Jump to content

pum.bad.proxy


Recommended Posts

This topic will now be closed due to evidence of cracked or pirated software on this system.  I have no pirating software on my system that I know of. UTorrent has been removed. My friends and I used it to trade info for Skyrim only. If you can find anything else then I don't know about it. I just want help getting rid of my problem, if you can. I got this computer from a friend.

This is where I bought Malwarebytes last year.

 

 Id: 2HJ58-P31ZD

Key: *****

State: Licensed

Activated On: 05/19/14 23:55:02

Diagnostics.zip

Link to post
Share on other sites

  • Root Admin

The logs indicate that the computer is running AutoKMS which is not by accident and is designed to bypass and pirate Microsoft Windows and Office.

AutoKMS

I'm sorry but if you want further assistance then you need to remove AutoKMS and then send me a Private Message letting me know that you've removed it.

Thank you

Ron

Link to post
Share on other sites

  • Root Admin

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.

 

 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015
Ran by Jim (administrator) on BALLZACK on 13-02-2015 17:20:44
Running from C:\Users\Jim\Desktop
Loaded Profiles: Jim (Available profiles: Jim)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-06-25] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\MountPoints2: {887ac03c-fdee-11e3-828e-54271e3ea382} - "K:\VZW_Software_upgrade_assistant.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = drudgereport.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = drudgereport.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = drudgereport.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = drudgereport.com
HKU\S-1-5-21-2806064540-532032679-505906721-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = drudgereport.com
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2806064540-532032679-505906721-1002 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2806064540-532032679-505906721-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default
FF NewTab: drudgereport.com
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://drudgereport.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2806064540-532032679-505906721-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2806064540-532032679-505906721-1002: NDS.com/PlayerPlugin -> C:\Users\Jim\AppData\Local\DIRECTV Player\npPlayerPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\searchplugins\duckduckgo.xml
FF Extension: LavaFox V2-Blue - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\djziggy@gmail.com [2015-01-07]
FF Extension: LavaFox V2 - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\info@djzig.com [2015-01-07]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\iobitascsurfingprotection@iobit.com [2015-02-10]
FF Extension: Iplex to ALLPlayer - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\IplextoALL@ALLPlayer.org [2014-12-01]
FF Extension: BlackFox V2-Blue - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\zigboom.designs@gmail.com [2015-01-07]
FF Extension: LavaFox V2-Green - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\zigboom@ymail.com [2015-01-08]
FF Extension: Yahoo! Toolbar - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-02-11]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-13]
FF Extension: Autofill Forms - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\autofillForms@blueimp.net.xpi [2015-01-22]
FF Extension: Cleanest Addon Manager - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\cam@sdrocking.com.xpi [2014-06-03]
FF Extension: Classic Reload-Stop-Go Button - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\crsg@ArisT2_Noia4dev.xpi [2014-05-16]
FF Extension: YouTube mp3 - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\info@youtube-mp3.org.xpi [2015-02-05]
FF Extension: FireTube - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid0-w1UVmoLd6VGudaIERuRJCPQx1dQ@jetpack.xpi [2014-09-16]
FF Extension: Tabs on Bottom (Australis) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid1-OesGFwaQGIBASw@jetpack.xpi [2014-06-14]
FF Extension: Strict Pop-up Blocker - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2014-07-20]
FF Extension: Reddit Enhancement Suite - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-12-30]
FF Extension: YouTubeButton - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\lukeb2014@live.co.uk.xpi [2014-05-16]
FF Extension: MyBookmarks - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\mybookmarks@ma2ten.catsyawn.net.xpi [2015-02-11]
FF Extension: Saved Password Editor - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2015-02-07]
FF Extension: The Addon Bar (restored) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-05-16]
FF Extension: YouTube to MP3 - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\youtube2mp3@mondayx.de.xpi [2014-07-06]
FF Extension: Youtube Video and Mp3 Downloader (Stable) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{09e4684b-dcac-4608-8b7d-58bef11fc323}.xpi [2014-07-11]
FF Extension: AniWeather - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-12-30]
FF Extension: Search term highlighter - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{458482f0-90fb-4257-855f-0ba2790584f9}.xpi [2014-11-24]
FF Extension: Stylish - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-01-25]
FF Extension: Quick Translator - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-10-06]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-01-19]
FF Extension: YouTube High Definition - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-02-13]
FF Extension: Hide Tabbar - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}.xpi [2014-07-05]
FF Extension: {8d567ff9-ad25-4256-89df-ed5f9c79f9e2} - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{8d567ff9-ad25-4256-89df-ed5f9c79f9e2}.xpi [2014-11-16]
FF Extension: Exit Button Firefox - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{94B08592-E5B4-45ff-A0BE-C1D975458688}.xpi [2014-05-17]
FF Extension: GMarks - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}.xpi [2015-02-11]
FF Extension: StumbleUpon - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2015-02-06]
FF Extension: css converter - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{b01107c7-e77f-4d16-8eb6-93069ab7e3ba}.xpi [2014-07-09]
FF Extension: Adblock Plus - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15]
FF Extension: DownThemAll! - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-01-20]
FF Extension: Greasemonkey - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-26]
FF Extension: Metal Lion Australis Graphite - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{F2C70981-7CDC-4c46-ACF3-41F18693E79E}.xpi [2014-12-10]
FF Extension: Metal Lion Australis Scrollbars II - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{F6D83238-A31E-451d-8BCB-28F6BAFECF10}.xpi [2014-11-18]
FF Extension: Metal Lion Australis Scrollbars II - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{FDBAD97E-A258-4fe3-9CF6-60CF386C4422}.xpi [2014-11-18]
FF HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-13]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Profile: C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Retrovision Classic Movies) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmlhggpfoibmneibkkpicohhccepeb [2014-08-17]
CHR Extension: (Theme Creator) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2014-08-17]
CHR Extension: (Delicious) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\alajnhkahdgpjhcfklbbpklbaklhpamf [2014-08-17]
CHR Extension: (Google Docs) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-17]
CHR Extension: (TV) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-08-17]
CHR Extension: (YouTube) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-17]
CHR Extension: (Online Tvs 24/7 Live) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekljmehgggjhhbehkpacbmfmfcpkccm [2014-08-17]
CHR Extension: (Movie Night) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngccfgedappjafebpcacepnfhpgbfdd [2014-08-17]
CHR Extension: (Google Search) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-17]
CHR Extension: (Unofficial Google Bookmarks) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkeiaaimpifdppinlokmgolcnnnlnfa [2014-08-17]
CHR Extension: (Easy Subtitles) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmalcfodhbdonabbncapihcejmhaipp [2014-08-17]
CHR Extension: (Yahoo Extension) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-08-17]
CHR Extension: (Facebook Disconnect) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2014-08-17]
CHR Extension: (Settings Button) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eknfjkldccfacljdbofdodpiodfhcfkp [2014-08-17]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-08-17]
CHR Extension: (Don't track me Google) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbofhhdmcladcmmfjolgndfkpobecpg [2014-08-17]
CHR Extension: (Hollywood Movies Collection) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghpkehibgaepcdppgnhidaokdifdcmgn [2014-08-17]
CHR Extension: (Harley-Davidson-Black-Skull) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gickhbdmimnfeopafabkboagdbjllfbb [2014-09-30]
CHR Extension: (Hola Better Internet) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-17]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-08-17]
CHR Extension: (Vimeo Couch Mode) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif [2014-08-17]
CHR Extension: (Crackle) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-08-17]
CHR Extension: (Disconnect) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-08-17]
CHR Extension: (StumbleUpon) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2014-08-17]
CHR Extension: (Yidio) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2014-08-17]
CHR Extension: (G Disconnect) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglfocodeikakacbeoajjhnplhlaoook [2014-08-17]
CHR Extension: (Password Peek) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lclaiahiipkdhlgaepaklgpcggmgcfid [2014-08-17]
CHR Extension: (Currency Converter) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndokegkpdlafochibjpgjglkcamdpip [2014-08-17]
CHR Extension: (stingyTV) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpdhldalfjnjgbpeiafgbklgkgoojbh [2014-08-17]
CHR Extension: (LocalChromecast Player) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2014-08-17]
CHR Extension: (Google Wallet) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-17]
CHR Extension: (FREE TV) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbcjohbic [2014-08-17]
CHR Extension: (FlirtyMania free video chat) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaahapngnjijjgplpikimpaepddnfae [2014-08-17]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2014-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S3 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S4 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93344 2014-12-11] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [133280 2014-12-11] (CSIS Security Group)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [980768 2015-01-09] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [394520 2014-12-25] (Intel Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-25] (REALiX)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-12-25] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-11-15] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3759320 2015-02-10] (Realtek Semiconductor Corporation                           )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-12-11] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-11-11] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-11] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-13 17:20 - 2015-02-13 17:21 - 00035591 _____ () C:\Users\Jim\Desktop\FRST.txt
