Jump to content

JonahAnthony

Honorary Members
 View Profile  See their activity

  • Posts

    28

  • Joined

  • Last visited

 Content Type 

Everything posted by JonahAnthony

  1. JonahAnthony
    I completely restored my machine and everything is running well, I am now ready to reinstall my nvidia drivers.
  2. JonahAnthony
    Could I possibly just do a system restore to factory conditions?
  3. JonahAnthony
    https://dl.dropboxusercontent.com/u/186946666/021015-49421-01.zip
  4. JonahAnthony
    Just had my 5 BSOD in the last 2 days
  5. JonahAnthony
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015 Ran by jonah_000 at 2015-02-10 16:26:21 Running from C:\Users\jonah_000\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden .NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd) .NET Reflector Visual Studio Extension 8.3 (HKLM-x32\...\{78AB5E88-4A49-43FF-9657-37935971F355}) (Version: 8.3.3.115 - Red Gate Software Ltd) .NET Streamer (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\24ce9279ad03bb02) (Version: 4.0.0.4 - TRANSLU6DE) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) AlienFX for KoneXTD (Version: 1.02 - Roccat GmbH) Hidden altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC) Angry Birds Star Wars II 1.0.4 (HKLM-x32\...\Angry Birds Star Wars II 1.0.4) (Version: 1.0.4 - Cat-A-Cat) Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive) Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive) Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive) Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - ) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk) Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Maya 2015 (HKLM\...\Autodesk Maya 2015) (Version: 15.0.1335.0 - Autodesk) Autodesk Maya 2015 (Version: 15.0.1335.0 - Autodesk) Hidden Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.4.505 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Battlestar Galactica (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_f89da3e39e25e3d2803f4028a3b83c692154961e) (Version: v1.1.1 - Pokki) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games) BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC) Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games) Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) Camtasia Studio 8 (HKLM-x32\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation) CCG Launcher version 0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.7 - Custom Combat Gaming) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - ) Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios) Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios) Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - ) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden Dropbox (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Dropbox) (Version: 3.2.2 - Dropbox, Inc.) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo) Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden Entity Framework 6.1.0 Tools for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation) ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment) Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.4 - Telerik) Futuremark SystemInfo (HKLM-x32\...\{EC2B7377-A71D-4F99-87BC-792AE239D3B2}) (Version: 4.31.478.0 - Futuremark) GameMaker-Studio 1.3 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\GameMaker-Studio13) (Version: - YoYo Games Ltd.) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North) Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games) Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.) Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.212 - SurfRight B.V.) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java SE Development Kit 6 Update 39 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle) join.me (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.) Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive) K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - ) Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG) Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.26.1 - ELAN Microelectronic Corp.) Lenovo Reach (HKLM-x32\...\{0B5E0E89-4BCA-4035-BBA1-D1439724B6E2}) (Version: 1.1.0.166 - Stoneware, Inc.) Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo) LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden mental ray renderer for Autodesk Maya 2015 (HKLM\...\{BDF821F0-D64C-421D-0052-A9B995B20873}) (Version: 15.0.1335.0 - mental ray) Metro: Last Light © Deep Silver version 1 (HKLM-x32\...\TWV0cm9MYXN0TGlnaHQ=_is1) (Version: 1 - ) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Policies (HKLM-x32\...\{01C5A10F-AD9B-405B-853A-6659841A1242}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{3F7D7ED5-979A-4F96-AE25-DDA54B3E2D2B}) (Version: 10.0.1794.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 Query Tools English (HKLM-x32\...\{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Premium 2013 (HKLM-x32\...\{cbf78dde-975d-44b1-a5a1-17bdd063bf76}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee) MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0a1 - Mozilla) My Game Long Name (HKLM\...\UDK-b572340e-9cc0-405e-b9a9-2b6eaf1c762c) (Version: - Epic Games, Inc.) Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts) Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts) NEOTOKYO° (HKLM-x32\...\Steam App 244630) (Version: - STUDIO RADI-8) Netflix (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_f356775052cadffd19a420ccdfaa87ea13120bef) (Version: 1.0.4.56238 - Pokki) Nightly 37.0a1 (x86 en-US) (HKLM-x32\...\Nightly 37.0a1 (x86 en-US)) (Version: 37.0a1 - Mozilla) Nitro Pro 8 (HKLM\...\{6E7DFD3E-2E89-4F35-B4F2-D3301A4AD190}) (Version: 8.5.6.5 - Nitro) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access) Project3 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Project3) (Version: - ) Psychonauts (HKLM-x32\...\Steam App 3830) (Version: - Double Fine Productions) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis) Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.) Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Player for jonah_000 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) ROBLOX Studio 2013 for jonah_000 (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version: - Roccat GmbH) Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH) Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Snagit 12 (HKLM-x32\...