Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow to boot


  • This topic is locked This topic is locked
37 replies to this topic

#1 teebe

teebe

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 15 August 2014 - 10:53 PM

Hi,  my notebook is slow to boot, over 15 min to complete, this is the most visible problem.
- Running malware removal improves boot speed of 5min, but is a temporary cure, it reverts to slow boots after a couple of days.
- Internet speed is average, usable for browsing google (1Mbps ADSL) but Shockwave Flash is the main trouble: ANY browser (FF, Chrome, Opera) have the same behaviour, after a malware clean they works for a while, one day at best, and then again a lot of SWF crashes re-appear, cured cleaning the browser web cache AND switching Proxies setup between No-P./Auto-P to get SWF back. Notice that this behaviour is now not appearing again, after last malaware removal, however I am still suspicious of external tweaks, like Internet provider shooting all persistent streams as traffic maintenance measure. In other words, I would not point to browser malfunction.
- Noticed a weird behaviour, doing a Explore search on c:\ (full disk search) triggers a lot of hickups, like Chrome zombies, freezes, SWF crashes.
 
Thanks for your support
 
Attached the DDS scan.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 20-Sep-13 05:20:54
System Uptime: 16-Aug-14 09:14:29 (1 hours ago)
.
Motherboard: LENOVO | | INVALID
Processor: Intel® Core™ i7-3612QM CPU @ 2.10GHz | U3E1 | 2101/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 579 GiB total, 121.68 GiB free.
D: is FIXED (NTFS) - 98 GiB total, 53.313 GiB free.
E: is CDROM ()
X: is FIXED (NTFS) - 494 GiB total, 311.425 GiB free.
Y: is FIXED (NTFS) - 200 GiB total, 141.784 GiB free.
Z: is FIXED (NTFS) - 237 GiB total, 80.66 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Lenovo pointing device
Device ID: ACPI\ETD0613\4&1BC423EF&0
Manufacturer: ELAN
Name: Lenovo pointing device
PNP Device ID: ACPI\ETD0613\4&1BC423EF&0
Service: i8042prt
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Generic Bluetooth Adapter
Device ID: USB\VID_0CF3&PID_3002\6&22B44A84&0&3
Manufacturer: GenericAdapter
Name: Generic Bluetooth Adapter
PNP Device ID: USB\VID_0CF3&PID_3002\6&22B44A84&0&3
Service: BTHUSB
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
???????? ????? ??? ????????? ?????????? ?????? ??????? Microsoft Visual Studio Tools ??? ?????? ? ???????????? 2012 (x64) - RUS
???????? ????? ??? ????????? ?????????? ?????? ??????? Microsoft Visual Studio Tools ??? ?????? ? ???????????? 2012 (x86) - RUS
µTorrent
7-Zip 9.20
Adobe Acrobat XI Pro
Adobe AIR
Adobe CMM
Adobe Flash Player 13 ActiveX
Adobe Flash Player 14 Plugin
Adobe Illustrator CS6
Adobe Photoshop CS6
Adobe Photoshop Lightroom 4.4 64-bit
Adobe Photoshop Lightroom 5.4 64-bit
Adobe Setup
AIMP3
Akamai NetSession Interface
AmoK Exif Sorter 2.5.6 (remove only)
Assessments on Client
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Attachments Processor for Outlook
Audacity 2.0.5
AviSynth 2.6
BlackBerry Desktop Software 7.1
BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone
BlackBerry World Browser Plugin
Blender
calibre
Capture NX-D
CCleaner
Celestia 1.5.1
CGS17_Setup_x64
ColorSpace 1.1.1
ColorThink Pro v3.0.3
Conexant HD Audio
Core Temp 1.0 RC6
Corel Graphics - Windows Shell Extension
Corel Graphics - Windows Shell Extension 32 Bit
CorelDRAW Graphics Suite X7 - Capture (x64)
CorelDRAW Graphics Suite X7 - Common (x64)
CorelDRAW Graphics Suite X7 - Connect (x64)
CorelDRAW Graphics Suite X7 - Custom Data (x64)
CorelDRAW Graphics Suite X7 - Draw (x64)
CorelDRAW Graphics Suite X7 - EN (x64)
CorelDRAW Graphics Suite X7 - Filters (x64)
CorelDRAW Graphics Suite X7 - FontNav (x64)
CorelDRAW Graphics Suite X7 - IPM Content (x64)
CorelDRAW Graphics Suite X7 - IPM T (x64)
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64)
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64)
CorelDRAW Graphics Suite X7 - Redist (x64)
CorelDRAW Graphics Suite X7 - Setup Files (x64)
CorelDRAW Graphics Suite X7 - VBA (x64)
CorelDRAW Graphics Suite X7 - VideoBrowser (x64)
CorelDRAW Graphics Suite X7 - Writing Tools (x64)
CorelDRAW Graphics Suite X7 (64-Bit)
D3DX10
Daminion 3.0.0.994
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
Document Express DjVu Plug-in
Dolby Advanced Audio v2
Dolphin 4.0
Dropbox
Duplicate Email Remover
Duplicates Remover for Outlook
DVD slideshow GUI 0.9.5.4
EasyBCD 2.2
EditPlus 3
Elevated Installer
Energy Management
EPSON ColorBase
Epson Easy Photo Print 2
Epson Print CD
Epson Print Plug-In for Photoshop
Epson Print Plug-In for SILKYPIX