2015-02-13 03:14 - 2015-02-13 03:41 - 00000000 ____D () C:\Users\Jim\Desktop\White Noise
2015-02-13 02:26 - 2015-02-13 02:27 - 00013205 _____ () C:\Users\Jim\Desktop\frst.zip
2015-02-13 02:18 - 2015-02-13 02:18 - 02134016 _____ (Farbar) C:\Users\Jim\Desktop\FRST64.exe
2015-02-12 22:29 - 2015-02-13 02:16 - 00000292 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Jim.job
2015-02-12 22:29 - 2015-02-12 22:29 - 00002388 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Jim
2015-02-12 15:32 - 2015-02-12 15:40 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-02-12 14:39 - 2015-02-02 13:13 - 01388274 _____ (Thisisu) C:\Users\Jim\Desktop\JRT_NEW.exe
2015-02-12 12:02 - 2015-02-12 12:02 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Jim\Desktop\mbar-1.08.3.1004.exe
2015-02-12 11:42 - 2015-02-13 10:20 - 00001813 _____ () C:\Users\Jim\AppData\Roaming\MySyncFolder.lnk
2015-02-11 23:57 - 2015-02-12 11:42 - 00000000 __SHD () C:\aws
2015-02-11 23:56 - 2015-02-11 23:56 - 00000000 ____D () C:\Asus WebStorage
2015-02-11 23:52 - 2015-02-11 23:52 - 00001311 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2015-02-11 23:52 - 2015-02-11 23:52 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\awsRun
2015-02-11 14:43 - 2015-02-11 14:43 - 00000000 ____D () C:\Windows\LastGood
2015-02-11 14:43 - 2015-02-05 12:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-11 14:42 - 2015-02-05 16:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-11 14:42 - 2015-02-05 16:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-10 23:40 - 2015-02-10 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-02-10 23:39 - 2015-02-13 08:06 - 00001843 _____ () C:\Windows\setupact.log
2015-02-10 23:39 - 2015-02-10 23:39 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-10 23:38 - 2015-02-13 08:05 - 00003040 _____ () C:\Windows\PFRO.log
2015-02-10 23:29 - 2015-02-10 23:29 - 02112512 _____ () C:\Users\Jim\Desktop\adwcleaner_4.110.exe
2015-02-10 17:07 - 2015-02-10 17:08 - 39739064 _____ (Microsoft Corporation) C:\Users\Jim\Desktop\Windows-KB890830-x64-V5.21.exe
2015-02-10 15:25 - 2015-02-12 11:39 - 00002216 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-02-10 15:25 - 2015-02-10 15:25 - 00003180 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2015-02-10 15:25 - 2015-02-10 15:25 - 00002352 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_Jim
2015-02-10 15:25 - 2015-02-10 15:25 - 00000256 _____ () C:\Windows\Tasks\ASC8_SkipUac_Jim.job
2015-02-10 12:18 - 2015-02-13 17:20 - 00000000 ____D () C:\FRST
2015-02-10 11:01 - 2015-02-10 11:01 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-02-10 11:00 - 2015-02-10 11:00 - 03759320 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-02-10 05:24 - 2015-02-10 05:24 - 00001261 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-02-07 16:53 - 2015-02-07 16:53 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 16:53 - 2015-02-07 16:53 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 05:23 - 2015-02-10 20:23 - 00000000 ____D () C:\Users\Jim\AppData\Local\Popcorn-Time
2015-01-28 05:23 - 2015-01-28 05:23 - 00002266 _____ () C:\Users\Jim\Desktop\Popcorn Time.lnk
2015-01-28 05:23 - 2015-01-28 05:23 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-01-28 05:22 - 2015-01-28 05:23 - 00000000 ____D () C:\Users\Jim\AppData\Local\Popcorn Time
2015-01-27 00:23 - 2015-01-27 00:23 - 00003154 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-01-26 11:43 - 2015-01-26 16:58 - 00000344 _____ () C:\Windows\system32\.crusader
2015-01-23 09:42 - 2015-01-23 09:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ProductData
2015-01-23 09:42 - 2015-01-23 09:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ProductData
2015-01-23 08:45 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMB1.DLL
2015-01-23 08:43 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-01-23 08:43 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-01-23 08:32 - 2015-01-12 23:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-23 08:32 - 2015-01-10 03:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-23 08:32 - 2015-01-10 03:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-23 08:31 - 2015-01-16 01:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-01-23 08:31 - 2015-01-16 01:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-01-21 17:46 - 2015-02-10 23:36 - 00000000 ____D () C:\Windows\system32\log
2015-01-20 16:30 - 2015-02-11 23:34 - 00000000 ____D () C:\Users\Jim\Documents\dvd
2015-01-20 14:49 - 2015-01-27 00:20 - 00000000 ___RD () C:\Users\Jim\Desktop\DVD-R
2015-01-20 14:46 - 2015-02-11 23:49 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\DVD Flick
2015-01-20 14:46 - 2015-01-20 14:46 - 00001933 _____ () C:\Users\Jim\Desktop\DVD Flick.lnk
2015-01-20 14:45 - 2015-01-20 14:46 - 00000000 ____D () C:\Program Files (x86)\DVD Flick
2015-01-20 14:45 - 2008-08-31 13:27 - 00028672 _____ (-) C:\Windows\SysWOW64\mousewheel.ocx
2015-01-20 14:45 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2015-01-20 14:45 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2015-01-20 14:45 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2015-01-20 14:45 - 2004-03-09 00:00 - 00609824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2015-01-20 14:45 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-01-20 14:45 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2015-01-20 14:45 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2015-01-17 16:34 - 2015-01-17 16:34 - 00001208 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-01-17 16:34 - 2015-01-17 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-01-16 21:01 - 2015-01-16 23:04 - 2374221474 _____ () C:\Users\Jim\Desktop\AVN.Awards.Show.2014.720p._.x264-BATV.mkv
2015-01-14 04:30 - 2014-10-30 23:50 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2015-01-14 04:30 - 2014-10-30 22:30 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-01-14 04:30 - 2014-10-30 22:22 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-01-14 04:30 - 2014-10-30 21:12 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-01-14 00:09 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 00:09 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 00:09 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 00:09 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 00:09 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 00:09 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 00:09 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 00:09 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 00:09 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-13 17:19 - 2014-11-13 16:46 - 00000000 ___RD () C:\Users\Jim\Desktop\MP3
2015-02-13 16:58 - 2014-05-28 21:32 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-13 16:25 - 2014-11-12 01:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-13 14:47 - 2014-10-08 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-13 14:28 - 2015-01-12 12:49 - 01340875 _____ () C:\Windows\WindowsUpdate.log
2015-02-13 10:39 - 2014-05-04 13:59 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2806064540-532032679-505906721-1002
2015-02-13 10:20 - 2014-05-04 13:58 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\WebStorage
2015-02-13 08:05 - 2014-06-16 20:15 - 00000000 ____D () C:\Users\Jim\AppData\Local\Unity
2015-02-13 08:05 - 2014-02-13 02:11 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2015-02-13 08:05 - 2014-02-13 01:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-13 08:05 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-13 08:03 - 2013-08-22 08:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2015-02-13 07:32 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-13 00:57 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-12 13:37 - 2014-08-03 06:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-11 14:44 - 2014-12-27 22:17 - 00000000 ____D () C:\temp
2015-02-10 23:36 - 2015-01-12 15:21 - 00000000 ____D () C:\AdwCleaner
2015-02-10 15:25 - 2015-01-08 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-02-10 12:05 - 2015-01-08 10:13 - 00002107 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-02-10 10:18 - 2014-12-26 02:06 - 00002850 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Jim)
2015-02-10 05:42 - 2014-06-25 00:08 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-07 17:05 - 2013-12-12 03:47 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-07 16:56 - 2014-06-28 14:16 - 86310912 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-02-07 16:56 - 2014-06-28 14:16 - 05050368 _____ () C:\Windows\system32\config\DRIVERS.iodefrag.bak
2015-02-07 16:56 - 2014-06-28 14:16 - 00319488 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-02-07 16:56 - 2014-06-28 14:16 - 00069632 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-02-07 16:56 - 2014-06-28 14:16 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-02-07 16:53 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-05 16:01 - 2014-02-13 01:44 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-05 16:01 - 2014-02-13 01:44 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-05 14:07 - 2014-12-24 01:54 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 14:06 - 2014-02-13 01:44 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 07:50 - 2014-02-13 01:44 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-04 14:25 - 2014-11-12 01:00 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 21:08 - 2014-09-19 20:47 - 00000000 ____D () C:\Users\Jim\Downloads\Big Brother (Australia)
2015-01-29 17:49 - 2014-05-09 14:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-27 10:51 - 2014-11-16 13:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-26 21:48 - 2014-11-11 14:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 16:58 - 2014-11-11 14:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 11:43 - 2015-01-12 02:31 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-24 19:27 - 2014-08-10 01:43 - 00003584 _____ () C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-24 15:53 - 2014-07-06 19:08 - 00919040 ___SH () C:\Users\Jim\Desktop\Thumbs.db
2015-01-21 19:58 - 2014-12-30 18:52 - 00003164 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup
2015-01-21 19:57 - 2014-11-19 18:49 - 00003172 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update
2015-01-21 18:09 - 2014-12-09 13:02 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-20 14:35 - 2014-11-29 15:01 - 00000000 ____D () C:\Users\Jim\Documents\Outlook Files
2015-01-19 23:58 - 2015-01-01 18:19 - 00000000 ___RD () C:\Users\Jim\Desktop\Sims 3 Stuff
2015-01-18 23:48 - 2014-05-04 13:54 - 00000000 ____D () C:\Users\Jim
2015-01-18 12:27 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 16:34 - 2014-06-25 00:08 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\IObit
2015-01-17 16:33 - 2014-06-25 00:08 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-16 01:41 - 2014-06-04 04:42 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-01-16 01:41 - 2014-06-04 04:42 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-01-15 14:55 - 2014-06-25 00:09 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\ProductData
2015-01-14 18:53 - 2014-08-23 13:03 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-01-14 18:53 - 2014-08-23 13:03 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-01-14 13:30 - 2014-06-08 19:39 - 00000000 ____D () C:\ProgramData\Origin
2015-01-14 05:41 - 2014-06-25 00:08 - 00000000 ____D () C:\ProgramData\IObit
2015-01-14 04:36 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-01-14 04:36 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-14 04:36 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2015-01-14 04:35 - 2014-05-09 14:17 - 00000000 ____D () C:\Windows\system32\MRT