\{a8dbd220-0251-433a-8cc0-8b2e0d67053b}) (Version: 12.1.0.1322 - TechSmith Corporation) Snagit 12 (x32 Version: 12.1.0 - TechSmith Corporation) Hidden Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Snoopy vs. The Red Baron (HKLM-x32\...\Snoopy vs. The Red Baron) (Version: - NAMCO BANDAI Games) SpaceEngine version 0.9.7.1 (HKLM-x32\...\{53E413B3-2417-4BD1-984D-8C92C81C231F}_is1) (Version: 0.9.7.1 - SpaceEngine) StageLight version 1.0.0.3508 (HKLM\...\StageLight) (Version: version 1.0.0.3508 - Open Labs, LLC.) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.40 - Bioware/EA) Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Start Menu (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - ) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC) Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version: - FIX Korea) Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Chronicles of Riddick: Escape From Butcher Bay (HKLM-x32\...\{A8DE8C34-7F51-4cc8-B326-C425793EE741}) (Version: 1.1 - http://www.vugames-europe.com) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Godfather (HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Pokki_923d0f1d35897f6a6a73ba838623cda94c4ab689) (Version: v1.2.5 - Pokki) Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics) Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH) TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden Unreal Engine (HKLM\...\{38F69744-A2C5-4913-813B-7001D6CDC130}) (Version: 1.0.3.0 - Epic Games, Inc.) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation) WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version: - Wargaming.net) Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden 用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 07-02-2015 10:04:34 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 07-02-2015 10:05:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 08-02-2015 13:06:28 Installed Energy Management ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0BFC49B4-9EBC-452A-83BB-7006879C0FD9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {203F8CBC-303D-47A0-B87C-4F5686BDDB23} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2013-08-05] () Task: {34CFF08F-4B2E-48A7-854C-A43E5A851634} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-18] (Microsoft Corporation) Task: {3897393D-62EC-43B2-9148-C10577FCFD24} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {39CD3564-A31C-4379-B8B8-437F0A061B85} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-06-05] () Task: {4A63C308-C092-42C9-BE48-A84804CC8175} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: {4F0912C2-D2B4-45D5-A4A6-E49031AFBD92} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JONAH-jonah_000 Jonah => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-12-18] (Microsoft Corporation) Task: {75D87707-117C-4238-9955-69E88DB22EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12] (Google Inc.) Task: {7E2457ED-AE91-421F-B3B2-1803D9AC7919} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {7F1DA4DC-790F-4ED2-82A9-AF30BA714ED5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12] (Google Inc.) Task: {9DD14DF8-6B14-4A34-9586-0CCD12DD8413} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit) Task: {A1653786-7815-43FE-A5A5-A13CC84DAF0D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {C4190425-7B78-4646-BF61-A988A2C5B62E} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-05-30] (TechSmith Corporation) Task: {C86B4162-A692-4FD8-BEE1-E651E0F6EE5F} - System32\Tasks\Uninstaller_SkipUac_jonah_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit) Task: {DBF70897-6037-4CAB-A879-1FD8D8D36909} - System32\Tasks\{674098D8-2BA8-4600-B450-F7FE60D55771} => pcalua.exe -a C:\Users\jonah_000\AppData\Local\Roblox\Versions\version-c04585a2d58a4f29\RobloxPlayerLauncher.exe -c -uninstall Task: {E0E9BEE5-9223-4D75-B1B5-345B66A3DF36} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE Task: {E1DC89D1-A59B-45C5-823A-BF3FF5A8159C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {EF7181CC-7252-4EDF-8A69-5024E1095621} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3184068216-3506866942-1434303448-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe Task: {FAA55874-33B1-4A82-B7C6-AAEF8D7986B6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-15] (Overwolf LTD) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: C:\windows\Tasks\Uninstaller_SkipUac_jonah_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============== 2014-12-07 10:10 - 2015-01-09 17:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-12-18 18:39 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-04-05 18:46 - 2014-11-02 11:08 - 00076152 _____ () C:\windows\system32\PnkBstrA.exe 2014-12-09 16:22 - 2014-12-09 16:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2013-10-30 16:02 - 2013-10-30 16:02 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe 2013-10-30 16:02 - 2013-10-30 16:02 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll 2013-12-13 12:20 - 2013-12-13 12:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2014-12-18 19:27 - 2014-12-18 19:27 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-07-19 12:57 - 2014-06-21 00:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-07-19 12:57 - 2014-06-21 00:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-12-24 19:21 - 2012-06-17 11:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll 2014-12-10 18:36 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2014-12-10 18:36 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2014-12-10 18:36 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2013-10-30 15:40 - 2013-08-08 14:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2015-02-05 22:59 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll 2015-02-05 22:59 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll 2015-02-05 22:59 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\jonah_000\SkyDrive:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive (2).old:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive (3).old:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive (4).old:ms-properties AlternateDataStreams: C:\Users\jonah_000\SkyDrive.old:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16368753.