EPSON Scan
Epson Stylus Photo R3000 Printer Uninstall
EpsonNet Config V4
EpsonNet Print
EpsonNet SDK for Windows
EpsonNet Setup 3.3
ExpressPCB
FileZilla Client 3.9.0.2
FreeHDL 0.0.8 binary package for Win32
Garmin City Navigator Europe NT 2012.30 Update
Garmin Express
Garmin Express Tray
Ghostscript GPL 8.64 (Msi Setup)
GIMP 2.8.2
Google Chrome
Google Chrome Canary
Google Earth
Google SketchUp Pro 2014 v14.0.4900
Google Update Helper
Haali Media Splitter
Helix YUV Codecs (remove only)
i1Profiler
Icarus Verilog 0.9.6
ICC Profile Inspector 2.4.0
ImgBurn
InfraRecorder
Intel® C++ Redistributables for Windows* on Intel® 64
Intel® Management Engine Components
Intel® OpenCL CPU Runtime
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
IrfanView (remove only)
ISO Creator 1.0
Java 7 Update 60
Java Auto Updater
JExifViewer
jMonkeyEngine SDK
JPEG Recovery Pro 5.0
Junk Mail filter update
Kits Configuration Installer
LAME v3.99.3 (for Windows)
LastPass (uninstall only)
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo pointing device
Lenovo Solution Center
LINE
LProf (remove only)
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft OneDrive
Microsoft Project Professional 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft USB Hub and Controller Test Tool (MUTT) v1.9.1
Microsoft Visual Basic for Applications 7.1 (x64)
Microsoft Visual Basic for Applications 7.1 (x64) English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio Tools for Applications 2012
Microsoft Visual Studio Tools for Applications 2012 Finalizer
Microsoft Visual Studio Tools for Applications 2012 x64 ???? - ???????
Microsoft Visual Studio Tools for Applications 2012 x64 ???? - ????????
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - ??? ?? ?
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - ??? Language Pack
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français
Microsoft Visual Studio Tools for Applications 2012 x86 ???? - ???????
Microsoft Visual Studio Tools for Applications 2012 x86 ???? - ????????
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - ??? ?? ?
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - ??? Language Pack
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MinGW32 C/C++ 0.0.2 binary package for Win32
MiniTool Partition Wizard Home Edition 8.0
Movie Maker
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nalpeiron Service Update to 7.3.5
NVIDIA Control Panel 340.52
NVIDIA GeForce Experience 2.1.1
NVIDIA Graphics Driver 340.52
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 15.3.33
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.1220
NVIDIA ShadowPlay 15.3.33
NVIDIA Update 15.3.33
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
ONYX Printer & Profile Download Manager 20100602-0
Opera Stable 23.0.1522.75
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
Palringo
PandoraRecovery (Remove Only)
PDF Settings CS6
Photo Common
Photo Gallery
PhotoLine 18.0.2.0
Picture Control Utility x64
Piwigo Export Plug-in version 2.2.5 for Adobe Lightroom
Planetary, Lunar, and Stellar Visibility
PoivY
ProductionHouse 10
PRODUCTIONSERVER4
ProTiler 1.0
PTLens
Qimage Ultimate
Qualcomm Atheros Client Installation Program
Quite Universal Circuit Simulator 0.0.17 binary package for Win32
RAW FILE CONVERTER EX powered by SILKYPIX
Realtek USB 2.0 Reader Driver
RegInOut System Utilities
RGB Cube 1.1.1
RTI RIP-Kit 10.0 Demo
Security Task Manager 1.8g
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589288) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Sentinel Runtime
Sentinel System Driver
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)
SHIELD Streaming
SILKYPIX Developer Studio Pro 6 English
SILKYPIX Developer Studio Pro 6 English Library
SketchUp 2013
SketchUp Import for AutoCAD 2014
SketchUp Viewer
Skype™ 6.14
Sonic Visualiser
Speccy
Spybot - Search & Destroy
SSC Service Utility v4.30
Steam
Stellarium 0.12.4
StellariumZodiacPlugin 0.12.0
Timeline 1.3.0
Toolkit Documentation
Twilight 1.5.0
UIF to ISO version 1.0
UltraStar Creator
Uninstall dispcalGUI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
USB GamePad
Viber
VLC media player 2.1.3
VueScan x64
War Thunder
WicReset version 3.0.1.1
WinCDEmu
WinDirStat 1.1.2
Windows Assessment and Deployment Kit for Windows 8.1
Windows Assessment Services - Client (AMD64 Architecture Specific, Client SKU)
Windows Assessment Services - Client (Client SKU)
Windows Assessment Toolkit
Windows Assessment Toolkit (AMD64 Architecture Specific)
Windows Deployment Customizations
Windows Deployment Tools
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1)
Windows Firewall Control
