 17:59 - 00589520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
- 2013-04-25 08:44 - 2012-05-10 23:36 - 00179712 _____ () C:\Program Files\acerIR\IRSrv.exe
- 2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
- 2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
- 2012-06-21 21:12 - 2012-06-21 21:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
- 2015-06-09 21:59 - 2015-06-09 21:59 - 00438648 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
- 2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
- 2012-11-09 18:06 - 2012-11-09 18:06 - 00384128 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ContactsApi.dll
- 2012-11-09 18:04 - 2012-11-09 18:04 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
- 2012-11-09 18:06 - 2012-11-09 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
- 2015-05-04 14:25 - 2015-05-04 14:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
- 2015-03-17 09:07 - 2015-03-17 09:07 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
- 2015-03-17 08:54 - 2015-03-17 08:54 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
- 2015-03-17 09:07 - 2015-03-17 09:07 - 00070656 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
- 2015-03-17 09:10 - 2015-03-17 09:10 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
- 2015-03-17 09:01 - 2015-03-17 09:01 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
- 2015-06-03 17:57 - 2015-06-03 17:57 - 01749200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
- 2015-06-03 18:19 - 2015-06-03 18:19 - 00616144 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.15.3.dll
- 2015-04-24 20:03 - 2015-04-24 20:03 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
- 2009-03-27 15:02 - 2009-03-27 15:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
- 2009-03-27 15:02 - 2009-03-27 15:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
- 2014-06-01 19:41 - 2013-12-09 16:10 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
- 2014-06-01 19:41 - 2013-12-09 16:10 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
- 2014-06-01 19:41 - 2013-12-09 16:10 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
- 2015-06-09 21:59 - 2015-06-09 21:59 - 01234296 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\MiscCore.dll
- 2015-06-09 21:59 - 2015-06-09 21:59 - 00279416 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\TSLib.dll
- 2015-06-09 21:59 - 2015-06-09 21:59 - 00548728 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\UICore.dll
- 2015-06-09 21:59 - 2015-06-09 21:59 - 00548728 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\Sqlite.dll
- 2015-06-09 21:59 - 2015-06-09 21:59 - 00103288 _____ () C:\Program Files (x86)\ThinkSky\iTools 3\ZLib.dll
- 2014-06-01 19:41 - 2013-12-09 16:10 - 00089920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
- 2014-06-01 19:41 - 2013-12-09 16:10 - 00039744 _____ () C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
- 2014-06-01 19:41 - 2013-12-09 16:11 - 00041280 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
- 2013-04-25 08:49 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
- 2015-06-09 13:34 - 2015-06-05 13:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
- 2015-06-09 13:34 - 2015-06-05 13:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\Collin\SkyDrive:ms-properties
- AlternateDataStreams: C:\Users\Collin\SkyDrive.old:ms-properties
- AlternateDataStreams: C:\Users\Collin\Desktop\FRST64.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\BlueStacks-ThinInstaller.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\ccsetup506pro.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\chromeinstall-8u31.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\EpsonConnect130.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\ExterminateItSetup.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\fwsetup.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\gpg4win-2.2.4.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\GRID Workspace-Win.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\ifunbox2014_setup.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\ifunbox_setup (1).exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\InstaReg.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\itunes6464setup.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\mbam-setup-2.1.6.1022.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\Popcorn-Time-0.3.7.1-Setup.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\PopcornTime-latest.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\spybot-2.4.exe:BDU
- AlternateDataStreams: C:\Users\Collin\Downloads\TrueCrypt-7.2.exe:BDU
- ==================== Safe Mode (Whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\008i.com -> 008i.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\008k.com -> 008k.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\00hq.com -> 00hq.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0190-dialers.com -> 0190-dialers.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\01i.info -> 01i.info
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\05p.com -> 05p.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0calories.net -> 0calories.net
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0cj.net -> 0cj.net
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\0scan.com -> 0scan.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1-se.com -> 1-se.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1001movie.com -> 1001movie.com
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\1001night.biz -> 1001night.biz
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\100gal.net -> 100gal.net
- IE restricted site: HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\100sexlinks.com -> 100sexlinks.com
- There are 4788 more restricted sites.