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16368753.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jonah_000\Desktop\2160p ULTRA HD Wallpaper collection\spectacular_desert_landscape-wallpaper-3840x2160.jpg ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Snagit 12.lnk" HKLM\...\StartupApproved\StartupFolder: => "Roccat Talk.lnk" HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run: => "OnekeyStudio" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Lenovo App Shop" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "RazerGameBooster" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Andy" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "puush" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Clownfish" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "CCleaner" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Advanced SystemCare 7" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "GameTracker" HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\StartupApproved\Run: => "Overwolf" ==================== Accounts: ============================= Administrator (S-1-5-21-3184068216-3506866942-1434303448-500 - Administrator - Disabled) Guest (S-1-5-21-3184068216-3506866942-1434303448-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3184068216-3506866942-1434303448-1004 - Limited - Enabled) jonah_000 (S-1-5-21-3184068216-3506866942-1434303448-1002 - Administrator - Enabled) => C:\Users\jonah_000 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The configuration registry database is corrupt. for C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error: (02/10/2015 11:55:57 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. System errors: ============= Error: (02/10/2015 11:54:32 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (02/10/2015 11:30:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 28845PhilinoTechnologies.FlappyBird. Error: (02/10/2015 11:30:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Evernote.Evernote. Error: (02/10/2015 11:30:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: McAfeeInc.06.McAfeeSecurityAdvisorforLenovo. Error: (02/10/2015 11:30:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: E0469640.CameraMan. Error: (02/10/2015 11:30:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 600CCC33.GIFViewer. Error: (02/10/2015 11:30:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: E046963F.LenovoSupport. Error: (02/10/2015 11:30:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.XboxCompanion. Error: (02/10/2015 11:30:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 34791E63.CanonInkjetPrintUtility. Error: (02/10/2015 11:30:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 4DF9E0F8.Netflix. Microsoft Office Sessions: ========================= Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 04:24:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 04:24:38 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. Error: (02/10/2015 11:55:59 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: The configuration registry database is corrupt. C:\Users\jonah_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (02/10/2015 11:55:59 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\jonah_000\Desktop\esetsmartinstaller_enu.exe Error: (02/10/2015 11:55:57 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\jonah_000\Desktop\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2015-01-14 19:08:33.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:33.195 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:31.516 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:31.391 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:24.444 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:24.319 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:15.930 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:08:15.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:07:23.014 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-14 19:07:22.874 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i7-4700MQ CPU @ 2.40GHz Percentage of memory in use: 65% Total physical RAM: 8104.27 MB Available physical RAM: 2833.54 MB Total Pagefile: 16296.27 MB Available Pagefile: 10806.64 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:891.98 GB) (Free:201.34 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 090CA1D4) Partition: GPT Partition Type. ==================== End Of Log ============================
  6. JonahAnthony
    Step 08 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015Ran by jonah_000 (administrator) on JONAH on 10-02-2015 16:25:00Running from C:\Users\jonah_000\DesktopLoaded Profiles: jonah_000 (Available profiles: jonah_000)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: IE)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\System32\PnkBstrA.exe() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-25] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-06-25] (Realtek Semiconductor)HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-14] (ELAN Microelectronics Corp.)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2015-02-08] (Lenovo (Beijing) Limited)HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2015-02-08] (Lenovo(beijing) Limited)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-18] (Intel Corporation)HKLM-x32\...\Run: [updateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exeWinlogon\Notify\igfxcui: igfxdev.dll [X]HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-09] (Valve Corporation)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-12-25] ()HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-01] (Electronic Arts)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [speech Recognition] => C:\windows\Speech\Common\sapisvr.exe [44032 2014-11-22] (Microsoft Corporation)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [sandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)HKU\S-1-5-21-3184068216-3506866942-1434303448-1002\...