==================== Files in the root of some directories =======

2015-02-12 11:42 - 2015-02-13 10:20 - 0001813 _____ () C:\Users\Jim\AppData\Roaming\MySyncFolder.lnk
2014-07-07 04:37 - 2015-01-08 10:36 - 2746759663 _____ () C:\Users\Jim\AppData\Local\BTServer.log
2014-08-10 01:43 - 2015-01-24 19:27 - 0003584 _____ () C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-12 03:45 - 2013-12-12 03:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Jim\AppData\Local\Temp\HitmanPro.exe
C:\Users\Jim\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jim\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Jim\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Jim\AppData\Local\Temp\nvStInst.exe
C:\Users\Jim\AppData\Local\Temp\Quarantine.exe
C:\Users\Jim\AppData\Local\Temp\sqlite3.dll
C:\Users\Jim\AppData\Local\Temp\tmd_34013992.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-12 04:54

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
Ran by Jim at 2015-02-13 17:21:35
Running from C:\Users\Jim\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.15.6362.54439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.15.6362.54439 - Alcor Micro Corp.) Hidden
ALLConverter PRO 1.1 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version:  - ALLCinema, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.02 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.06.02 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4284 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version:  - )
Canon MX430 series User Registration (HKLM-x32\...\Canon MX430 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
EVGA PrecisionX 16 (HKLM-x32\...\{AB003477-F0A0-43CB-AD66-35B24F9EB4C5}) (Version: 5.2.6 - EVGA Corporation)
FilmOn HDi Player 3 (HKLM-x32\...\FilmOn HDi Player) (Version: 3.1.3857 - FilmOn.TV Networks)
Free FLV Player (HKLM-x32\...\Free FLV Player) (Version:  - )
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Heimdal (HKLM-x32\...\Heimdal) (Version: 1.10.3.686 - CSIS Security Group)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MP3jam 1.1.1.10 (HKLM-x32\...\MP3jam_is1) (Version: 1.1.1.10 - MP3jam)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenSubtitlesPlayer V4.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version:  - ALLCinema Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.0.1 - IObit)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Create a Pattern Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 Create a World Tool - Beta (HKLM-x32\...\{65761BAE-11E8-48FE-B30F-1F01011AB906}) (Version: 1.19.6 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Tropico 4 1.00 (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

26-01-2015 16:57:34 Checkpoint by HitmanPro
31-01-2015 05:58:46 Windows Modules Installer
07-02-2015 16:53:02 Windows Modules Installer
10-02-2015 10:20:27 Driver Booster : Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AD1F8AB-AF05-43A1-A089-FDD60DBBCF6C} - System32\Tasks\Uninstaller_SkipUac_Jim => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {0E724E66-D78B-44E5-89D4-D38585ECABE5} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2014-11-25] (EVGA Corp.)
Task: {194FE78C-6269-4A8B-A2B0-096B9C1BF1DE} - System32\Tasks\0814avtUpdateInfo => C:\ProgramData\Avg_Update_0814avt\0814avt_AVG-Secure-Search-Update.exe [2014-08-19] ()
Task: {1974B5B2-3679-4945-AD95-7CAAA4F0BB59} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2013-08-05] (ASUSTeK)
Task: {25B49655-3B83-401D-B947-61B4B53F695B} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {272DE8C9-61A8-43D6-9841-8AD59E5C059D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2015-01-08] ()
Task: {44D74BF7-5020-48B0-99AB-6091E7775E44} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {50A11D7A-66BD-4660-AE58-8FBFB5611A20} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {525D014E-AA29-4403-99C5-F3F21584A3C3} - System32\Tasks\ASC8_SkipUac_Jim => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {53E5C05F-7D59-49A9-9915-8BA804352ECB} - \AutoKMS No Task File <==== ATTENTION
Task: {599E1E02-7935-4013-AB8D-6B732CC47E42} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
Task: {5ED20A04-4B0A-4F0C-AE5F-1B862A695105} - System32\Tasks\Driver Booster SkipUAC (Jim) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {5F52613F-615D-4A3C-9D8D-E8C381551C40} - System32\Tasks\ALL Update => C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe [2011-08-17] ()
Task: {6BD3D69F-1B8F-406F-B8D6-E5C7B3772A49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6F8180C1-D9D9-4F7D-A383-EECE9178A375} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {73495981-61BA-4B1C-AE30-DD0542C3CEBE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {73820103-6B13-4DE0-B7E3-E09DE3477BDF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {73992560-4BDA-47E9-9E36-20C39B28A830} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {78C502AF-9C2B-4002-816E-0968E76E3D8C} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {91929AFE-CEF7-4D91-94A6-0DBA31AC397B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B47ECB26-579E-44B0-8537-3A06025C6813} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {B6DB94CF-3163-4BE4-8A32-437B4A8817EE} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-11-27] ()
Task: {BE347AEE-E388-42C0-9536-4A824A3B4C07} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {BF3F0EB1-25D0-468B-B3F9-50B613DDFD19} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-11-04] (IObit)
Task: {C127C928-7391-4627-A86A-24B84FB397B1} - System32\Tasks\{55DCF622-B853-4C27-BCD7-07B6CC63495A} => pcalua.exe -a C:\Users\Jim\Desktop\CursorFX_v2.11.exe -d C:\Users\Jim\Desktop
Task: {C74C0CF8-5A07-49A2-BB60-FE0F737B070E} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-18] (ASUSTeK Computer Inc.)
Task: {C995857A-6733-4CD9-91A6-260EF5E53F8F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EAA1986F-FC02-4DA9-AB19-7CFF8A4364FB} - System32\Tasks\ASUS\ASUS Launcher Helper => C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe [2013-10-28] (Microsoft)
Task: {EDDC0221-2F50-4814-A20D-341B998D3485} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2013-11-28] ()
Task: {F86F526D-A655-477B-8DA0-A8FC9F70ED7B} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-02] (ASUSTek Computer Inc.)
Task: C:\Windows\Tasks\0814avtUpdateInfo.job => C:\ProgramData\Avg_Update_0814avt\0814avt_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASC8_SkipUac_Jim.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Jim.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2014-02-13 02:06 - 2013-08-08 13:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2013-12-12 04:23 - 2012-04-24 05:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-02-13 02:04 - 2013-08-28 10:24 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-02-13 01:44 - 2015-02-05 14:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-14 04:51 - 2014-01-14 04:51 - 00091648 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\ASUSWSHomeCloudAPI.dll
2014-01-15 00:55 - 2014-01-15 00:55 - 01296704 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSService.exe
2015-02-10 15:25 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-06-25 00:08 - 2014-12-19 10:44 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-02-13 08:08 - 2015-02-13 08:08 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-13 02:04 - 2010-06-28 21:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-13 01:43 - 2013-08-19 14:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-10-14 23:28 - 2014-10-14 23:28 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-01-10 12:52 - 2015-01-09 19:11 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-01-10 12:52 - 2015-01-09 19:11 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-01-10 12:52 - 2015-01-09 19:11 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-01-10 12:52 - 2015-01-09 19:11 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-01-10 12:52 - 2015-01-09 19:11 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-01-10 12:52 - 2015-01-09 19:11 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2015-01-10 12:52 - 2015-01-09 19:12 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2015-02-10 15:25 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-02-10 15:25 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-02-10 15:25 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-01-26 16:58 - 2015-01-26 16:58 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-10 05:24 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-02-10 05:24 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-02-10 05:24 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Jim\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2806064540-532032679-505906721-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jim\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\startupreg: APSDaemon => c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
MSCONFIG\startupreg: DivXMediaServer => c:\program files (x86)\divx\divx media server\divxmediaserver.exe
MSCONFIG\startupreg: DivXUpdate => "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
MSCONFIG\startupreg: QuickTime Task => "c:\program files (x86)\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: uTorrent => "c:\users\jim\appdata\roaming\utorrent\utorrent.exe"  /minimized
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "Messenger (Yahoo!)"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "swg"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "ALLUpdate"