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Collin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop bg.jpg
- DNS Servers: 71.10.216.1 - 71.10.216.2
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- MSCONFIG\startupreg: Adobe Creative Cloud => "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" --showwindow=false --onosstartup=true
- MSCONFIG\startupreg: FileZilla Server Interface => c:\program files (x86)\filezilla server\filezilla server interface.exe
- HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
- HKU\S-1-5-21-1346664306-1066439407-2851303791-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [{4421697A-56C5-4895-89C2-0F63740BA250}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{41390145-2CAC-4B24-A558-E8DDEE9553E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{136DEACF-FB2B-4D63-AC13-78099578E179}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{065128F6-A062-4BC4-92A0-5CF3AE9C19A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{B80E22AE-ABF6-4B47-B178-2991ED92DBF6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
- FirewallRules: [{47805AB1-A6FA-4080-A220-3BF8D0EF0714}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
- FirewallRules: [{2646C90E-2087-49CC-9140-4232F6A864E4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
- FirewallRules: [{3DC1B1F5-D693-4521-B518-7B75ABA0424C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
- FirewallRules: [{723F1A79-D1A3-47F8-91B3-D4464C4B4E20}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
- FirewallRules: [{30664A8D-1FD4-4B72-B712-2F03BA65F70E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
- FirewallRules: [{12328C00-9CDF-49A0-B74B-CCFD6FF29CFB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
- FirewallRules: [{24928BB9-E004-4096-AF7A-805B6BE083DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
- FirewallRules: [UDP Query User{F4E77B8D-957D-42CA-8315-21B6DB748C02}C:\program files (x86)\idcloak vpn\idcloakvpn.exe] => (Allow) C:\program files (x86)\idcloak vpn\idcloakvpn.exe
- FirewallRules: [TCP Query User{52465AE0-EC91-4FA5-85D9-10AAD90719D0}C:\program files (x86)\idcloak vpn\idcloakvpn.exe] => (Allow) C:\program files (x86)\idcloak vpn\idcloakvpn.exe
- FirewallRules: [{2FA338C8-4663-4378-84EC-8730A3723A63}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
- FirewallRules: [{5C6F7E7B-2832-491A-A3A9-886D4D9384A1}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
- FirewallRules: [{9356491A-3C43-4BBA-B661-2D33B3F63E48}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
- FirewallRules: [{1876EBFF-6532-44D1-8330-02EBAF1B1F04}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
- FirewallRules: [{D040D671-25E8-4721-852E-0D8E1ECD5A91}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
- FirewallRules: [{CBADB845-0252-42B4-90D1-301337BACC24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
- FirewallRules: [{259AEC33-B61A-4EE0-BB95-D248D3E1E8DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
- FirewallRules: [{887CB016-3CA0-4A85-AA15-EA2C9C197542}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{B0F309CD-6461-4B76-AF33-10635339D52D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{9D860651-9646-435A-88BC-4EF0FF79ED0F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
- FirewallRules: [{6442B841-76DE-4A0C-B955-28BB921DE72A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
- FirewallRules: [{69D6938A-17ED-418F-8AA2-F5CB6F5F314E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
- FirewallRules: [{7AC104F8-DFB9-4BD0-82C0-AF3C3BCDDA6F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
- FirewallRules: [{B6DB293F-7725-4065-B720-260639F73FCA}] => (Allow) C:\Users\Collin\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{30A57E24-F58D-4695-844E-F1EE3FC67053}] => (Allow) C:\Users\Collin\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{E21DBAC7-1081-4FA4-8F99-242DD0B938A7}] => (Allow) C:\Users\Collin\Downloads\uTorrent.exe
- FirewallRules: [{C087CB4D-B83B-46E6-86F8-DD9870F65698}] => (Allow) C:\Users\Collin\Downloads\uTorrent.exe
- FirewallRules: [{40912554-7839-406D-AAAF-1B440CC7C8C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
- FirewallRules: [{98BBDD1B-5B38-4C7B-BA3F-63A64D342667}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
- FirewallRules: [{05BC3D9B-40E6-4331-B67F-60D8D05F2774}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
- FirewallRules: [{90F2714C-EB4A-4241-A7BF-5C837DAE0242}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
- FirewallRules: [{DBF7401B-8882-4F69-9ABD-4D7ED45EEAEB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
- FirewallRules: [{16ADB2E3-A60F-4952-A3E0-5590E008E3DB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
- FirewallRules: [{6BBE2751-819B-4D84-A7EE-02ADCBF7A836}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