\RunOnce: [Application Restart #4] => C:\Users\jonah_000\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnkShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnkShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)Startup: C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\jonah_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnkShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No FileShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJBHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.comHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.comHKU\S-1-5-21-3184068216-3506866942-1434303448-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehpSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {4A5FBB3C-FFAE-4ED1-AAD3-984439924A8A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3184068216-3506866942-1434303448-1002 -> {4A5FBB3C-FFAE-4ED1-AAD3-984439924A8A} URL = SearchScopes: HKU\S-1-5-21-3184068216-3506866942-1434303448-1002 -> {F76957F1-0A2F-48B8-A4E1-712201AB50CF} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler: skype4com - No CLSID ValueHandler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Hosts: Hosts file not detected in the default directory FireFox:========FF ProfilePath: C:\Users\jonah_000\AppData\Roaming\Mozilla\Firefox\Profiles\c0q31fre.defaultFF SelectedSearchEngine: GoogleFF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: @nsroblox.roblox.com/launcher -> C:\Users\jonah_000\AppData\Local\Roblox\Versions\version-2c1f992c1a264ecc\\NPRobloxProxy.dll ( ROBLOX Corporation)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\jonah_000\AppData\Local\Roblox\Versions\version-2c1f992c1a264ecc\\NPRobloxProxy64.dll ( ROBLOX Corporation)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)FF Plugin HKU\S-1-5-21-3184068216-3506866942-1434303448-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)FF Extension: Advanced SystemCare Surfing Protection - C:\Users\jonah_000\AppData\Roaming\Mozilla\Firefox\Profiles\c0q31fre.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-10]FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHookFF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-09-28]StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Nightly\firefox.exe Chrome: =======CHR HomePage: Default -> hxxp://google.com/CHR StartupUrls: Default -> "hxxp://google.com/"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-18]CHR Extension: (Google Drive) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (Poper Blocker) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2014-03-12]CHR Extension: (YouTube) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]CHR Extension: (Adblock Plus) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-21]CHR Extension: (Weebly - Website Builder) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2014-03-12]CHR Extension: (Google Search) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]CHR Extension: (Google Wallet) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-25]CHR Extension: (Gmail) - C:\Users\jonah_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.)S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [760192 2015-01-10] ()R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2014-06-27] (Apple Inc.) [File not signed]S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2013-12-31] (Microsoft Corporation)S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123096 2014-12-24] (altPUG LLC)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [93016 2014-03-03] (EasyAntiCheat Ltd)R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-28] (ELAN Microelectronics Corp.)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-10-23] (Futuremark)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-02-07] (SurfRight B.V.)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-15] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-07-31] (Intel Corporation)R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-14] () [File not signed]R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-07-24] (Nitro PDF Software)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-01] (Electronic Arts)S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2014-11-02] ()R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-04-13] ()R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-30] ()S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-16] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-16] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-09-02] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2014-06-25] (Motorola Solutions, Inc.)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-08-05] (ELAN Microelectronic Corp.)S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic)R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)R3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [32512 2015-02-10] ()S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-25] (Intel Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3351520 2014-09-02] (Intel Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Corporation)R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-16] (Microsoft Corporation)S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-28] (Microsoft Corporation)S3 ChodDriver; \??\C:\windows\system32\drivers\ChodDriver.sys [X]S3 cpuz138; \??\C:\windows\TEMP\cpuz138\cpuz138_x64.sys [X]S3 GPUZ; \??\C:\windows\TEMP\GPUZ.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-10 16:25 - 2015-02-10 16:25 - 00035464 _____ () C:\Users\jonah_000\Desktop\FRST.txt2015-02-10 16:24 - 2015-02-10 16:25 - 00000000 ____D () C:\FRST2015-02-10 16:24 - 2015-02-10 16:24 - 02132992 _____ (Farbar) C:\Users\jonah_000\Desktop\FRST64.exe2015-02-10 16:22 - 2015-02-10 16:23 - 00000377 _____ () C:\Users\jonah_000\Desktop\ESETscan.txt2015-02-10 11:55 - 2015-02-10 11:55 - 02347384 _____ (ESET) C:\Users\jonah_000\Desktop\esetsmartinstaller_enu.exe2015-02-10 11:55 - 2015-02-10 11:55 - 00000000 ____D () C:\Program Files (x86)\ESET2015-02-10 11:54 - 2015-02-10 11:54 - 00001041 _____ () C:\Users\jonah_000\Desktop\MWBscan.txt2015-02-10 11:27 - 2015-02-10 11:11 - 00002096 _____ () C:\Users\jonah_000\Desktop\AdwCleaner[s0].txt2015-02-10 11:09 - 2015-02-10 11:11 - 00000000 ____D () C:\AdwCleaner2015-02-10 11:08 - 2015-02-10 11:08 - 02112512 _____ () C:\Users\jonah_000\Desktop\AdwCleaner.exe2015-02-10 11:06 - 2015-02-10 11:06 - 00001685 _____ () C:\Users\jonah_000\Desktop\JRT.txt2015-02-10 11:03 - 2015-02-10 11:03 - 01388274 _____ (Thisisu) C:\Users\jonah_000\Desktop\JRT.exe2015-02-09 21:23 - 2015-02-09 21:23 - 00000000 ____D () C:\windows\ERDNT2015-02-09 21:22 - 