==================== Accounts: =============================

Administrator (S-1-5-21-2806064540-532032679-505906721-500 - Administrator - Disabled)
Guest (S-1-5-21-2806064540-532032679-505906721-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2806064540-532032679-505906721-1004 - Limited - Enabled)
Jim (S-1-5-21-2806064540-532032679-505906721-1002 - Administrator - Enabled) => C:\Users\Jim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2015 05:09:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 04:54:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 04:39:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 04:24:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 03:58:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 03:54:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 03:29:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 03:13:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 03:02:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/13/2015 02:43:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (02/13/2015 05:20:20 PM) (Source: DCOM) (EventID: 10010) (User: BALLZACK)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/13/2015 04:19:33 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 04:19:24 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 04:19:15 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 03:39:23 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 03:39:14 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 03:39:05 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 03:34:13 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 03:34:05 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/13/2015 03:33:56 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (02/13/2015 05:09:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 04:54:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 04:39:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 04:24:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 03:58:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 03:54:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 03:29:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 03:13:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 03:02:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/13/2015 02:43:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148


CodeIntegrity Errors:
===================================
  Date: 2015-01-26 11:33:11.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-26 01:48:21.113
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 22:00:15.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 21:54:34.350
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 21:54:34.297
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 11:05:01.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 10:50:43.487
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 10:50:43.487
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 07:45:16.273
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 07:36:48.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i7-4770S CPU @ 3.10GHz
Percentage of memory in use: 35%
Total physical RAM: 12227.21 MB
Available physical RAM: 7842.06 MB
Total Pagefile: 15171.21 MB
Available Pagefile: 9791.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1848.58 GB) (Free:1553.63 GB) NTFS
Drive e: (Elements) (Fixed) (Total:931.51 GB) (Free:854.33 GB) NTFS
Drive j: (My Book) (Fixed) (Total:2794.49 GB) (Free:1437.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: F56D093E)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 000BFEBC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Please read about these programs below.

IObit Advanced SystemCare 8
IObit Start Menu 8
Obit Uninstaller
Game Booster 3
Driver Booster



The company behind these products was found to be stealing the MBAM database.
Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.
Please see the following links and make up your own mind if you want to keep this on your system. If needed, your malware helper can help you remove it.


I wouild personally recommend not using these tools and in most cases they can be removed from the Control Panel, Add/Remove



Please read the following. Then run MSCONFIG and set it back to NORMAL and restart the computer.

Please read the following article cocerning the use of MSCONFIG
Msconfig Is Not A Startup Manager



Next, please run the following

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:


  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 
Next,

Restart the computer now and then run the following.

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.


Thank you

 

 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by Jim at 2015-02-15 12:40:07 Run:1
Running from C:\Users\Jim\Desktop
Loaded Profiles: Jim (Available profiles: Jim)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\MountPoints2: {887ac03c-fdee-11e3-828e-54271e3ea382} - "K:\VZW_Software_upgrade_assistant.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = drudgereport.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = drudgereport.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = drudgereport.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = drudgereport.com
HKU\S-1-5-21-2806064540-532032679-505906721-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = drudgereport.com
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2806064540-532032679-505906721-1002 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2806064540-532032679-505906721-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
C:\Windows\TEMP\cpuz137
C:\Users\Jim\AppData\Local\Temp\HitmanPro.exe
C:\Users\Jim\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jim\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Jim\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Jim\AppData\Local\Temp\nvStInst.exe
C:\Users\Jim\AppData\Local\Temp\Quarantine.exe
C:\Users\Jim\AppData\Local\Temp\sqlite3.dll
C:\Users\Jim\AppData\Local\Temp\tmd_34013992.exe
Task: {194FE78C-6269-4A8B-A2B0-096B9C1BF1DE} - System32\Tasks\0814avtUpdateInfo => C:\ProgramData\Avg_Update_0814avt\0814avt_AVG-Secure-Search-Update.exe [2014-08-19] ()
Task: {53E5C05F-7D59-49A9-9915-8BA804352ECB} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\0814avtUpdateInfo.job => C:\ProgramData\Avg_Update_0814avt\0814avt_AVG-Secure-Search-Update.exe
AlternateDataStreams: C:\Users\Jim\SkyDrive:ms-properties
EmptyTemp:
Reboot:

*****************

"HKU\S-1-5-21-2806064540-532032679-505906721-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{887ac03c-fdee-11e3-828e-54271e3ea382}" => Key deleted successfully.
HKCR\CLSID\{887ac03c-fdee-11e3-828e-54271e3ea382} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B" => Key deleted successfully.
"HKCR\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O" => Key deleted successfully.
"HKCR\CLSID\{64174815-8D98-4CE6-8646-4C039977D809}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U" => Key deleted successfully.
"HKCR\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value deleted successfully.
HKU\S-1-5-21-2806064540-532032679-505906721-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.
HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.
HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.
HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found.
"HKU\S-1-5-21-2806064540-532032679-505906721-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.
HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKU\S-1-5-21-2806064540-532032679-505906721-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2 => Key not found.
C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2 => Key not found.
C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll not found.
cpuz137 => Service deleted successfully.
"C:\Windows\TEMP\cpuz137" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\HitmanPro.exe" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\nvSCPAPI.dll" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\nvSCPAPI64.dll" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\nvSCPAPISvr.exe" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\nvStInst.exe" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
"C:\Users\Jim\AppData\Local\Temp\tmd_34013992.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{194FE78C-6269-4A8B-A2B0-096B9C1BF1DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{194FE78C-6269-4A8B-A2B0-096B9C1BF1DE}" => Key deleted successfully.
C:\Windows\System32\Tasks\0814avtUpdateInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0814avtUpdateInfo" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{53E5C05F-7D59-49A9-9915-8BA804352ECB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53E5C05F-7D59-49A9-9915-8BA804352ECB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\Windows\Tasks\0814avtUpdateInfo.job => Moved successfully.
C:\Users\Jim\SkyDrive => ":ms-properties" ADS removed successfully.
EmptyTemp: => Removed 260.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 12:41:29 ====

 

 

 

 

Link to post
Share on other sites

  • Root Admin

How is the system running?

 

Are you still having signs of an infection?

 

What did you decide about iObit ?

 

 

 

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!

 

 

 

Link to post
Share on other sites

I still have the problem.

 

 Results of screen317's Security Check version 0.99.96  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2015   
Windows Defender                  
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.305  
 Adobe Reader XI  
 Mozilla Firefox (35.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

I'm also getting 2 errors on start up

 

There was a problem starting C:\System32\LogiDA.dll

The specified module cannot be found.

There was a problem starting C\Windows\System32\nvspcap64.dll

The specified module cannot be found.