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows PE x86 x64
Windows PE x86 x64 wims
Windows System Image Manager on amd64
WinRAR 5.00 (64-bit)
WPT Redistributables
WPTx64
X-Rite Device Services Manager
Zero Install
ZoneAlarm Firewall
ZoneAlarm Free Firewall
ZoneAlarm Security
ZoneAlarm Security Toolbar
ZynAddSubFX 2.2.0
.
==== Event Viewer Messages From Past Week ========
.
16-Aug-14 09:18:10, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm Privacy Service service to connect.
16-Aug-14 09:18:10, Error: Service Control Manager [7000] - The ZoneAlarm Privacy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16-Aug-14 09:17:12, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
16-Aug-14 09:17:12, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16-Aug-14 09:16:40, Error: Service Control Manager [7000] - The Aspi32 service failed to start due to the following error: This driver has been blocked from loading
16-Aug-14 09:16:40, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\aspi32.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
16-Aug-14 09:16:39, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Zero Install Store Service service to connect.
16-Aug-14 09:16:39, Error: Service Control Manager [7000] - The Zero Install Store Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16-Aug-14 09:16:01, Error: Service Control Manager [7000] - The Sentinel service failed to start due to the following error: This driver has been blocked from loading
16-Aug-14 09:16:01, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\SENTINEL.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
16-Aug-14 09:15:55, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TrueVector Internet Monitor service to connect.
16-Aug-14 09:15:55, Error: Service Control Manager [7000] - The TrueVector Internet Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16-Aug-14 09:14:49, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
16-Aug-14 02:19:25, Error: Service Control Manager [7034] - The Harlequin License Server service terminated unexpectedly. It has done this 1 time(s).
15-Aug-14 14:58:48, Error: Service Control Manager [7000] - The Windows Firewall Control service failed to start due to the following error: A device attached to the system is not functioning.
15-Aug-14 14:43:19, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Lenovo.
15-Aug-14 14:43:18, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
15-Aug-14 14:42:03, Error: Application Popup [1060] - \??\C:\combofix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
15-Aug-14 14:28:13, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
15-Aug-14 14:08:24, Error: hasplms [3] - ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
15-Aug-14 14:07:53, Error: Service Control Manager [7031] - The Sentinel LDK License Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 50 milliseconds: Restart the service.
15-Aug-14 03:35:13, Error: Service Control Manager [7034] - The Blackberry Device Manager service terminated unexpectedly. It has done this 1 time(s).
15-Aug-14 01:04:38, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s).
15-Aug-14 01:03:21, Error: Service Control Manager [7022] - The Internet Connection Sharing (ICS) service hung on starting.
15-Aug-14 01:00:20, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Harlequin License Server service to connect.
15-Aug-14 01:00:20, Error: Service Control Manager [7000] - The Harlequin License Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
14-Aug-14 14:51:06, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
14-Aug-14 14:51:05, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
14-Aug-14 14:49:29, Error: Service Control Manager [7023] - The Nalpeiron Licensing Service service terminated with the following error: Access is denied.
14-Aug-14 12:08:25, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
14-Aug-14 11:59:17, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
14-Aug-14 11:59:16, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error The parameter is incorrect..
14-Aug-14 10:24:19, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
14-Aug-14 09:52:38, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
14-Aug-14 09:41:51, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
12-Aug-14 22:48:40, Error: Service Control Manager [7031] - The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
10-Aug-14 07:14:17, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ZAPrivacyService service.
09-Aug-14 07:39:24, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
09-Aug-14 07:39:24, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