- FirewallRules: [{D5B4384E-EC61-40B1-B403-AECFA17D4D44}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
- FirewallRules: [{9CFCBA6D-C50F-44E5-907A-14F686851878}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
- FirewallRules: [{68311DD1-30E6-440C-B03F-D546C902AB93}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
- FirewallRules: [{20A05DA9-6CAF-4F99-B2A5-5A4D589B0ADF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
- FirewallRules: [{14D44174-0098-4E52-8F02-15673B2ED3CB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
- FirewallRules: [{56FCCA47-DA49-4212-AF9C-6F0C44C9C9BF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
- FirewallRules: [{F04F9F9F-36D8-4A13-B7A0-852D1060931C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
- FirewallRules: [{5FFE6256-BA2C-42D1-83C7-E957A0177D54}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
- FirewallRules: [{AA0864EF-8F4C-4458-AD01-9B936673A2EA}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
- FirewallRules: [{400BAB89-DFEB-4DA6-85C5-15D3686C385C}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
- FirewallRules: [{57F1D154-6CF4-4D83-BC8F-7E48F1DEE282}] => (Allow) C:\Users\Collin\AppData\Roaming\Dropbox\bin\Dropbox.exe
- FirewallRules: [{C30A2C7D-E426-4480-84DD-CAA6B6C49D2E}] => (Allow) C:\Users\Collin\AppData\Roaming\Dropbox\bin\Dropbox.exe
- FirewallRules: [{D47AB09A-0630-4F38-984B-9F314E3D6610}] => (Allow) C:\Users\Collin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
- FirewallRules: [TCP Query User{D378E477-8CE7-4084-9B5F-2885CF11B04E}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
- FirewallRules: [UDP Query User{6B01B677-F7F0-420A-A868-DCB8604144D4}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
- FirewallRules: [TCP Query User{8F110AC8-3AC4-429E-82B0-1411D32CD3FB}C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe
- FirewallRules: [UDP Query User{E0A18F38-2AE5-448C-AC23-583E0E8BD4E2}C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\collin\appdata\roaming\dropbox\bin\dropbox.exe
- FirewallRules: [TCP Query User{B0AAD80E-DB11-4FF2-8983-310BC8A060AC}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\collin\appdata\roaming\spotify\spotify.exe
- FirewallRules: [UDP Query User{47154068-621D-4004-BD30-8C55703B669F}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\collin\appdata\roaming\spotify\spotify.exe
- FirewallRules: [{C37C54DD-2ABC-4BE2-B29D-12EF2DBC49C2}] => (Allow) LPort=1604
- FirewallRules: [{F2ACF29B-C44E-47CF-A7DD-ECA0D236F121}] => (Allow) LPort=1604
- FirewallRules: [TCP Query User{D9868022-EEB0-45A0-8450-C3AFF64EF312}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
- FirewallRules: [UDP Query User{A6807CEC-3C44-478F-879B-814E2FE2E79C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
- FirewallRules: [TCP Query User{9F9014FC-9118-40A7-8C04-48A9CD2D5293}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
- FirewallRules: [UDP Query User{42C8E438-5954-40CD-838B-A9D1C717DD10}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
- FirewallRules: [TCP Query User{1195BE4E-9A9C-4142-AA5C-B238EF83125F}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\collin\appdata\roaming\spotify\spotify.exe
- FirewallRules: [UDP Query User{E6B4C7ED-269F-4B0F-BB90-257C3075AABD}C:\users\collin\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\collin\appdata\roaming\spotify\spotify.exe
- FirewallRules: [TCP Query User{1A90E0B6-71A7-4BDC-9EC0-AE2C366930FD}C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
- FirewallRules: [UDP Query User{86E4300E-5EC0-45BA-BC6A-00D4A5C56FD9}C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
- FirewallRules: [{DE8D628D-E8F0-4A1E-A8F6-C55D2B8BA79F}] => (Block) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
- FirewallRules: [{4C471F95-1632-48F8-B9ED-3FFD9B066F09}] => (Block) C:\users\collin\appdata\local\popcorn time\node-webkit\popcorn time.exe
- FirewallRules: [TCP Query User{164060A8-FB45-4C4D-ABD9-D2566C27B541}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
- FirewallRules: [UDP Query User{A23CA021-C262-436A-94C4-F1A06C08141C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
- FirewallRules: [{022BFC82-5CFF-4AB6-AF31-4BD983442408}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{F624C900-9477-4DDE-B43C-300885759B14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{A0E1C7EC-6136-4626-8C76-0E989E303DCB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{7F1B3AF1-AF09-47AA-87DA-7FEC343FD5A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{BFEBDEC7-9D83-4E54-B09E-9FE7CCDD4565}] => (Allow) C:\Program Files\iTunes\iTunes.exe
- FirewallRules: [{FA7AC87A-3BB0-4524-974B-233D52AC50C9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
- FirewallRules: [{DADF4E84-72FC-4DF2-84A0-F25199DBC471}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