 

The system is running slow.

 

Drive j: (My Book) (Fixed) (Total:2794.49 GB) (Free:1429.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: F56D093E)

Partition: GPT Partition Type.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 000BFEBC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

LastRegBack: 2015-02-12 04:54

==================== End Of Log ============================

 

As far as IOBIT. I bought a program called PC Revive. It does basicaly the same thing as IOBIT System Care. They also have a free Start Menu program that's much better than IOBIT. I took your advice and downloaded Autorun SC and Autorun. I'm looking for a free Game Booster and Uninstaller now. I'm disabled and on a fixed income so what I do is try to find freeware. Can you think of any programs that would help keep my computer running well? I use CCleaner also. Any help or advice you can give me would be very much appreciated. Sorry it has taken me a little longer to answer you. We had a pretty big snow storm come thru and messed up both my power and Internet. I live in the mountains of Western North Carolina.

                                                                 Thank you,

                                                                               Jim

 

 

 

Link to post
Share on other sites

  • Root Admin

The 2 errors are from missing software but probably not really needed. The one is from your video card for game screen captures I believe. We can remove the entry to make the error go away. Otherwise you'd probably have to reinstall your Graphics driver to get it back.

 

The other appears to be for a LogiTech mouse but from what others say on the Web it's not needed and we can also remove that entry.

 

As for utilities to maintain the computer they really are not needed and some are close to Snake Oil. The system already takes pretty good care of itself automatically not like it was years ago. Messing with it too much actually can create problems on the computer.

 

 

Please run a new FRST scan and make sure you place a check mark in the Additions.txt check box and post back both new logs.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Jim at 2015-02-20 17:26:30
Running from C:\Users\Jim\Desktop\pum\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.15.6362.54439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.15.6362.54439 - Alcor Micro Corp.) Hidden
ALLConverter PRO 1.1 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version:  - ALLCinema, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.02 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.06.02 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4293 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Boost (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Boost 1.0.2) (Version: 1.0.2 - Reason Software Company Inc.)
Boost (Version: 1.0.2 - Reason Software Company Inc.) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version:  - )
Canon MX430 series User Registration (HKLM-x32\...\Canon MX430 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
EVGA PrecisionX 16 (HKLM-x32\...\{AB003477-F0A0-43CB-AD66-35B24F9EB4C5}) (Version: 5.2.6 - EVGA Corporation)
FilmOn HDi Player 3 (HKLM-x32\...\FilmOn HDi Player) (Version: 3.1.3857 - FilmOn.TV Networks)
Free FLV Player (HKLM-x32\...\Free FLV Player) (Version:  - )
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
Heimdal (HKLM-x32\...\Heimdal) (Version: 1.10.3.686 - CSIS Security Group)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MP3jam 1.1.1.10 (HKLM-x32\...\MP3jam_is1) (Version: 1.1.1.10 - MP3jam)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenSubtitlesPlayer V4.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version:  - ALLCinema Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Reviver (HKLM\...\PC Reviver) (Version: 2.0.0.44 - ReviverSoft LLC)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Start Menu Reviver (HKLM-x32\...\Start Menu Reviver) (Version: 2.5.0.18 - ReviverSoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Create a Pattern Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 Create a World Tool - Beta (HKLM-x32\...\{65761BAE-11E8-48FE-B30F-1F01011AB906}) (Version: 1.19.6 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Tropico 4 1.00 (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-02-2015 13:23:58 herdProtect before 7 removals
18-02-2015 23:14:12 PC Reviver Restore point 18/02/2015 - 23-14-09
20-02-2015 12:40:50 PC Reviver Restore point 20/02/2015 - 12-40-46
20-02-2015 14:09:19 PC Reviver Restore point 20/02/2015 - 14-09-19

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E724E66-D78B-44E5-89D4-D38585ECABE5} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2014-11-25] (EVGA Corp.)
Task: {12D85495-E5FA-4E7F-B5F5-8C22F252310D} - System32\Tasks\Start PC Reviver for BALLZACK@Jim(logon) => C:\Program Files\ReviverSoft\PC Reviver\PC Reviver.exe [2014-12-18] (ReviverSoft)
Task: {1974B5B2-3679-4945-AD95-7CAAA4F0BB59} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2013-08-05] (ASUSTeK)
Task: {25B49655-3B83-401D-B947-61B4B53F695B} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {272DE8C9-61A8-43D6-9841-8AD59E5C059D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {2E2FE85E-8962-4A73-8EF9-B8AB48982789} - System32\Tasks\Uninstaller_SkipUac_Jim => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {5F52613F-615D-4A3C-9D8D-E8C381551C40} - System32\Tasks\ALL Update => C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe [2011-08-17] ()
Task: {6BD3D69F-1B8F-406F-B8D6-E5C7B3772A49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6E4FDD51-2BE5-44FE-A73D-8AB7D72C21F5} - System32\Tasks\Boost => C:\Users\Jim\AppData\Roaming\Reason\Boost\boost.exe [2013-12-27] (Reason Software Company Inc.)
Task: {6F8180C1-D9D9-4F7D-A383-EECE9178A375} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {73495981-61BA-4B1C-AE30-DD0542C3CEBE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {73820103-6B13-4DE0-B7E3-E09DE3477BDF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {73992560-4BDA-47E9-9E36-20C39B28A830} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {815C9E90-8235-4060-99BF-4CD9CF960021} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BALLZACK-Jim Ballzack => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
Task: {91929AFE-CEF7-4D91-94A6-0DBA31AC397B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {AA0FDB93-4629-45BC-8062-B372137917FD} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe [2014-09-17] (ReviverSoft)
Task: {B47ECB26-579E-44B0-8537-3A06025C6813} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {B6DB94CF-3163-4BE4-8A32-437B4A8817EE} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-11-27] ()
Task: {C127C928-7391-4627-A86A-24B84FB397B1} - System32\Tasks\{55DCF622-B853-4C27-BCD7-07B6CC63495A} => pcalua.exe -a C:\Users\Jim\Desktop\CursorFX_v2.11.exe -d C:\Users\Jim\Desktop
Task: {C74C0CF8-5A07-49A2-BB60-FE0F737B070E} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-18] (ASUSTeK Computer Inc.)
Task: {C995857A-6733-4CD9-91A6-260EF5E53F8F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EAA1986F-FC02-4DA9-AB19-7CFF8A4364FB} - System32\Tasks\ASUS\ASUS Launcher Helper => C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe [2013-10-28] (Microsoft)
Task: {EDDC0221-2F50-4814-A20D-341B998D3485} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2013-11-28] ()
Task: {F86F526D-A655-477B-8DA0-A8FC9F70ED7B} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-02] (ASUSTek Computer Inc.)
Task: {FF9E59F8-D020-4B1B-B0AF-DDDFAA308248} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Start PC Reviver for BALLZACK@Jim(logon).job => C:\Program Files\ReviverSoft\PC Reviver\PC Reviver.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Jim.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2014-02-13 01:44 - 2015-02-05 14:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-13 02:06 - 2013-08-08 13:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2013-12-12 04:23 - 2012-04-24 05:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-02-13 02:04 - 2013-08-28 10:24 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-12-18 03:33 - 2014-12-18 03:33 - 01150976 _____ () C:\Program Files\ReviverSoft\PC Reviver\SystemInfo-vc100-mt.dll
2014-01-23 16:06 - 2014-01-23 16:06 - 00586920 _____ () C:\Program Files\Microsoft Office\Office15\MSODCW.DLL
2014-12-18 03:40 - 2014-12-18 03:40 - 02135136 _____ () C:\Program Files\ReviverSoft\PC Reviver\ReviverSoft Smart Alerts Service.exe
2014-06-25 00:08 - 2014-12-19 10:44 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-02-20 10:06 - 2015-02-20 10:06 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-13 02:04 - 2010-06-28 21:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-13 01:43 - 2013-08-19 14:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-10 05:24 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-02-10 05:24 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-02-10 05:24 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-01-26 16:58 - 2015-01-26 16:58 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2806064540-532032679-505906721-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jim\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\startupreg: APSDaemon =>
MSCONFIG\startupreg: DivXMediaServer => c:\program files (x86)\divx\divx media server\divxmediaserver.exe
MSCONFIG\startupreg: DivXUpdate => "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
MSCONFIG\startupreg: QuickTime Task => "c:\program files (x86)\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: uTorrent =>
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "Messenger (Yahoo!)"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "swg"
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\StartupApproved\Run: => "ALLUpdate"

==================== Accounts: =============================

Administrator (S-1-5-21-2806064540-532032679-505906721-500 - Administrator - Disabled)
Guest (S-1-5-21-2806064540-532032679-505906721-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2806064540-532032679-505906721-1004 - Limited - Enabled)
Jim (S-1-5-21-2806064540-532032679-505906721-1002 - Administrator - Enabled) => C:\Users\Jim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2015 00:41:16 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000104,0x00530190,0000000000000000,0,000000DA916F1090,4096,[0]).