2015-02-09 21:22 - 00791393 _____ (Lars Hederer ) C:\Users\jonah_000\Desktop\erunt-setup.exe2015-02-09 21:22 - 2015-02-09 21:22 - 00000911 _____ () C:\Users\jonah_000\Desktop\NTREGOPT.lnk2015-02-09 21:22 - 2015-02-09 21:22 - 00000892 _____ () C:\Users\jonah_000\Desktop\ERUNT.lnk2015-02-09 21:22 - 2015-02-09 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2015-02-09 21:22 - 2015-02-09 21:22 - 00000000 ____D () C:\Program Files (x86)\ERUNT2015-02-09 19:46 - 2015-02-09 19:48 - 00002306 _____ () C:\Users\jonah_000\Desktop\Rkill.txt2015-02-09 19:46 - 2015-02-09 19:46 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\jonah_000\Desktop\rkill.exe2015-02-09 19:45 - 2015-02-10 11:17 - 00032512 _____ () C:\windows\system32\Drivers\hitmanpro37.sys2015-02-09 19:37 - 2015-02-09 19:38 - 00331456 _____ () C:\windows\Minidump\020915-50078-01.dmp2015-02-09 08:16 - 2015-02-09 19:36 - 1665490876 _____ () C:\windows\MEMORY.DMP2015-02-09 08:16 - 2015-02-09 08:17 - 00327744 _____ () C:\windows\Minidump\020915-65843-01.dmp2015-02-08 13:07 - 2015-02-08 13:07 - 00007250 _____ () C:\windows\DPINST.LOG2015-02-08 13:07 - 2015-02-08 13:06 - 00039008 _____ (Lenovo.) C:\windows\system32\Drivers\LhdX64.sys2015-02-08 13:07 - 2015-02-08 13:06 - 00019872 _____ (Lenovo (Beijing) Limited) C:\windows\system32\LenovoSDKEmSubSystem.dll2015-02-08 13:05 - 2015-02-08 13:05 - 52872808 _____ (Lenovo Group Limited ) C:\Users\jonah_000\Desktop\em8180214.exe2015-02-08 11:00 - 2015-02-08 11:04 - 00000000 ____D () C:\Users\jonah_000\Desktop\spare2015-02-07 20:43 - 2015-02-07 20:43 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe2015-02-07 19:35 - 2015-02-07 19:36 - 00325384 _____ () C:\windows\Minidump\020715-46296-01.dmp2015-02-07 16:23 - 2015-02-07 16:23 - 00001920 _____ () C:\Users\Public\Desktop\HitmanPro.lnk2015-02-07 16:23 - 2015-02-07 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro2015-02-07 16:23 - 2015-02-07 16:23 - 00000000 ____D () C:\Program Files\HitmanPro2015-02-07 08:31 - 2015-02-07 08:33 - 04214344 _____ () C:\Users\jonah_000\Desktop\020715-36453-01.dmp2015-02-05 17:59 - 2015-02-05 17:59 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\Steam2015-02-04 19:12 - 2014-12-09 16:21 - 00037184 _____ (Razer, Inc.) C:\windows\system32\Drivers\rzpmgrk.sys2015-02-04 17:52 - 2015-02-10 15:57 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-04 17:52 - 2015-02-10 11:14 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-03 20:00 - 2015-02-03 20:00 - 00004773 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AtrazineChecker.lnk2015-02-02 21:13 - 2015-02-02 21:14 - 00000005 _____ () C:\Users\jonah_000\Desktop\SafeProcess.txt2015-02-01 20:04 - 2015-02-01 20:03 - 00191400 _____ (Oracle Corporation) C:\windows\system32\javaw.exe2015-02-01 20:04 - 2015-02-01 20:03 - 00190888 _____ (Oracle Corporation) C:\windows\system32\java.exe2015-02-01 20:04 - 2015-02-01 20:03 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll2015-02-01 20:04 - 2015-02-01 20:02 - 00897960 _____ (Oracle Corporation) C:\windows\SysWOW64\npdeployJava1.dll2015-02-01 20:04 - 2015-02-01 20:02 - 00818088 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll2015-02-01 20:04 - 2015-02-01 20:02 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe2015-02-01 20:04 - 2015-02-01 20:02 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe2015-02-01 20:04 - 2015-02-01 20:02 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe2015-02-01 20:04 - 2015-02-01 20:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll2015-02-01 15:22 - 2015-02-01 15:22 - 00215416 _____ () C:\windows\SysWOW64\PnkBstrB.exe2015-02-01 15:16 - 2015-02-01 15:16 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\ESN2015-01-31 23:36 - 2015-01-31 23:42 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy2015-01-31 23:34 - 2015-01-31 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy2015-01-31 23:32 - 2015-01-31 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox2015-01-31 23:32 - 2015-01-31 23:32 - 00000000 ____D () C:\Program Files\Oracle2015-01-31 23:32 - 2014-11-21 14:57 - 00916024 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxDrv.sys2015-01-31 23:32 - 2014-11-21 14:55 - 00128080 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxUSBMon.sys2015-01-31 23:31 - 2015-01-31 23:31 - 00740775 _____ () C:\ProgramData\AndyDrivers.zip2015-01-31 11:35 - 2015-01-31 11:46 - 00000013 _____ () C:\Users\jonah_000\Desktop\ATprocess.txt2015-01-31 09:49 - 2015-01-31 09:49 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00377856 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\dplayx.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\dpnathlp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnathlp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpwsockx.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\dpnsvr.exe2015-01-31 09:49 - 2015-01-31 09:49 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnsvr.exe2015-01-31 09:49 - 2015-01-31 09:49 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dplaysvr.exe2015-01-31 09:49 - 2015-01-31 09:49 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpmodemx.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhupnp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnhpast.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhupnp.dll2015-01-31 09:49 - 2015-01-31 09:49 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\dpnhpast.dll2015-01-31 09:48 - 2015-01-31 09:52 - 00000000 ____D () C:\Users\jonah_000\Documents\GTA San Andreas User Files2015-01-30 18:35 - 2015-01-30 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2015-01-30 18:35 - 2015-01-30 18:35 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2015-01-27 19:12 - 2015-01-27 19:12 - 00000000 ____D () C:\windows\SysWOW64\NV2015-01-27 19:12 - 2015-01-27 19:12 - 00000000 ____D () C:\windows\system32\NV2015-01-27 19:11 - 2015-01-09 17:29 - 00075080 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll2015-01-27 19:11 - 2015-01-09 17:29 - 00062608 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll2015-01-27 19:10 - 2015-01-10 02:07 - 32102544 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 25459856 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll2015-01-27 19:10 - 2015-01-10 02:07 - 24765584 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll2015-01-27 19:10 - 2015-01-10 