- FirewallRules: [{595E1874-38E2-456A-97C2-F67766EBC673}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{B265945B-C42F-43C2-A89B-7C794504422F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{66FCFF4C-5407-4644-9A9C-BE1881125328}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
- FirewallRules: [{271A411D-72A3-42CC-82B5-F06F722D121C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
- FirewallRules: [TCP Query User{2679D3CF-7A1D-4F8C-8A93-C52B59DE6E12}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
- FirewallRules: [UDP Query User{66AECD26-2511-44D3-802D-A71F82ED0FC1}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
- FirewallRules: [TCP Query User{66F1B7E8-37C2-4C03-A545-123AE2342404}C:\programdata\sling\sling.exe] => (Block) C:\programdata\sling\sling.exe
- FirewallRules: [UDP Query User{94B78FD9-8135-4427-BDA5-994B3765A808}C:\programdata\sling\sling.exe] => (Block) C:\programdata\sling\sling.exe
- FirewallRules: [{143EB4FB-914F-4529-BEF4-FC001B1A7BA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Faulty Device Manager Devices =============
- Name: Virtual Bluetooth Support (Include Audio)
- Description: Virtual Bluetooth Support (Include Audio)
- Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
- Manufacturer: Qualcomm Atheros Communications
- Service: AthBTPort
- Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
- Resolution: Update the driver
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: Windows cannot load classes registry file.
- DETAIL - The configuration registry database is corrupt.
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
- DETAIL - The configuration registry database is corrupt.
- for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: Windows cannot load classes registry file.
- DETAIL - The configuration registry database is corrupt.
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
- DETAIL - The configuration registry database is corrupt.
- for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: Windows cannot load classes registry file.
- DETAIL - The configuration registry database is corrupt.
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
- DETAIL - The configuration registry database is corrupt.
- for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: Windows cannot load classes registry file.
- DETAIL - The configuration registry database is corrupt.
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
- DETAIL - The configuration registry database is corrupt.
- for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: Windows cannot load classes registry file.
- DETAIL - The configuration registry database is corrupt.
- Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
- DETAIL - The configuration registry database is corrupt.
- for C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- System errors:
- =============
- Error: (06/17/2015 09:33:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Amazon.com.Amazon.
- Error: (06/17/2015 09:32:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: AcerIncorporated.AcerExplorer.
- Error: (06/17/2015 09:32:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.FreshPaint.
- Error: (06/17/2015 09:32:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 4DF9E0F8.Netflix.
- Error: (06/17/2015 09:32:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.XboxCompanion.
- Error: (06/17/2015 09:32:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: esobiIncorporated.newsXpressoMetro.
- Error: (06/17/2015 09:27:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Advanced SystemCare Service 7 service terminated unexpectedly. It has done this 1 time(s).
- Error: (06/17/2015 09:24:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: HuluLLC.HuluPlus.
- Error: (06/17/2015 09:24:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 7digitalLtd.7digitalMusicStore.
- Error: (06/17/2015 09:23:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.WindowsReadingList.
- Microsoft Office:
- =========================
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- Error: (06/17/2015 09:33:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- Error: (06/17/2015 09:32:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- Error: (06/17/2015 09:31:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
- Description: The configuration registry database is corrupt.
- C:\Users\Collin\AppData\Local\Microsoft\Windows\\UsrClass.dat
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
- Percentage of memory in use: 34%
- Total physical RAM: 6027.22 MB
- Available physical RAM: 3960.83 MB
- Total Pagefile: 12171.22 MB
- Available Pagefile: 3932.36 MB
- Total Virtual: 131072 MB
- Available Virtual: 131071.8 MB
- ==================== Drives ================================
- Drive c: (Acer) (Fixed) (Total:914.76 GB) (Free:746.22 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
- Partition: GPT Partition Type.
- ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement