Jump to content

JonahAnthony

Honorary Members
  • Posts

    28
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I completely restored my machine and everything is running well, I am now ready to reinstall my nvidia drivers.
  2. Could I possibly just do a system restore to factory conditions?
  3. https://dl.dropboxusercontent.com/u/186946666/021015-49421-01.zip
  4. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015 Ran by jonah_000 at 2015-02-10 16:26:21 Running from C:\Users\jonah_000\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden .NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd) .NET Reflector Visual Studio Extension 8.3 (HKLM-x32\...\{78AB5E88-4A49-43FF-9657-37935971F355}) (Version: 8.3.3.115 - Red Gate Software Ltd) .NET Streamer (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\24ce9279ad03bb02) (Version: 4.0.0.4 - TRANSLU6DE) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) AlienFX for KoneXTD (Version: 1.02 - Roccat GmbH) Hidden altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC) Angry Birds Star Wars II 1.0.4 (HKLM-x32\...\Angry Birds Star Wars II 1.0.4) (Version: 1.0.4 - Cat-A-Cat) Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive) Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive) Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive) Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - ) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk) Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Maya 2015 (HKLM\...\Autodesk Maya 2015) (Version: 15.0.1335.0 - Autodesk) Autodesk Maya 2015 (Version: 15.0.1335.0 - Autodesk) Hidden Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.4.505 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Battlestar Galactica (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_f89da3e39e25e3d2803f4028a3b83c692154961e) (Version: v1.1.1 - Pokki) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games) BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC) Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games) Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) Camtasia Studio 8 (HKLM-x32\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation) CCG Launcher version 0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.7 - Custom Combat Gaming) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - ) Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios) Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios) Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - ) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden Dropbox (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Dropbox) (Version: 3.2.2 - Dropbox, Inc.) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo) Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden Entity Framework 6.1.0 Tools for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation) ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment) Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.4 - Telerik) Futuremark SystemInfo (HKLM-x32\...\{EC2B7377-A71D-4F99-87BC-792AE239D3B2}) (Version: 4.31.478.0 - Futuremark) GameMaker-Studio 1.3 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\GameMaker-Studio13) (Version: - YoYo Games Ltd.) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North) Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games) Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.) Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.212 - SurfRight B.V.) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java SE Development Kit 6 Update 39 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle) join.me (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.) Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive) K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - ) Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG) Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.26.1 - ELAN Microelectronic Corp.) Lenovo Reach (HKLM-x32\...\{0B5E0E89-4BCA-4035-BBA1-D1439724B6E2}) (Version: 1.1.0.166 - Stoneware, Inc.) Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo) LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden mental ray renderer for Autodesk Maya 2015 (HKLM\...\{BDF821F0-D64C-421D-0052-A9B995B20873}) (Version: 15.0.1335.0 - mental ray) Metro: Last Light © Deep Silver version 1 (HKLM-x32\...\TWV0cm9MYXN0TGlnaHQ=_is1) (Version: 1 - ) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Policies (HKLM-x32\...\{01C5A10F-AD9B-405B-853A-6659841A1242}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{3F7D7ED5-979A-4F96-AE25-DDA54B3E2D2B}) (Version: 10.0.1794.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 Query Tools English (HKLM-x32\...\{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Premium 2013 (HKLM-x32\...\{cbf78dde-975d-44b1-a5a1-17bdd063bf76}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee) MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0a1 - Mozilla) My Game Long Name (HKLM\...\UDK-b572340e-9cc0-405e-b9a9-2b6eaf1c762c) (Version: - Epic Games, Inc.) Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts) Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts) NEOTOKYO° (HKLM-x32\...\Steam App 244630) (Version: - STUDIO RADI-8) Netflix (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_f356775052cadffd19a420ccdfaa87ea13120bef) (Version: 1.0.4.56238 - Pokki) Nightly 37.0a1 (x86 en-US) (HKLM-x32\...\Nightly 37.0a1 (x86 en-US)) (Version: 37.0a1 - Mozilla) Nitro Pro 8 (HKLM\...\{6E7DFD3E-2E89-4F35-B4F2-D3301A4AD190}) (Version: 8.5.6.5 - Nitro) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access) Project3 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Project3) (Version: - ) Psychonauts (HKLM-x32\...\Steam App 3830) (Version: - Double Fine Productions) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis) Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.) Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Player for jonah_000 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) ROBLOX Studio 2013 for jonah_000 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version: - Roccat GmbH) Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH) Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Snagit 12 (HKLM-x32\...\{a8dbd220-0251-433a-8cc0-8b2e0d67053b}) (Version: 12.1.0.1322 - TechSmith Corporation) Snagit 12 (x32 Version: 12.1.0 - TechSmith Corporation) Hidden Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Snoopy vs. The Red Baron (HKLM-x32\...\Snoopy vs. The Red Baron) (Version: - NAMCO BANDAI Games) SpaceEngine version 0.9.7.1 (HKLM-x32\...\{53E413B3-2417-4BD1-984D-8C92C81C231F}_is1) (Version: 0.9.7.1 - SpaceEngine) StageLight version 1.0.0.3508 (HKLM\...\StageLight) (Version: version 1.0.0.3508 - Open Labs, LLC.) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.40 - Bioware/EA) Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Start Menu (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - ) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC) Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version: - FIX Korea) Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Chronicles of Riddick: Escape From Butcher Bay (HKLM-x32\...\{A8DE8C34-7F51-4cc8-B326-C425793EE741}) (Version: 1.1 - http://www.vugames-europe.com) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Godfather (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_923d0f1d35897f6a6a73ba838623cda94c4ab689) (Version: v1.2.5 - Pokki) Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics) Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH) TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden Unreal Engine (HKLM\...\{38F69744-A2C5-4913-813B-7001D6CDC130}) (Version: 1.0.3.0 - Epic Games, Inc.) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation) WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version: - Wargaming.net) Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden 用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 07-02-2015 10:04:34 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 07-02-2015 10:05:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 08-02-2015 13:06:28 Installed Energy Management ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0BFC49B4-9EBC-452A-83BB-7006879C0FD9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {203F8CBC-303D-47A0-B87C-4F5686BDDB23} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2013-08-05] () Task: {34CFF08F-4B2E-48A7-854C-A43E5A851634} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-18] (Microsoft Corporation) Task: {3897393D-62EC-43B2-9148-C10577FCFD24} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {39CD3564-A31C-4379-B8B8-437F0A061B85} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-06-05] () Task: {4A63C308-C092-42C9-BE48-A84804CC8175} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: {4F0912C2-D2B4-45D5-A4A6-E49031AFBD92} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JONAH-jonah_000 Jonah => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-12-18] (Microsoft Corporation) Task: {75D87707-117C-4238-9955-69E88DB22EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12] (Google Inc.) Task: {7E2457ED-AE91-421F-B3B2-1803D9AC7919} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {7F1DA4DC-790F-4ED2-82A9-AF30BA714ED5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12] (Google Inc.) Task: {9DD14DF8-6B14-4A34-9586-0CCD12DD8413} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit) Task: {A1653786-7815-43FE-A5A5-A13CC84DAF0D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {C4190425-7B78-4646-BF61-A988A2C5B62E} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-05-30] (TechSmith Corporation) Task: {C86B4162-A692-4FD8-BEE1-E651E0F6EE5F} - System32\Tasks\Uninstaller_SkipUac_jonah_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit) Task: {DBF70897-6037-4CAB-A879-1FD8D8D36909} - System32\Tasks\{674098D8-2BA8-4600-B450-F7FE60D55771} => pcalua.exe -a C:\Users\jonah_000\AppData\Local\Roblox\Versions\version-c04585a2d58a4f29\RobloxPlayerLauncher.exe -c -uninstall Task: {E0E9BEE5-9223-4D75-B1B5-345B66A3DF36} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE Task: {E1DC89D1-A59B-45C5-823A-BF3FF5A8159C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {EF7181CC-7252-4EDF-8A69-5024E1095621} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3184068216-3506866942-1434303448-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe Task: {FAA55874-33B1-4A82-B7C6-AAEF8D7986B6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-15] (Overwolf LTD) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: C:\windows\Tasks\Uninstaller_SkipUac_jonah_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============== 2014-12-07 10:10 - 2015-01-09 17:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-12-18 18:39 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-04-05 18:46 - 2014-11-02 11:08 - 00076152 _____ () C:\windows\system32\PnkBstrA.exe 2014-12-09 16:22 - 2014-12-09 16:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2013-10-30 16:02 - 2013-10-30 16:02 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe 2013-10-30 16:02 - 2013-10-30 16:02 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll 2013-12-13 12:20 - 2013-12-13 12:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2014-12-18 19:27 - 2014-12-18 19:27 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-07-19 12:57 - 2014-06-21 00:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-07-19 12:57 - 2014-06-21 00:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-12-24 19:21 - 2012-06-17 11:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll 2014-12-10 18:36 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2014-12-10 18:36 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2014-12-10 18:36 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2013-10-30 15:40 - 2013-08-08 14:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2015-02-05 22:59 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll 2015-02-05 22:59 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll 2015-02-05 22:59 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\jonah_000\SkyDrive:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive (2).old:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive (3).old:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive (4).old:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive.old:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16368753.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16368753.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jonah_000\Desktop\2160p ULTRA HD Wallpaper collection\spectacular_desert_landscape-wallpaper-3840x2160.jpg ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Snagit 12.lnk" HKLM\...\StartupApproved\StartupFolder: => "Roccat Talk.lnk" HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run: => "OnekeyStudio" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Lenovo App Shop" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "RazerGameBooster" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Andy" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "puush" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Clownfish" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "CCleaner" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Advanced SystemCare 7" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "GameTracker" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Overwolf" ==================== Accounts: ============================= Administrator (S-1-5-21-3184068216-3506866942-1434303448-500 - Administrator - Disabled) Guest (S-1-5-21-3184068216-3506866942-1434303448-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3184068216-3506866942-1434303448-1004 - Limited - Enabled) jonah_000 (S-1-5-21-3184068216-3506866942-1434303448-1002 - Administrator - Enabled) => C:\Users\jonah_000 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error: (02/10/2015 11:55:57 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. System errors: ============= Error: (02/10/2015 11:54:32 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (02/10/2015 11:30:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 28845PhilinoTechnologies.FlappyBird. Error: (02/10/2015 11:30:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Evernote.Evernote. Error: (02/10/2015 11:30:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: McAfeeInc.06.McAfeeSecurityAdvisorforLenovo. Error: (02/10/2015 11:30:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: E0469640.CameraMan. Error: (02/10/2015 11:30:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 600CCC33.GIFViewer. Error: (02/10/2015 11:30:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: E046963F.LenovoSupport. Error: (02/10/2015 11:30:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.XboxCompanion. Error: (02/10/2015 11:30:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 34791E63.CanonInkjetPrintUtility. Error: (02/10/2015 11:30:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 4DF9E0F8.Netflix. Microsoft Office Sessions: ========================= Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\jonah_000\Desktop\esetsmartinstaller_enu.exe Error: (02/10/2015 11:55:57 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\jonah_000\Desktop\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2015-01-14 19:08:33.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:33.195 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:31.516 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:31.391 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:24.444 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:24.319 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:15.930 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:15.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:07:23.014 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:07:22.874 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i7-4700MQ CPU @ 2.40GHz Percentage of memory in use: 65% Total physical RAM: 8104.27 MB Available physical RAM: 2833.54 MB Total Pagefile: 16296.27 MB Available Pagefile: 10806.64 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:891.98 GB) (Free:201.34 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 090CA1D4) Partition: GPT Partition Type. ==================== End Of Log ============================
  5. Step 08 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015Ran by jonah_000 (administrator) on JONAH on 10-02-2015 16:25:00Running from C:\Users\jonah_000\DesktopLoaded Profiles: jonah_000 (Available profiles: jonah_000)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: IE)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\System32\PnkBstrA.exe() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-25] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-06-25] (Realtek Semiconductor)HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-14] (ELAN Microelectronics Corp.)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2015-02-08] (Lenovo (Beijing) Limited)HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2015-02-08] (Lenovo(beijing) Limited)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-18] (Intel Corporation)HKLM-x32\...\Run: [updateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exeWinlogon\Notify\igfxcui: igfxdev.dll [X]HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-09] (Valve Corporation)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-12-25] ()HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-01] (Electronic Arts)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [speech Recognition] => C:\windows\Speech\Common\sapisvr.exe [44032 2014-11-22] (Microsoft Corporation)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [sandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\RunOnce: [Application Restart #4] => C:\Users\jonah_000\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnkShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnkShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)Startup: C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\jonah_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnkShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No FileShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJBHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.comHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.comHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehpSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {4A5FBB3C-FFAE-4ED1-AAD3-984439924A8A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3184068216-3506866942-1434303448-1002 -> {4A5FBB3C-FFAE-4ED1-AAD3-984439924A8A} URL = SearchScopes: HKU\S-1-5-21-3184068216-3506866942-1434303448-1002 -> {F76957F1-0A2F-48B8-A4E1-712201AB50CF} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler: skype4com - No CLSID ValueHandler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Hosts: Hosts file not detected in the default directory FireFox:========FF ProfilePath: C:\Users\jonah_000\AppData\Roaming\Mozilla\Firefox\Profiles\c0q31fre.defaultFF SelectedSearchEngine: GoogleFF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: @nsroblox.roblox.com/launcher -> C:\Users\jonah_000\AppData\Local\Roblox\Versions\version-2c1f992c1a264ecc\\NPRobloxProxy.dll ( ROBLOX Corporation)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\jonah_000\AppData\Local\Roblox\Versions\version-2c1f992c1a264ecc\\NPRobloxProxy64.dll ( ROBLOX Corporation)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)FF Extension: Advanced SystemCare Surfing Protection - C:\Users\jonah_000\AppData\Roaming\Mozilla\Firefox\Profiles\c0q31fre.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-10]FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHookFF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-09-28]StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Nightly\firefox.exe Chrome: =======CHR HomePage: Default -> hxxp://google.com/CHR StartupUrls: Default -> "hxxp://google.com/"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-18]CHR Extension: (Google Drive) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (Poper Blocker) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2014-03-12]CHR Extension: (YouTube) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]CHR Extension: (Adblock Plus) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-21]CHR Extension: (Weebly - Website Builder) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2014-03-12]CHR Extension: (Google Search) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]CHR Extension: (Google Wallet) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-25]CHR Extension: (Gmail) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.)S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [760192 2015-01-10] ()R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2014-06-27] (Apple Inc.) [File not signed]S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2013-12-31] (Microsoft Corporation)S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123096 2014-12-24] (altPUG LLC)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [93016 2014-03-03] (EasyAntiCheat Ltd)R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-28] (ELAN Microelectronics Corp.)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-10-23] (Futuremark)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-02-07] (SurfRight B.V.)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-15] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-07-31] (Intel Corporation)R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-14] () [File not signed]R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-07-24] (Nitro PDF Software)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2014-11-02] ()R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-04-13] ()R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-30] ()S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-16] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-16] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-09-02] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2014-06-25] (Motorola Solutions, Inc.)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-08-05] (ELAN Microelectronic Corp.)S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic)R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)R3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [32512 2015-02-10] ()S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-25] (Intel Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3351520 2014-09-02] (Intel Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-16] (Microsoft Corporation)S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-28] (Microsoft Corporation)S3 ChodDriver; \??\C:\windows\system32\drivers\ChodDriver.sys [X]S3 cpuz138; \??\C:\windows\TEMP\cpuz138\cpuz138_x64.sys [X]S3 GPUZ; \??\C:\windows\TEMP\GPUZ.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-10 16:25 - 2015-02-10 16:25 - 00035464 _____ () C:\Users\jonah_000\Desktop\FRST.txt2015-02-10 16:24 - 2015-02-10 16:25 - 00000000 ____D () C:\FRST2015-02-10 16:24 - 2015-02-10 16:24 - 02132992 _____ (Farbar) C:\Users\jonah_000\Desktop\FRST64.exe2015-02-10 16:22 - 2015-02-10 16:23 - 00000377 _____ () C:\Users\jonah_000\Desktop\ESETscan.txt2015-02-10 11:55 - 2015-02-10 11:55 - 02347384 _____ (ESET) C:\Users\jonah_000\Desktop\esetsmartinstaller_enu.exe2015-02-10 11:55 - 2015-02-10 11:55 - 00000000 ____D () C:\Program Files (x86)\ESET2015-02-10 11:54 - 2015-02-10 11:54 - 00001041 _____ () C:\Users\jonah_000\Desktop\MWBscan.txt2015-02-10 11:27 - 2015-02-10 11:11 - 00002096 _____ () C:\Users\jonah_000\Desktop\AdwCleaner[s0].txt2015-02-10 11:09 - 2015-02-10 11:11 - 00000000 ____D () C:\AdwCleaner2015-02-10 11:08 - 2015-02-10 11:08 - 02112512 _____ () C:\Users\jonah_000\Desktop\AdwCleaner.exe2015-02-10 11:06 - 2015-02-10 11:06 - 00001685 _____ () C:\Users\jonah_000\Desktop\JRT.txt2015-02-10 11:03 - 2015-02-10 11:03 - 01388274 _____ (Thisisu) C:\Users\jonah_000\Desktop\JRT.exe2015-02-09 21:23 - 2015-02-09 21:23 - 00000000 ____D () C:\windows\ERDNT2015-02-09 21:22 - 2015-02-09 21:22 - 00791393 _____ (Lars Hederer ) C:\Users\jonah_000\Desktop\erunt-setup.exe2015-02-09 21:22 - 2015-02-09 21:22 - 00000911 _____ () C:\Users\jonah_000\Desktop\NTREGOPT.lnk2015-02-09 21:22 - 2015-02-09 21:22 - 00000892 _____ () C:\Users\jonah_000\Desktop\ERUNT.lnk2015-02-09 21:22 - 2015-02-09 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2015-02-09 21:22 - 2015-02-09 21:22 - 00000000 ____D () C:\Program Files (x86)\ERUNT2015-02-09 19:46 - 2015-02-09 19:48 - 00002306 _____ () C:\Users\jonah_000\Desktop\Rkill.txt2015-02-09 19:46 - 2015-02-09 19:46 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\jonah_000\Desktop\rkill.exe2015-02-09 19:45 - 2015-02-10 11:17 - 00032512 _____ () C:\windows\system32\Drivers\hitmanpro37.sys2015-02-09 19:37 - 2015-02-09 19:38 - 00331456 _____ () C:\windows\Minidump\020915-50078-01.dmp2015-02-09 08:16 - 2015-02-09 19:36 - 1665490876 _____ () C:\windows\MEMORY.DMP2015-02-09 08:16 - 2015-02-09 08:17 - 00327744 _____ () C:\windows\Minidump\020915-65843-01.dmp2015-02-08 13:07 - 2015-02-08 13:07 - 00007250 _____ () C:\windows\DPINST.LOG2015-02-08 13:07 - 2015-02-08 13:06 - 00039008 _____ (Lenovo.) C:\windows\system32\Drivers\LhdX64.sys2015-02-08 13:07 - 2015-02-08 13:06 - 00019872 _____ (Lenovo (Beijing) Limited) C:\windows\system32\LenovoSDKEmSubSystem.dll2015-02-08 13:05 - 2015-02-08 13:05 - 52872808 _____ (Lenovo Group Limited ) C:\Users\jonah_000\Desktop\em8180214.exe2015-02-08 11:00 - 2015-02-08 11:04 - 00000000 ____D () C:\Users\jonah_000\Desktop\spare2015-02-07 20:43 - 2015-02-07 20:43 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe2015-02-07 19:35 - 2015-02-07 19:36 - 00325384 _____ () C:\windows\Minidump\020715-46296-01.dmp2015-02-07 16:23 - 2015-02-07 16:23 - 00001920 _____ () C:\Users\Public\Desktop\HitmanPro.lnk2015-02-07 16:23 - 2015-02-07 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro2015-02-07 16:23 - 2015-02-07 16:23 - 00000000 ____D () C:\Program Files\HitmanPro2015-02-07 08:31 - 2015-02-07 08:33 - 04214344 _____ () C:\Users\jonah_000\Desktop\020715-36453-01.dmp2015-02-05 17:59 - 2015-02-05 17:59 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\Steam2015-02-04 19:12 - 2014-12-09 16:21 - 00037184 _____ (Razer, Inc.) C:\windows\system32\Drivers\rzpmgrk.sys2015-02-04 17:52 - 2015-02-10 15:57 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-04 17:52 - 2015-02-10 11:14 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-03 20:00 - 2015-02-03 20:00 - 00004773 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AtrazineChecker.lnk2015-02-02 21:13 - 2015-02-02 21:14 - 00000005 _____ () C:\Users\jonah_000\Desktop\SafeProcess.txt2015-02-01 20:04 - 2015-02-01 20:03 - 00191400 _____ (Oracle Corporation) C:\windows\system32\javaw.exe2015-02-01 20:04 - 2015-02-01 20:03 - 00190888 _____ (Oracle Corporation) C:\windows\system32\java.exe2015-02-01 20:04 - 2015-02-01 20:03 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll2015-02-01 20:04 - 2015-02-01 20:02 - 00897960 _____ (Oracle Corporation) C:\windows\SysWOW64\npdeployJava1.dll2015-02-01 20:04 - 2015-02-01 20:02 - 00818088 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll2015-02-01 20:04 - 2015-02-01 20:02 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe2015-02-01 20:04 - 2015-02-01 20:02 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe2015-02-01 20:04 - 2015-02-01 20:02 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe2015-02-01 20:04 - 2015-02-01 20:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll2015-02-01 15:22 - 2015-02-01 15:22 - 00215416 _____ () C:\windows\SysWOW64\PnkBstrB.exe2015-02-01 15:16 - 2015-02-01 15:16 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\ESN2015-01-31 23:36 - 2015-01-31 23:42 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy2015-01-31 23:34 - 2015-01-31 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy2015-01-31 23:32 - 2015-01-31 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox2015-01-31 23:32 - 2015-01-31 23:32 - 00000000 ____D () C:\Program Files\Oracle2015-01-31 23:32 - 2014-11-21 14:57 - 00916024 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxDrv.sys2015-01-31 23:32 - 2014-11-21 14:55 - 00128080 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxUSBMon.sys2015-01-31 23:31 - 2015-01-31 23:31 - 00740775 _____ () C:\ProgramData\AndyDrivers.zip2015-01-31 11:35 - 2015-01-31 11:46 - 00000013 _____ () C:\Users\jonah_000\Desktop\ATprocess.txt2015-01-31 09:49 - 2015-01-31 09:49 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00377856 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\dplayx.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\dpnathlp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnathlp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpwsockx.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\dpnsvr.exe2015-01-31 09:49 - 2015-01-31 09:49 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnsvr.exe2015-01-31 09:49 - 2015-01-31 09:49 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dplaysvr.exe2015-01-31 09:49 - 2015-01-31 09:49 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpmodemx.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhupnp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhpast.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhupnp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhpast.dll2015-01-31 09:48 - 2015-01-31 09:52 - 00000000 ____D () C:\Users\jonah_000\Documents\GTA San Andreas User Files2015-01-30 18:35 - 2015-01-30 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2015-01-30 18:35 - 2015-01-30 18:35 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2015-01-27 19:12 - 2015-01-27 19:12 - 00000000 ____D () C:\windows\SysWOW64\NV2015-01-27 19:12 - 2015-01-27 19:12 - 00000000 ____D () C:\windows\system32\NV2015-01-27 19:11 - 2015-01-09 17:29 - 00075080 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll2015-01-27 19:11 - 2015-01-09 17:29 - 00062608 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll2015-01-27 19:10 - 2015-01-10 02:07 - 32102544 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 25459856 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll2015-01-27 19:10 - 2015-01-10 02:07 - 24765584 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll2015-01-27 19:10 - 2015-01-10 02:07 - 20465296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll2015-01-27 19:10 - 2015-01-10 02:07 - 18566296 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 17250776 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 16009120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll2015-01-27 19:10 - 2015-01-10 02:07 - 14115944 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll2015-01-27 19:10 - 2015-01-10 02:07 - 13295552 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll2015-01-27 19:10 - 2015-01-10 02:07 - 13210248 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll2015-01-27 19:10 - 2015-01-10 02:07 - 10774544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll2015-01-27 19:10 - 2015-01-10 02:07 - 10714488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll2015-01-27 19:10 - 2015-01-10 02:07 - 10274448 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys2015-01-27 19:10 - 2015-01-10 02:07 - 03607184 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll2015-01-27 19:10 - 2015-01-10 02:07 - 03298816 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 03245712 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll2015-01-27 19:10 - 2015-01-10 02:07 - 02902456 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll2015-01-27 19:10 - 2015-01-10 02:07 - 01895240 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434725.dll2015-01-27 19:10 - 2015-01-10 02:07 - 01556808 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434725.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00994712 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00969360 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00942736 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00929424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00906384 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00877488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00496456 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00399688 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00390472 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00353040 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00345744 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00305320 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00177624 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00164568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00031376 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys2015-01-27 19:10 - 2015-01-10 02:07 - 00027441 _____ () C:\windows\system32\nvinfo.pb2015-01-27 19:06 - 2015-02-08 10:57 - 00001691 _____ () C:\windows\setupact.log2015-01-27 19:06 - 2015-01-27 19:06 - 00000000 _____ () C:\windows\setuperr.log2015-01-27 18:43 - 2015-01-27 18:43 - 00002542 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battlestar Galactica.lnk2015-01-25 10:24 - 2015-01-25 10:24 - 00000000 ____D () C:\ProgramData\Deskto2015-01-24 09:17 - 2015-01-24 09:17 - 00002384 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Godfather.lnk2015-01-22 18:53 - 2015-01-22 18:53 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\TaiG2015-01-22 17:54 - 2015-01-22 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime2015-01-22 17:53 - 2015-01-22 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-01-22 17:51 - 2015-01-22 17:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-01-22 17:51 - 2015-01-22 17:53 - 00000000 ____D () C:\Program Files\iTunes2015-01-22 17:51 - 2015-01-22 17:53 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-01-22 17:51 - 2015-01-22 17:51 - 00000000 ____D () C:\Program Files\iPod2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys2015-01-17 21:45 - 2015-01-17 21:45 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\.StarMade2015-01-14 16:53 - 2015-02-01 15:34 - 00004324 _____ () C:\windows\PFRO.log2015-01-14 16:48 - 2015-02-10 13:02 - 01332771 _____ () C:\windows\WindowsUpdate.log2015-01-11 20:36 - 2012-01-15 17:55 - 00000000 ____D () C:\Users\jonah_000\Desktop\Spoof extensions2015-01-11 10:47 - 2015-02-10 15:53 - 00004978 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JONAH-jonah_000 Jonah ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-10 16:00 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru2015-02-10 15:33 - 2014-01-04 22:25 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2015-02-10 11:31 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness2015-02-10 11:24 - 2013-12-25 08:25 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3184068216-3506866942-1434303448-10022015-02-10 11:16 - 2014-06-28 10:21 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\CrashDumps2015-02-10 11:15 - 2014-12-18 04:33 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-02-10 11:15 - 2014-06-04 15:43 - 00000000 ___RD () C:\Users\jonah_000\SkyDrive2015-02-10 11:15 - 2013-12-26 20:44 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\Adobe2015-02-10 11:13 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-02-10 11:11 - 2013-12-25 08:15 - 00000000 ____D () C:\Users\jonah_0002015-02-10 11:11 - 2013-10-30 16:02 - 00031232 _____ () C:\windows\system32\VfService.trf2015-02-10 11:03 - 2014-06-24 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit2015-02-10 10:29 - 2013-08-28 02:36 - 00915466 _____ () C:\windows\system32\PerfStringBackup.INI2015-02-10 01:42 - 2013-12-25 08:15 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\Pokki2015-02-09 20:39 - 2013-12-25 08:26 - 00000000 ____D () C:\Program Files (x86)\Steam2015-02-09 19:40 - 2013-12-25 08:56 - 11292160 ___SH () C:\Users\jonah_000\Desktop\Thumbs.db2015-02-09 19:37 - 2013-12-25 09:33 - 00000000 ____D () C:\windows\Minidump2015-02-09 19:33 - 2013-12-26 14:44 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Skype2015-02-09 11:15 - 2013-12-27 10:09 - 00000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe PNG Format CC Prefs2015-02-08 13:05 - 2014-01-10 23:32 - 00000000 ____D () C:\Users\jonah_000\Desktop\2160p ULTRA HD Wallpaper collection2015-02-07 19:39 - 2014-06-30 15:41 - 00000000 ____D () C:\ProgramData\ProductData2015-02-07 10:05 - 2013-12-25 10:33 - 00000000 ____D () C:\ProgramData\Package Cache2015-02-07 08:43 - 2014-05-10 15:16 - 00059105 _____ () C:\windows\system32\lvcoinst.log2015-02-06 18:09 - 2013-08-22 08:44 - 05249440 _____ () C:\windows\system32\FNTCACHE.DAT2015-02-05 22:59 - 2014-12-13 12:17 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-04 19:11 - 2014-03-12 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer2015-02-04 18:33 - 2014-01-04 22:25 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2015-02-04 18:26 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache2015-02-04 17:52 - 2014-03-12 19:22 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-04 17:52 - 2014-03-12 19:22 - 00003654 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-02 21:14 - 2013-12-26 13:38 - 00000000 ____D () C:\Users\jonah_000\Desktop\NOTES2015-02-02 20:39 - 2013-12-25 10:47 - 00000000 ____D () C:\Users\jonah_000\Documents\Visual Studio 20132015-02-01 20:04 - 2014-03-10 22:01 - 00000000 ____D () C:\Program Files\Java2015-02-01 20:04 - 2013-12-25 08:52 - 00000000 ____D () C:\ProgramData\Oracle2015-02-01 20:04 - 2013-12-25 08:51 - 00000000 ____D () C:\Program Files (x86)\Java2015-02-01 20:03 - 2014-03-10 22:02 - 00319912 _____ (Oracle Corporation) C:\windows\system32\javaws.exe2015-02-01 18:39 - 2013-12-25 08:34 - 00000000 ____D () C:\Users\jonah_000\Desktop\GAMES2015-02-01 15:34 - 2013-12-29 22:38 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins2015-02-01 15:29 - 2014-04-05 19:22 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\OBS2015-02-01 15:13 - 2014-04-05 19:22 - 00000000 ____D () C:\Program Files\OBS2015-02-01 14:50 - 2013-12-26 17:51 - 00000000 ____D () C:\Program Files (x86)\Origin2015-02-01 09:26 - 2014-12-10 18:37 - 00000298 _____ () C:\windows\Tasks\Uninstaller_SkipUac_jonah_000.job2015-02-01 09:24 - 2013-12-25 08:33 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2015-02-01 09:18 - 2013-10-30 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo2015-02-01 09:18 - 2013-10-30 15:56 - 00000000 ____D () C:\ProgramData\CyberLink2015-02-01 09:18 - 2013-10-30 15:54 - 00000000 ____D () C:\Program Files (x86)\Lenovo2015-02-01 09:18 - 2013-10-30 15:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-02-01 09:13 - 2014-06-27 12:13 - 00000000 ____D () C:\Users\jonah_000\VirtualBox VMs2015-02-01 09:13 - 2013-12-25 08:21 - 00002351 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk2015-01-31 23:41 - 2014-06-27 12:13 - 00000000 ____D () C:\Users\jonah_000\.VirtualBox2015-01-31 22:50 - 2014-01-16 11:09 - 00000000 ____D () C:\Program Files (x86)\WarThunder2015-01-31 12:26 - 2014-07-03 11:37 - 00000000 ___RD () C:\Users\jonah_000\Dropbox2015-01-31 11:28 - 2014-06-29 15:19 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Dropbox2015-01-31 10:00 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp2015-01-30 20:50 - 2014-10-08 12:16 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-01-28 19:24 - 2014-06-30 15:31 - 00000000 ____D () C:\Users\jonah_000\Desktop\ICONS2015-01-27 19:12 - 2014-12-07 10:10 - 00000000 ____D () C:\ProgramData\NVIDIA2015-01-24 20:19 - 2014-01-04 22:14 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\LogMeIn Hamachi2015-01-24 17:38 - 2014-06-16 15:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-01-23 19:37 - 2014-12-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Overwolf2015-01-22 17:54 - 2014-07-27 11:58 - 00000000 ____D () C:\Program Files (x86)\QuickTime2015-01-22 17:51 - 2014-09-29 16:14 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692015-01-22 17:51 - 2014-02-08 21:32 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-01-16 00:41 - 2014-12-26 22:46 - 01278920 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll2015-01-16 00:41 - 2014-07-20 13:15 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll2015-01-16 00:41 - 2014-07-20 13:15 - 01316184 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll2015-01-16 00:41 - 2013-12-26 10:50 - 01514528 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll2015-01-13 17:04 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\LiveKernelReports ==================== Files in the root of some directories ======= 2013-12-27 10:09 - 2015-02-09 11:15 - 