Operation:
   Query Shadow Copies

Error: (02/20/2015 00:35:24 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error

Error: (02/20/2015 04:22:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 04:07:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 03:52:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 03:37:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 03:22:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 03:07:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 02:52:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/20/2015 02:37:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: Activation of app AEONSoft.CineboxMovies_8gg1peq33730y!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (02/20/2015 05:26:39 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/20/2015 05:26:31 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/20/2015 05:26:22 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/20/2015 05:26:13 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/20/2015 05:26:05 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/20/2015 05:25:58 PM) (Source: DCOM) (EventID: 10010) (User: BALLZACK)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/20/2015 05:25:56 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/20/2015 05:25:50 PM) (Source: DCOM) (EventID: 10005) (User: BALLZACK)
Description: 1068workfolderssvcUnavailable{DA1C0281-456B-4F14-A46D-8ED2E21A866F}

Error: (02/20/2015 05:25:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Work Folders service depends on the Windows Search service which failed to start because of the following error:
%%1058

Error: (02/20/2015 05:25:50 PM) (Source: DCOM) (EventID: 10005) (User: BALLZACK)
Description: 1068workfolderssvcUnavailable{DA1C0281-456B-4F14-A46D-8ED2E21A866F}


Microsoft Office Sessions:
=========================
Error: (02/20/2015 00:41:16 PM) (Source: VSS) (EventID: 12305) (User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000104,0x00530190,0000000000000000,0,000000DA916F1090,4096,[0])

Operation:
   Query Shadow Copies

Error: (02/20/2015 00:35:24 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Unspecified error

Error: (02/20/2015 04:22:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 04:07:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 03:52:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 03:37:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 03:22:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 03:07:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 02:52:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148

Error: (02/20/2015 02:37:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BALLZACK)
Description: AEONSoft.CineboxMovies_8gg1peq33730y!App-2144927148


CodeIntegrity Errors:
===================================
  Date: 2015-02-14 03:41:57.373
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-26 11:33:11.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-26 01:48:21.113
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 22:00:15.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 21:54:34.350
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 21:54:34.297
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 11:05:01.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 10:50:43.487
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 10:50:43.487
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-25 07:45:16.273
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i7-4770S CPU @ 3.10GHz
Percentage of memory in use: 24%
Total physical RAM: 12227.21 MB
Available physical RAM: 9274.94 MB
Total Pagefile: 24515.21 MB
Available Pagefile: 20405.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1848.58 GB) (Free:1547.37 GB) NTFS
Drive e: (Elements) (Fixed) (Total:931.51 GB) (Free:854.37 GB) NTFS
Drive j: (My Book) (Fixed) (Total:2794.49 GB) (Free:1429.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: F56D093E)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 000BFEBC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.

==================== End Of Log ============================

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Jim (administrator) on BALLZACK on 20-02-2015 17:26:04
Running from C:\Users\Jim\Desktop\pum\FRST-OlderVersion
Loaded Profiles: Jim (Available profiles: Jim)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(Reason Software Company Inc.) C:\Users\Jim\AppData\Roaming\Reason\Boost\boost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ReviverSoft) C:\Program Files\ReviverSoft\PC Reviver\PC Reviver.exe
() C:\Program Files\ReviverSoft\PC Reviver\ReviverSoft Smart Alerts Service.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Users\Jim\AppData\Local\Temp\A0E888FE-6C35-4200-A2FF-55908F028D70\DismHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Users\Jim\AppData\Local\Temp\A33A5BF4-3C97-4E2C-8ECC-B7E32F677E92\DismHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-06-25] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default
FF NewTab: drudgereport.com
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://drudgereport.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2806064540-532032679-505906721-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\searchplugins\duckduckgo.xml
FF Extension: LavaFox V2-Blue - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\djziggy@gmail.com [2015-01-07]
FF Extension: LavaFox V2 - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\info@djzig.com [2015-01-07]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\iobitascsurfingprotection@iobit.com [2015-02-10]
FF Extension: Iplex to ALLPlayer - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\IplextoALL@ALLPlayer.org [2014-12-01]
FF Extension: BlackFox V2-Blue - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\zigboom.designs@gmail.com [2015-01-07]
FF Extension: LavaFox V2-Green - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\zigboom@ymail.com [2015-01-08]
FF Extension: Yahoo! Toolbar - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-02-11]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-13]
FF Extension: Autofill Forms - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\autofillForms@blueimp.net.xpi [2015-01-22]
FF Extension: Cleanest Addon Manager - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\cam@sdrocking.com.xpi [2014-06-03]
FF Extension: Classic Reload-Stop-Go Button - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\crsg@ArisT2_Noia4dev.xpi [2014-05-16]
FF Extension: YouTube mp3 - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\info@youtube-mp3.org.xpi [2015-02-05]
FF Extension: FireTube - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid0-w1UVmoLd6VGudaIERuRJCPQx1dQ@jetpack.xpi [2014-09-16]
FF Extension: Tabs on Bottom (Australis) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid1-OesGFwaQGIBASw@jetpack.xpi [2014-06-14]
FF Extension: Strict Pop-up Blocker - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2014-07-20]
FF Extension: Reddit Enhancement Suite - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-12-30]
FF Extension: YouTubeButton - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\lukeb2014@live.co.uk.xpi [2014-05-16]
FF Extension: MyBookmarks - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\mybookmarks@ma2ten.catsyawn.net.xpi [2015-02-11]
FF Extension: Saved Password Editor - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2015-02-07]
FF Extension: The Addon Bar (restored) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-05-16]
FF Extension: YouTube to MP3 - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\youtube2mp3@mondayx.de.xpi [2014-07-06]
FF Extension: Youtube Video and Mp3 Downloader (Stable) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{09e4684b-dcac-4608-8b7d-58bef11fc323}.xpi [2014-07-11]
FF Extension: AniWeather - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-12-30]
FF Extension: Search term highlighter - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{458482f0-90fb-4257-855f-0ba2790584f9}.xpi [2014-11-24]
FF Extension: Stylish - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-01-25]
FF Extension: Quick Translator - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-10-06]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2015-01-19]
FF Extension: YouTube High Definition - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-02-19]
FF Extension: Hide Tabbar - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}.xpi [2014-07-05]
FF Extension: Exit Button Firefox - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{94B08592-E5B4-45ff-A0BE-C1D975458688}.xpi [2014-05-17]
FF Extension: GMarks - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}.xpi [2015-02-11]
FF Extension: StumbleUpon - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2015-02-06]
FF Extension: Adblock Plus - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15]
FF Extension: DownThemAll! - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-01-20]
FF Extension: Greasemonkey - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-26]
FF Extension: Metal Lion Australis Theme - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{F2C70981-7CDC-4c46-ACF3-41F18693E79E}.xpi [2014-12-10]
FF Extension: Metal Lion Australis Graphite - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{F6D83238-A31E-451d-8BCB-28F6BAFECF10}.xpi [2014-11-18]
FF Extension: Metal Lion Australis Graphite - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\o513f7v3.default\Extensions\{FDBAD97E-A258-4fe3-9CF6-60CF386C4422}.xpi [2014-11-18]
FF HKU\S-1-5-21-2806064540-532032679-505906721-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-13]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Profile: C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Retrovision Classic Movies) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmlhggpfoibmneibkkpicohhccepeb [2014-08-17]
CHR Extension: (Theme Creator) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2014-08-17]
CHR Extension: (Delicious) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\alajnhkahdgpjhcfklbbpklbaklhpamf [2014-08-17]
CHR Extension: (Google Docs) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-17]
CHR Extension: (TV) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-08-17]
CHR Extension: (YouTube) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-17]
CHR Extension: (Online Tvs 24/7 Live) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekljmehgggjhhbehkpacbmfmfcpkccm [2014-08-17]
CHR Extension: (Movie Night) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngccfgedappjafebpcacepnfhpgbfdd [2014-08-17]
CHR Extension: (Google Search) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-17]
CHR Extension: (Unofficial Google Bookmarks) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkeiaaimpifdppinlokmgolcnnnlnfa [2014-08-17]
CHR Extension: (Easy Subtitles) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmalcfodhbdonabbncapihcejmhaipp [2014-08-17]
CHR Extension: (Yahoo Extension) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-08-17]
CHR Extension: (Facebook Disconnect) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2014-08-17]
CHR Extension: (Settings Button) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eknfjkldccfacljdbofdodpiodfhcfkp [2014-08-17]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-08-17]
CHR Extension: (Don't track me Google) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbofhhdmcladcmmfjolgndfkpobecpg [2014-08-17]
CHR Extension: (Hollywood Movies Collection) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghpkehibgaepcdppgnhidaokdifdcmgn [2014-08-17]
CHR Extension: (Harley-Davidson-Black-Skull) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gickhbdmimnfeopafabkboagdbjllfbb [2014-09-30]
CHR Extension: (Hola Better Internet) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-17]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-08-17]
CHR Extension: (Vimeo Couch Mode) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif [2014-08-17]
CHR Extension: (Crackle) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-08-17]
CHR Extension: (Disconnect) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-08-17]
CHR Extension: (StumbleUpon) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2014-08-17]
CHR Extension: (Yidio) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2014-08-17]
CHR Extension: (G Disconnect) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglfocodeikakacbeoajjhnplhlaoook [2014-08-17]
CHR Extension: (Password Peek) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lclaiahiipkdhlgaepaklgpcggmgcfid [2014-08-17]
CHR Extension: (Currency Converter) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndokegkpdlafochibjpgjglkcamdpip [2014-08-17]
CHR Extension: (stingyTV) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpdhldalfjnjgbpeiafgbklgkgoojbh [2014-08-17]
CHR Extension: (LocalChromecast Player) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2014-08-17]
CHR Extension: (Google Wallet) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-17]
CHR Extension: (FREE TV) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbcjohbic [2014-08-17]
CHR Extension: (FlirtyMania free video chat) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaahapngnjijjgplpikimpaepddnfae [2014-08-17]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2014-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S3 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S4 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93344 2014-12-11] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [133280 2014-12-11] (CSIS Security Group)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R3 ReviverSoft Smart Alerts Service; C:\Program Files\ReviverSoft\PC Reviver\ReviverSoft Smart Alerts Service.exe [2135136 2014-12-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 StartMenuReviverService; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [765048 2014-09-17] (ReviverSoft)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [394520 2014-12-25] (Intel Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-25] (REALiX)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-03-06] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-12-25] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-11-15] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3759320 2015-02-10] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-12-11] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-11-11] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-11] (Microsoft Corporation)
S3 WinRing0_1_2_0; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 18:06 - 2015-02-19 18:08 - 00056626 _____ () C:\Users\Jim\Desktop\FRST.txt
2015-02-19 18:06 - 2015-02-19 18:08 - 00040611 _____ () C:\Users\Jim\Desktop\Addition.txt
2015-02-19 18:01 - 2015-02-19 18:05 - 00000292 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Jim.job
2015-02-19 18:01 - 2015-02-19 18:01 - 00002388 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Jim
2015-02-19 17:54 - 2015-02-19 17:58 - 00000000 ____D () C:\Users\Jim\Desktop\pum
2015-02-19 16:38 - 2015-02-19 16:38 - 00000000 ____D () C:\ProgramData\PC Reviver.exe
2015-02-19 16:32 - 2015-02-19 16:32 - 02086912 _____ (Farbar) C:\Users\Jim\Desktop\FRST64.exe
2015-02-19 16:18 - 2015-02-20 10:04 - 00001044 _____ () C:\Windows\setupact.log
2015-02-19 16:18 - 2015-02-20 10:03 - 00013612 _____ () C:\Windows\PFRO.log
2015-02-19 16:18 - 2015-02-19 16:18 - 00000000 ____H () C:\asc_rdflag
2015-02-19 16:18 - 2015-02-19 16:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-18 21:23 - 2015-02-18 21:23 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2015-02-18 21:23 - 2015-02-18 21:23 - 00000000 ____D () C:\Users\Jim\AppData\Local\Stardock
2015-02-18 16:57 - 2015-02-18 16:57 - 00000000 ____D () C:\ProgramData\StartMenuReviver.exe
2015-02-18 16:56 - 2015-02-18 16:56 - 00003148 _____ () C:\Windows\System32\Tasks\ReviverSoft Start Menu Run once task
2015-02-18 16:56 - 2015-02-18 16:56 - 00001077 _____ () C:\Users\Public\Desktop\Start Menu Reviver.lnk
2015-02-18 16:49 - 2015-02-18 16:49 - 00000000 ____D () C:\Windows\system32\config\RRBackups
2015-02-18 16:26 - 2015-02-20 12:35 - 00000328 _____ () C:\Windows\Tasks\Start PC Reviver for BALLZACK@Jim(logon).job
2015-02-18 16:26 - 2015-02-18 16:56 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-02-18 16:26 - 2015-02-18 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-02-18 16:26 - 2015-02-18 16:56 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-02-18 16:26 - 2015-02-18 16:26 - 00002596 _____ () C:\Windows\System32\Tasks\Start PC Reviver for BALLZACK@Jim(logon)
2015-02-18 16:26 - 2015-02-18 16:26 - 00000977 _____ () C:\Users\Public\Desktop\PC Reviver.lnk
2015-02-18 16:05 - 2015-02-18 16:05 - 07980280 _____ (ReviverSoft) C:\Users\Jim\Desktop\StartMenuReviverSetup.exe