02:07 - 20465296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll2015-01-27 19:10 - 2015-01-10 02:07 - 18566296 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 17250776 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 16009120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll2015-01-27 19:10 - 2015-01-10 02:07 - 14115944 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll2015-01-27 19:10 - 2015-01-10 02:07 - 13295552 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll2015-01-27 19:10 - 2015-01-10 02:07 - 13210248 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll2015-01-27 19:10 - 2015-01-10 02:07 - 10774544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll2015-01-27 19:10 - 2015-01-10 02:07 - 10714488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll2015-01-27 19:10 - 2015-01-10 02:07 - 10274448 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys2015-01-27 19:10 - 2015-01-10 02:07 - 03607184 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll2015-01-27 19:10 - 2015-01-10 02:07 - 03298816 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 03245712 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll2015-01-27 19:10 - 2015-01-10 02:07 - 02902456 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll2015-01-27 19:10 - 2015-01-10 02:07 - 01895240 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434725.dll2015-01-27 19:10 - 2015-01-10 02:07 - 01556808 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434725.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00994712 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00969360 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00942736 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00929424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00906384 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00877488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00496456 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00399688 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00390472 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00353040 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00345744 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00305320 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00177624 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00164568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll2015-01-27 19:10 - 2015-01-10 02:07 - 00031376 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys2015-01-27 19:10 - 2015-01-10 02:07 - 00027441 _____ () C:\windows\system32\nvinfo.pb2015-01-27 19:06 - 2015-02-08 10:57 - 00001691 _____ () C:\windows\setupact.log2015-01-27 19:06 - 2015-01-27 19:06 - 00000000 _____ () C:\windows\setuperr.log2015-01-27 18:43 - 2015-01-27 18:43 - 00002542 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battlestar Galactica.lnk2015-01-25 10:24 - 2015-01-25 10:24 - 00000000 ____D () C:\ProgramData\Deskto2015-01-24 09:17 - 2015-01-24 09:17 - 00002384 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Godfather.lnk2015-01-22 18:53 - 2015-01-22 18:53 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\TaiG2015-01-22 17:54 - 2015-01-22 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime2015-01-22 17:53 - 2015-01-22 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-01-22 17:51 - 2015-01-22 17:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-01-22 17:51 - 2015-01-22 17:53 - 00000000 ____D () C:\Program Files\iTunes2015-01-22 17:51 - 2015-01-22 17:53 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-01-22 17:51 - 2015-01-22 17:51 - 00000000 ____D () C:\Program Files\iPod2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys2015-01-17 21:45 - 2015-01-17 21:45 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\.StarMade2015-01-14 16:53 - 2015-02-01 15:34 - 00004324 _____ () C:\windows\PFRO.log2015-01-14 16:48 - 2015-02-10 13:02 - 01332771 _____ () C:\windows\WindowsUpdate.log2015-01-11 20:36 - 2012-01-15 17:55 - 00000000 ____D () C:\Users\jonah_000\Desktop\Spoof extensions2015-01-11 10:47 - 2015-02-10 15:53 - 00004978 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JONAH-jonah_000 Jonah ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-10 16:00 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru2015-02-10 15:33 - 2014-01-04 22:25 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2015-02-10 11:31 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness2015-02-10 11:24 - 2013-12-25 08:25 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3184068216-3506866942-1434303448-10022015-02-10 11:16 - 2014-06-28 10:21 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\CrashDumps2015-02-10 11:15 - 2014-12-18 04:33 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-02-10 11:15 - 2014-06-04 15:43 - 00000000 ___RD () C:\Users\jonah_000\SkyDrive2015-02-10 11:15 - 2013-12-26 20:44 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\Adobe2015-02-10 11:13 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-02-10 11:11 - 2013-12-25 08:15 - 00000000 ____D () C:\Users\jonah_0002015-02-10 11:11 - 2013-10-30 16:02 - 00031232 _____ () C:\windows\system32\VfService.trf2015-02-10 11:03 - 2014-06-24 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit2015-02-10 10:29 - 2013-08-28 02:36 - 00915466 _____ () C:\windows\system32\PerfStringBackup.INI2015-02-10 01:42 - 2013-12-25 08:15 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\Pokki2015-02-09 20:39 - 2013-12-25 08:26 - 00000000 ____D () C:\Program Files (x86)\Steam2015-02-09 19:40 - 2013-12-25 08:56 - 11292160 ___SH () C:\Users\jonah_000\Desktop\Thumbs.db2015-02-09 19:37 - 2013-12-25 09:33 - 00000000 ____D () C:\windows\Minidump2015-02-09 19:33 - 2013-12-26 14:44 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Skype2015-02-09 11:15 - 2013-12-27 10:09 - 00000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe PNG Format CC Prefs2015-02-08 13:05 - 2014-01-10 23:32 - 00000000 ____D () C:\Users\jonah_000\Desktop\2160p ULTRA HD Wallpaper collection2015-02-07 19:39 - 2014-06-30 15:41 - 00000000 ____D () C:\ProgramData\ProductData2015-02-07 10:05 - 2013-12-25 10:33 - 00000000 ____D () C:\ProgramData\Package Cache2015-02-07 08:43 - 2014-05-10 15:16 - 00059105 _____ () C:\windows\system32\lvcoinst.log2015-02-06 18:09 - 2013-08-22 08:44 - 05249440 _____ () C:\windows\system32\FNTCACHE.DAT2015-02-05 22:59 - 2014-12-13 12:17 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-04 19:11 - 2014-03-12 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer2015-02-04 18:33 - 2014-01-04 22:25 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2015-02-04 18:26 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache2015-02-04 17:52 - 2014-03-12 19:22 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-04 17:52 - 2014-03-12 19:22 - 00003654 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-02 21:14 - 2013-12-26 13:38 - 00000000 ____D () C:\Users\jonah_000\Desktop\NOTES2015-02-02 20:39 - 2013-12-25 10:47 - 00000000 ____D () C:\Users\jonah_000\Documents\Visual Studio 20132015-02-01 20:04 - 2014-03-10 22:01 - 00000000 ____D () C:\Program Files\Java2015-02-01 20:04 - 2013-12-25 08:52 - 00000000 ____D () C:\ProgramData\Oracle2015-02-01 20:04 - 2013-12-25 08:51 - 00000000 ____D () C:\Program Files (x86)\Java2015-02-01 20:03 - 2014-03-10 22:02 - 00319912 _____ (Oracle Corporation) C:\windows\system32\javaws.exe2015-02-01 18:39 - 2013-12-25 08:34 - 00000000 ____D () C:\Users\jonah_000\Desktop\GAMES2015-02-01 15:34 - 2013-12-29 22:38 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins2015-02-01 15:29 - 2014-04-05 19:22 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\OBS2015-02-01 15:13 - 2014-04-05 19:22 - 00000000 ____D () C:\Program Files\OBS2015-02-01 14:50 - 2013-12-26 17:51 - 00000000 ____D () C:\Program Files (x86)\Origin2015-02-01 09:26 - 2014-12-10 18:37 - 00000298 _____ () C:\windows\Tasks\Uninstaller_SkipUac_jonah_000.job2015-02-01 09:24 - 2013-12-25 08:33 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2015-02-01 09:18 - 2013-10-30 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo2015-02-01 09:18 - 2013-10-30 15:56 - 00000000 ____D () C:\ProgramData\CyberLink2015-02-01 09:18 - 2013-10-30 15:54 - 00000000 ____D () C:\Program Files (x86)\Lenovo2015-02-01 09:18 - 2013-10-30 15:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-02-01 09:13 - 2014-06-27 12:13 - 00000000 ____D () C:\Users\jonah_000\VirtualBox VMs2015-02-01 09:13 - 2013-12-25 08:21 - 00002351 _____ () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk2015-01-31 23:41 - 2014-06-27 12:13 - 00000000 ____D () C:\Users\jonah_000\.VirtualBox2015-01-31 22:50 - 2014-01-16 11:09 - 00000000 ____D () C:\Program Files (x86)\WarThunder2015-01-31 12:26 - 2014-07-03 11:37 - 00000000 ___RD () C:\Users\jonah_000\Dropbox2015-01-31 11:28 - 2014-06-29 15:19 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Dropbox2015-01-31 10:00 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp2015-01-30 20:50 - 2014-10-08 12:16 - 00000000 ____D () C:\Users\jonah_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-01-28 19:24 - 2014-06-30 15:31 - 00000000 ____D () C:\Users\jonah_000\Desktop\ICONS2015-01-27 19:12 - 2014-12-07 10:10 - 00000000 ____D () C:\ProgramData\NVIDIA2015-01-24 20:19 - 2014-01-04 22:14 - 00000000 ____D () C:\Users\jonah_000\AppData\Local\LogMeIn Hamachi2015-01-24 17:38 - 2014-06-16 15:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-01-23 19:37 - 2014-12-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Overwolf2015-01-22 17:54 - 2014-07-27 11:58 - 00000000 ____D () C:\Program Files (x86)\QuickTime2015-01-22 17:51 - 2014-09-29 16:14 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692015-01-22 17:51 - 2014-02-08 21:32 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-01-16 00:41 - 2014-12-26 22:46 - 01278920 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll2015-01-16 00:41 - 2014-07-20 13:15 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll2015-01-16 00:41 - 2014-07-20 13:15 - 01316184 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll2015-01-16 00:41 - 2013-12-26 10:50 - 01514528 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll2015-01-13 17:04 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\LiveKernelReports ==================== Files in the root of some directories ======= 2013-12-27 10:09 - 2015-02-09 11:15 - 0000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe PNG Format CC Prefs2014-05-10 16:35 - 2014-05-11 08:15 - 0000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe PNG Format CS6 Prefs2014-04-17 20:42 - 2014-04-18 16:07 - 0000132 _____ () C:\Users\jonah_000\AppData\Roaming\Adobe Targa Format CC Prefs2014-01-26 23:46 - 2014-09-17 18:52 - 0253440 ___SH () C:\Users\jonah_000\AppData\Roaming\Thumbs.db2014-01-26 11:48 - 2014-07-02 14:49 - 0001456 _____ () C:\Users\jonah_000\AppData\Local\Adobe Save for Web 13.0 Prefs2014-08-25 18:26 - 2014-08-25 18:26 - 0000000 _____ () C:\Users\jonah_000\AppData\Local\debuggee.mdmp2014-01-03 13:06 - 2015-01-03 22:20 - 0007600 _____ () C:\Users\jonah_000\AppData\Local\Resmon.ResmonCfg2014-06-28 14:40 - 2014-06-28 14:40 - 0000000 _____ () C:\Users\jonah_000\AppData\Local\test.txt2015-01-31 23:31 - 2015-01-31 23:31 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip2013-10-30 15:43 - 2013-10-30 15:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP:====================C:\Users\jonah_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfzbkjk.dllC:\Users\jonah_000\AppData\Local\Temp\HitmanPro.exeC:\Users\jonah_000\AppData\Local\Temp\jre-8u31-windows-au.exeC:\Users\jonah_000\AppData\Local\Temp\oct2D0F.tmp.exeC:\Users\jonah_000\AppData\Local\Temp\oct2F60.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION! LastRegBack: 2015-02-02 17:55 ==================== End Of Log ============================
  7. JonahAnthony
    Step 07 C:\Program Files (x86)\Turbo Dismount\Turbo\TurboDismount\steam_api.dll a variant of Win32/Packed.VMProtect.ABD trojanC:\Sandbox\jonah_000\DefaultBox\user\current\AppData\Local\Temp\regedit_x64.exe a variant of Win32/Injector.Autoit.ABQ trojanC:\Sandbox\jonah_000\DefaultBox\user\current\AppData\Local\Temp\DCSCMIN\IMDCSC.exe a variant of Win32/Injector.Autoit.ABQ trojan
  8. JonahAnthony
    Step 06 Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 2/10/2015Scan Time: 11:35:24 AMLogfile: Administrator: Yes Version: 2.00.4.1028Malware Database: v2015.02.10.09Rootkit Database: v2015.02.03.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: jonah_000 Scan Type: Threat ScanResult: CompletedObjects Scanned: 524453Time Elapsed: 18 min, 11 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