0000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe PNG Format CC Prefs2014-05-10 16:35 - 2014-05-11 08:15 - 0000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe PNG Format CS6 Prefs2014-04-17 20:42 - 2014-04-18 16:07 - 0000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe Targa Format CC Prefs2014-01-26 23:46 - 2014-09-17 18:52 - 0253440 ___SH () C:\Users\jonah_000\AppData\Roaming\Thumbs.db2014-01-26 11:48 - 2014-07-02 14:49 - 0001456 _____ () C:\Users\jonah_000\AppData\Local\Adobe Save for Web 13.0 Prefs2014-08-25 18:26 - 2014-08-25 18:26 - 0000000 _____ () C:\Users\jonah_000\AppData\Local\debuggee.mdmp2014-01-03 13:06 - 2015-01-03 22:20 - 0007600 _____ () C:\Users\jonah_000\AppData\Local\Resmon.ResmonCfg2014-06-28 14:40 - 2014-06-28 14:40 - 0000000 _____ () C:\Users\jonah_000\AppData\Local\test.txt2015-01-31 23:31 - 2015-01-31 23:31 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip2013-10-30 15:43 - 2013-10-30 15:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP:====================C:\Users\jonah_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfzbkjk.dllC:\Users\jonah_000\AppData\Local\Temp\HitmanPro.exeC:\Users\jonah_000\AppData\Local\Temp\jre-8u31-windows-au.exeC:\Users\jonah_000\AppData\Local\Temp\oct2D0F.tmp.exeC:\Users\jonah_000\AppData\Local\Temp\oct2F60.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION! LastRegBack: 2015-02-02 17:55 ==================== End Of Log ============================
  6. Step 07 C:\Program Files (x86)\Turbo Dismount\Turbo\TurboDismount\steam_api.dll a variant of Win32/Packed.VMProtect.ABD trojanC:\Sandbox\jonah_000\DefaultBox\user\current\AppData\Local\Temp\regedit_x64.exe a variant of Win32/Injector.Autoit.ABQ trojanC:\Sandbox\jonah_000\DefaultBox\user\current\AppData\Local\Temp\DCSCMIN\IMDCSC.exe a variant of Win32/Injector.Autoit.ABQ trojan
  7. Step 06 Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 2/10/2015Scan Time: 11:35:24 AMLogfile: Administrator: Yes Version: 2.00.4.1028Malware Database: v2015.02.10.09Rootkit Database: v2015.02.03.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: jonah_000 Scan Type: Threat ScanResult: CompletedObjects Scanned: 524453Time Elapsed: 18 min, 11 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
  8. Step 05 # AdwCleaner v4.110 - Logfile created 10/02/2015 at 11:11:15# Updated 05/02/2015 by Xplode# Database : 2015-02-09.1 [server]# Operating system : Windows 8.1 (x64)# Username : jonah_000 - JONAH# Running from : C:\Users\jonah_000\Desktop\AdwCleaner.exe# Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StageLightFolder Deleted : C:\Program Files\StageLightFile Deleted : C:\END ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKCU\Software\anchorfreeKey Deleted : HKCU\Software\PokkiKey Deleted : HKCU\Software\UpdaterEXKey Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEXData Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v27.0.1 (en-US) -\\ Google Chrome v40.0.2214.111 ************************* AdwCleaner[R0].txt - [2122 bytes] - [10/02/2015 11:10:24]AdwCleaner[s0].txt - [1957 bytes] - [10/02/2015 11:11:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2016 bytes] ##########
  9. Step 04 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.2 (02.02.2015:1)OS: Windows 8.1 x64Ran by jonah_000 on Tue 02/10/2015 at 11:03:34.66~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update jump flipSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util jump flip ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\jonah_000\AppData\Roaming\search protection"Successfully deleted: [Folder] "C:\Users\jonah_000\AppData\Roaming\updaterex"Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin" ~~~ FireFox Successfully deleted: [File] C:\Users\jonah_000\AppData\Roaming\mozilla\firefox\profiles\c0q31fre.default\user.jsSuccessfully deleted: [File] C:\Users\jonah_000\AppData\Roaming\mozilla\firefox\profiles\c0q31fre.default\invalidprefs.jsSuccessfully deleted the following from C:\Users\jonah_000\AppData\Roaming\mozilla\firefox\profiles\c0q31fre.default\prefs.js user_pref("extensions.xpiState", "{\"app-profile\":{\"iobitascsurfingprotection@iobit.com\":{\"d\":\"C:\\\\Users\\\\jonah_000\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Pr ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 02/10/2015 at 11:06:50.73End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. Thanks, I'll return to this thread when I finish malware removal.
  11. Yes it is the same computer, and the the thread closed after me not responding because all I saw was the And i never checked back to see the other admins response, If you unlocked the thread I would keep it going.
  12. Lately I have been getting blue screens, it started happening randomly about once a month. But now the bluescreens are becoming more frequent and I am now even more worried than I was before about the problems behind the random bluescreens. photo of bluescreen error : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (nvlddmkm.sys) https://dl.dropboxusercontent.com/u/186946666/FullSizeRender.jpg If I were to make an educated guess at what the problem is I would say that it is probably my Intel graphics drivers. A few months ago on a separate thread I posted about my graphics drivers crashing someone helped me re install my drivers. The crashing stopped but that's when I noticed that I would bluescreen instead of just crashing, it was like the problem had been replaced by a separate one. With a little Googling I found that this same BSOD error was related to graphics drivers which led me to believe that it was the drivers that are causing my BSOD's. I have a link for a minidump from my most recent BSOD https://dl.dropboxusercontent.com/u/186946666/020715-36453-01.dmp
  13. It turns out im still getting the memory problems
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.