2015-02-18 16:01 - 2015-02-20 12:36 - 00004950 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for BALLZACK-Jim Ballzack
2015-02-16 00:50 - 2015-02-18 22:30 - 00000000 ____D () C:\Users\Jim\Desktop\Cody
2015-02-15 23:56 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-15 23:56 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-15 23:56 - 2015-01-10 02:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-15 23:56 - 2015-01-10 01:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-15 22:51 - 2015-02-15 22:51 - 00003904 _____ () C:\Windows\System32\Tasks\Boost
2015-02-15 22:50 - 2015-02-15 22:50 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\Reason
2015-02-15 22:50 - 2015-02-15 22:50 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boost
2015-02-15 22:43 - 2015-02-15 22:43 - 07761936 _____ (Reason Software Company Inc.) C:\Users\Jim\Desktop\installboost.exe
2015-02-15 22:33 - 2015-02-15 22:33 - 00001148 _____ () C:\Users\Public\Desktop\herdProtect.lnk
2015-02-15 22:33 - 2015-02-15 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2015-02-15 22:33 - 2015-02-15 22:33 - 00000000 ____D () C:\Program Files\Reason
2015-02-15 22:06 - 2015-02-15 22:06 - 00001308 _____ () C:\Users\Jim\Desktop\Should I Remove It.lnk
2015-02-15 22:06 - 2015-02-15 22:06 - 00000000 ____D () C:\Program Files (x86)\Reason
2015-02-15 21:27 - 2015-02-15 21:27 - 00573697 _____ () C:\Users\Jim\Desktop\Autoruns.zip
2015-02-14 15:54 - 2015-02-19 16:27 - 00007928 _____ () C:\JavaRa.log
2015-02-14 11:23 - 2015-02-14 11:23 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-14 11:23 - 2015-02-14 11:23 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-14 11:23 - 2015-02-14 11:23 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-14 11:23 - 2015-02-14 11:23 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-14 11:22 - 2015-02-14 11:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-14 11:22 - 2015-02-14 11:22 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-14 11:22 - 2015-02-14 11:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-14 11:22 - 2015-02-14 11:22 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-14 11:22 - 2015-02-14 11:22 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-14 11:21 - 2015-02-14 11:21 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-14 11:21 - 2015-02-14 11:21 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-14 11:21 - 2015-02-14 11:21 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-14 11:21 - 2015-02-14 11:21 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-14 11:21 - 2015-02-14 11:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-14 11:20 - 2015-02-14 11:20 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-14 11:20 - 2015-02-14 11:20 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-14 11:20 - 2015-02-14 11:20 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-14 11:19 - 2015-02-14 11:19 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-14 11:19 - 2015-02-14 11:19 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-14 11:19 - 2015-02-14 11:19 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-14 11:18 - 2015-02-14 11:18 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-13 03:14 - 2015-02-14 13:52 - 00000000 ___RD () C:\Users\Jim\Desktop\White Noise
2015-02-12 15:32 - 2015-02-12 15:40 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-02-12 14:39 - 2015-02-02 13:13 - 01388274 _____ (Thisisu) C:\Users\Jim\Desktop\JRT_NEW.exe
2015-02-12 12:02 - 2015-02-12 12:02 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Jim\Desktop\mbar-1.08.3.1004.exe
2015-02-12 11:42 - 2015-02-19 16:40 - 00001813 _____ () C:\Users\Jim\AppData\Roaming\MySyncFolder.lnk
2015-02-11 23:57 - 2015-02-12 11:42 - 00000000 __SHD () C:\aws
2015-02-11 23:56 - 2015-02-11 23:56 - 00000000 ____D () C:\Asus WebStorage
2015-02-11 23:52 - 2015-02-11 23:52 - 00001311 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2015-02-11 23:52 - 2015-02-11 23:52 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\awsRun
2015-02-11 14:43 - 2015-02-05 12:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-11 14:42 - 2015-02-05 16:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-11 14:42 - 2015-02-05 16:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-11 14:42 - 2015-02-05 16:01 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-10 23:40 - 2015-02-10 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-02-10 23:29 - 2015-02-10 23:29 - 02112512 _____ () C:\Users\Jim\Desktop\adwcleaner_4.110.exe
2015-02-10 17:07 - 2015-02-10 17:08 - 39739064 _____ (Microsoft Corporation) C:\Users\Jim\Desktop\Windows-KB890830-x64-V5.21.exe
2015-02-10 12:18 - 2015-02-20 17:26 - 00000000 ____D () C:\FRST
2015-02-10 11:00 - 2015-02-10 11:00 - 03759320 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-02-10 05:24 - 2015-02-10 05:24 - 00001261 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-02-08 09:52 - 2015-02-15 21:34 - 00563864 _____ (Sysinternals - www.sysinternals.com) C:\Users\Jim\Desktop\autorunsc.exe
2015-02-08 09:44 - 2015-02-15 21:30 - 00650392 _____ (Sysinternals - www.sysinternals.com) C:\Users\Jim\Desktop\autoruns.exe
2015-02-07 16:53 - 2015-02-07 16:53 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 16:53 - 2015-02-07 16:53 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 05:23 - 2015-02-14 20:48 - 00000000 ____D () C:\Users\Jim\AppData\Local\Popcorn-Time
2015-01-28 05:23 - 2015-01-28 05:23 - 00002266 _____ () C:\Users\Jim\Desktop\Popcorn Time.lnk
2015-01-28 05:23 - 2015-01-28 05:23 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-01-28 05:22 - 2015-01-28 05:23 - 00000000 ____D () C:\Users\Jim\AppData\Local\Popcorn Time
2015-01-26 11:43 - 2015-01-26 16:58 - 00000344 _____ () C:\Windows\system32\.crusader
2015-01-23 09:42 - 2015-01-23 09:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ProductData
2015-01-23 09:42 - 2015-01-23 09:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ProductData
2015-01-23 08:45 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMB1.DLL
2015-01-23 08:43 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-01-23 08:43 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-01-23 08:32 - 2015-01-12 23:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-23 08:32 - 2015-01-10 03:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-23 08:32 - 2015-01-10 03:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-23 08:31 - 2015-01-16 01:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-01-23 08:31 - 2015-01-16 01:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-01-21 17:46 - 2015-02-10 23:36 - 00000000 ____D () C:\Windows\system32\log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 17:25 - 2014-11-12 01:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-20 17:06 - 2015-01-12 12:49 - 02047240 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 17:02 - 2014-10-08 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-20 14:13 - 2014-11-29 15:01 - 00000000 ____D () C:\Users\Jim\Documents\Outlook Files
2015-02-20 12:54 - 2014-05-04 13:59 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2806064540-532032679-505906721-1002
2015-02-20 12:49 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-20 12:41 - 2014-05-08 15:45 - 00000000 ____D () C:\Windows\Minidump
2015-02-20 10:09 - 2014-05-28 21:32 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-20 10:07 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-20 10:03 - 2014-06-25 00:08 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-20 10:03 - 2014-02-13 02:11 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2015-02-20 10:03 - 2014-02-13 01:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-20 10:03 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 04:26 - 2013-08-22 08:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2015-02-19 18:03 - 2014-06-25 00:08 - 00000000 ____D () C:\ProgramData\IObit
2015-02-19 16:40 - 2014-05-04 13:58 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\WebStorage
2015-02-18 23:19 - 2015-01-08 07:01 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-02-18 23:00 - 2015-01-20 14:49 - 00000000 ___RD () C:\Users\Jim\Desktop\DVD-R
2015-02-18 16:52 - 2014-05-04 13:54 - 00000000 ____D () C:\Users\Jim
2015-02-18 16:25 - 2014-06-25 00:08 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\IObit
2015-02-17 04:51 - 2014-11-18 15:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-17 04:50 - 2014-11-18 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-16 16:57 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2015-02-16 15:56 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-16 06:59 - 2015-01-01 22:59 - 00000000 ___RD () C:\Users\Jim\Desktop\Origin & Games
2015-02-16 06:42 - 2014-11-16 13:46 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-16 06:40 - 2014-06-08 19:39 - 00000000 ____D () C:\ProgramData\Origin
2015-02-16 06:28 - 2014-11-16 13:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-16 00:01 - 2013-08-22 08:25 - 00000199 _____ () C:\Windows\win.ini
2015-02-14 15:45 - 2014-07-12 19:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-14 11:32 - 2015-01-12 12:37 - 00564592 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-14 11:29 - 2014-06-28 14:16 - 86310912 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-02-14 11:29 - 2014-06-28 14:16 - 00319488 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-02-14 11:29 - 2014-06-28 14:16 - 00069632 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-02-14 11:29 - 2014-06-28 14:16 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-02-14 11:20 - 2014-02-13 02:02 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-13 23:51 - 2014-11-13 16:46 - 00000000 ___RD () C:\Users\Jim\Desktop\MP3
2015-02-13 22:20 - 2014-06-25 00:08 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-13 08:05 - 2014-06-16 20:15 - 00000000 ____D () C:\Users\Jim\AppData\Local\Unity
2015-02-12 13:37 - 2014-08-03 06:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-11 23:49 - 2015-01-20 14:46 - 00000000 ____D () C:\Users\Jim\AppData\Roaming\DVD Flick
2015-02-11 23:34 - 2015-01-20 16:30 - 00000000 ____D () C:\Users\Jim\Documents\dvd
2015-02-11 14:44 - 2014-12-27 22:17 - 00000000 ____D () C:\temp
2015-02-10 23:36 - 2015-01-12 15:21 - 00000000 ____D () C:\AdwCleaner
2015-02-07 17:05 - 2013-12-12 03:47 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-07 16:56 - 2014-06-28 14:16 - 05050368 _____ () C:\Windows\system32\config\DRIVERS.iodefrag.bak
2015-02-05 16:01 - 2014-02-13 01:44 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-05 16:01 - 2014-02-13 01:44 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-05 14:07 - 2014-12-24 01:54 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 14:07 - 2014-02-13 01:44 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 14:06 - 2014-02-13 01:44 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 07:50 - 2014-02-13 01:44 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-04 14:25 - 2014-11-12 01:00 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 21:08 - 2014-09-19 20:47 - 00000000 ____D () C:\Users\Jim\Downloads\Big Brother (Australia)
2015-01-29 17:49 - 2014-05-09 14:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-26 21:48 - 2014-11-11 14:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 16:58 - 2014-11-11 14:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 11:43 - 2015-01-12 02:31 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-24 19:27 - 2014-08-10 01:43 - 00003584 _____ () C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-24 15:53 - 2014-07-06 19:08 - 00919040 ___SH () C:\Users\Jim\Desktop\Thumbs.db
2015-01-21 18:09 - 2014-12-09 13:02 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

==================== Files in the root of some directories =======

2015-02-12 11:42 - 2015-02-19 16:40 - 0001813 _____ () C:\Users\Jim\AppData\Roaming\MySyncFolder.lnk
2014-07-07 04:37 - 2015-01-08 10:36 - 2746759663 _____ () C:\Users\Jim\AppData\Local\BTServer.log
2014-08-10 01:43 - 2015-01-24 19:27 - 0003584 _____ () C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-12 03:45 - 2013-12-12 03:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\ProgramData\PC Reviver.exe
C:\ProgramData\StartMenuReviver.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-12 04:54

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

You're still getting errors with services that do not appear to be due to an infection. It's up to you but if it were my computer I would backup my data files and reinstall Windows. You might be able to spend days or weeks piece mealing it back together but in probably much less time you could backup your data and reinstall and have a nicer more stable and secure system.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.