  9. JonahAnthony
    Step 05 # AdwCleaner v4.110 - Logfile created 10/02/2015 at 11:11:15# Updated 05/02/2015 by Xplode# Database : 2015-02-09.1 [server]# Operating system : Windows 8.1 (x64)# Username : jonah_000 - JONAH# Running from : C:\Users\jonah_000\Desktop\AdwCleaner.exe# Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StageLightFolder Deleted : C:\Program Files\StageLightFile Deleted : C:\END ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}Key Deleted : HKCU\Software\anchorfreeKey Deleted : HKCU\Software\PokkiKey Deleted : HKCU\Software\UpdaterEXKey Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEXData Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v27.0.1 (en-US) -\\ Google Chrome v40.0.2214.111 ************************* AdwCleaner[R0].txt - [2122 bytes] - [10/02/2015 11:10:24]AdwCleaner[s0].txt - [1957 bytes] - [10/02/2015 11:11:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2016 bytes] ##########
  10. JonahAnthony
    Step 04 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.2 (02.02.2015:1)OS: Windows 8.1 x64Ran by jonah_000 on Tue 02/10/2015 at 11:03:34.66~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update jump flipSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util jump flip ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\jonah_000\AppData\Roaming\search protection"Successfully deleted: [Folder] "C:\Users\jonah_000\AppData\Roaming\updaterex"Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin" ~~~ FireFox Successfully deleted: [File] C:\Users\jonah_000\AppData\Roaming\mozilla\firefox\profiles\c0q31fre.default\user.jsSuccessfully deleted: [File] C:\Users\jonah_000\AppData\Roaming\mozilla\firefox\profiles\c0q31fre.default\invalidprefs.jsSuccessfully deleted the following from C:\Users\jonah_000\AppData\Roaming\mozilla\firefox\profiles\c0q31fre.default\prefs.js user_pref("extensions.xpiState", "{\"app-profile\":{\"iobitascsurfingprotection@iobit.com\":{\"d\":\"C:\\\\Users\\\\jonah_000\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Pr ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 02/10/2015 at 11:06:50.73End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  11. JonahAnthony
    Thanks, I'll return to this thread when I finish malware removal.
  12. JonahAnthony
  13. JonahAnthony
    Yes it is the same computer, and the the thread closed after me not responding because all I saw was the And i never checked back to see the other admins response, If you unlocked the thread I would keep it going.
  14. JonahAnthony
    Lately I have been getting blue screens, it started happening randomly about once a month. But now the bluescreens are becoming more frequent and I am now even more worried than I was before about the problems behind the random bluescreens. photo of bluescreen error : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (nvlddmkm.sys) https://dl.dropboxusercontent.com/u/186946666/FullSizeRender.jpg If I were to make an educated guess at what the problem is I would say that it is probably my Intel graphics drivers. A few months ago on a separate thread I posted about my graphics drivers crashing someone helped me re install my drivers. The crashing stopped but that's when I noticed that I would bluescreen instead of just crashing, it was like the problem had been replaced by a separate one. With a little Googling I found that this same BSOD error was related to graphics drivers which led me to believe that it was the drivers that are causing my BSOD's. I have a link for a minidump from my most recent BSOD https://dl.dropboxusercontent.com/u/186946666/020715-36453-01.dmp
  15. JonahAnthony
    It turns out im still getting the memory problems
  16. JonahAnthony
    oops my dropbox wont work.
  17. JonahAnthony
    Here is the log for hitman pro https://dl.dropboxusercontent.com/u/186946666/HitmanPro_20141202_2136.txt
  18. JonahAnthony
    Before I start I want to let you know that this comes from a post from earlier were I fixed some drivers that were crashing : https://forums.malwarebytes.org/index.php?/topic/161915-pc-memory-problems-and-freezing/ more info can be found there Recently I have noticed my PC was not running as well as it normally has. Google chrome and my other browsers load webpages very VERY slow compared to normal, and they crash alot. My computer has also been running slower overall, and had some weird driver and memory problems that I mentioned in my other post. I decided to scan my computer to make sure everything was ok I searched for virus's on my PC and I scanned it with many anti viruses, Malwarebytes, RogueKiller, TDSSKiller, HitmanPro. The results were few and far between. The only program to detect something bad was HitmanPro But here is the weird part, out of all programs Windows Defender detected a Trojan:Win32/Dynamer!ac in a hidden file (C:\Users\jonah_000\NkLviagAvmQR to be exact) The file cannot be deleted, even with cmd and its hidden from view when I use my file explorer, even with hidden files setting on. I tried searching for a start-up registry for the Trojan and couldn't find one. I navigated to the file directory provided by windows defender and found a file with an exe inside, it had a random name, and no signature on the file. I trashed it to my recycle bin and deleted it but I know it probably didn't do anything the file : note how you can't see it if I go to the parent directory :
  19. JonahAnthony
    Since I did what you said I haven't noticed the intel drivers or my browsers crashing, but i'm still a little worried about that file windows defender had found. I know file existed along with a exe with a random name, and without any signature on the file, I deleted it to recycle bin which probably didn't do much. The file is hidden from file explorer even when hidden files are checked on in settings but I navigated to the file because windows defender provided me with the location.
  20. JonahAnthony
    ok thank you
  21. JonahAnthony
    BIOS v3.05
  22. JonahAnthony
    I followed directions and installed everything successfully except for the BIOS v3.05. When I open it the program gives an error that says "DC gas gauge under 30%"
  23. JonahAnthony
  24. JonahAnthony
    I cant find programs named that
  25. JonahAnthony
    Lenovo ideapad y410p
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.