Attached Files


Edited by Oh My!, 23 August 2014 - 08:34 AM.
Report posted


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:16 PM

Posted 20 August 2014 - 10:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/544580 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 23 August 2014 - 08:37 AM

Greetings teebe and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 26 August 2014 - 08:01 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#5 teebe

teebe
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 26 August 2014 - 09:04 AM

- The Win7 installation disk and key is present

- Description of fail is long boot time, 15min

SWF Flashplayer short life between crashes,

repeated shutdown of Emsisoft download sorted by renaming it before starting file download

***************************************************

* Here is the copypaste of FRST.txt: *

***************************************************

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by alee (administrator) on ALEE-PC on 26-08-2014 20:40:57
Running from C:\Users\alee\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\Common Files\Global Graphics Software\Harlequin License Server\bin\hqn_lsd.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(BiniSoft.org) C:\Program Files\Windows Firewall Control\wfcs.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(PoivY) C:\Program Files (x86)\PoivY.com\PoivY\poivy.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Dropbox, Inc.) C:\Users\alee\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ES-Computing) C:\Program Files (x86)\EditPlus 3\editplus.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
() C:\exiftoolgui\ExifToolGUI.exe
(Adobe Systems) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
(Phil Harvey) C:\Windows\exiftool.exe
() C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\exiftool.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2013-09-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2013-09-20] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-04-25] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2915537779-2898195281-3898161190-1000\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [3965288 2014-08-22] (LINE Corporation)
HKU\S-1-5-21-2915537779-2898195281-3898161190-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2915537779-2898195281-3898161190-1000\...\Run: [PoivY] => C:\Program Files (x86)\PoivY.com\PoivY\poivy.exe [19849008 2014-02-22] (PoivY)
HKU\S-1-5-21-2915537779-2898195281-3898161190-1000\...\Policies\Explorer: []
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-03] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-03] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-03] (NVIDIA Corporation)
Startup: C:\Users\alee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\alee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\dispcalGUI Profile Loader.lnk
ShortcutTarget: dispcalGUI Profile Loader.lnk -> C:\Program Files\Zero Install\0install-win.exe (0install.de)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\i1Profiler Tray.lnk
ShortcutTarget: i1Profiler Tray.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFBFD6494EAB5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.caminova.net/en/downloads/getmodule.aspx?lang=en
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.66.254

FireFox:
========
FF ProfilePath: C:\Users\alee\AppData\Roaming\Mozilla\Firefox\Profiles\i3lowhc3.default-1406683534541
FF Homepage: about:newtab
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\alee\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\alee\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: IE Tab + - C:\Users\alee\AppData\Roaming\Mozilla\Firefox\Profiles\2nsgtlpg.default\Extensions\coralietab@mozdev.org [2014-07-08]
FF Extension: LastPass - C:\Users\alee\AppData\Roaming\Mozilla\Firefox\Profiles\2nsgtlpg.default\Extensions\support@lastpass.com [2014-07-08]
FF Extension: Google™ Translator - C:\Users\alee\AppData\Roaming\Mozilla\Firefox\Profiles\2nsgtlpg.default\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2014-07-06]
FF Extension: Bitdefender QuickScan - C:\Users\alee\AppData\Roaming\Mozilla\Firefox\Profiles\i3lowhc3.default-1406683534541\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-08-21]
FF Extension: NoScript - C:\Users\alee\AppData\Roaming\Mozilla\Firefox\Profiles\i3lowhc3.default-1406683534541\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-07]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> google.co.th
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-08]
CHR Extension: (Google Drive) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-08]
CHR Extension: (YouTube) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-08]
CHR Extension: (Google Search) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-08]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-07-08]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-07-08]
CHR Extension: (Google Wallet) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]
CHR Extension: (Gmail) - C:\Users\alee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-08]
CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\alee\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0store-service; C:\Program Files\Zero Install\0store-service.exe [41472 2014-05-15] (0install.de) [File not signed]
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4754256 2014-08-22] (Emsisoft GmbH)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-19] (Research In Motion Limited) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2012-02-22] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)
R2 HarlequinLicenceServer; C:\Program Files (x86)\Common Files\Global Graphics Software\Harlequin License Server\bin\hqn_lsd.exe [559680 2013-06-26] () [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-04-25] (Check Point Software Technologies Ltd.)
R2 wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [94208 2014-05-08] (BiniSoft.org) [File not signed]
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2014-04-10] (X-Rite Inc.)
S2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [92176 2014-04-10] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2002-07-17] (Adaptec) [File not signed]
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2014-04-07] (EldoS Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] ()
R1 RegHiveRecovery; C:\Windows\system32\drivers\RegHiveRecovery.sys [48304 2014-02-20] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 Sntnlusb; C:\Windows\SysWOW64\DRIVERS\SNTNLUSB.SYS [26120 2002-12-17] (Rainbow Technologies Inc.)
S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-12-30] ()
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-04-25] (Check Point Software Technologies Ltd.)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40552 2013-08-22] (Microsoft Corporation)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2014-05-14] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [10240 2014-05-14] (Nicomsoft Ltd.) [File not signed]
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink)
S3 ALSysIO; \??\C:\Users\alee\AppData\Local\Temp\ALSysIO64.sys [X]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\combofix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2020-04-15 16:32 - 2020-04-15 16:32 - 00000000 ____D () C:\ProgramData\Fawkes
2014-08-26 20:40 - 2014-08-26 20:42 - 00032866 _____ () C:\Users\alee\Desktop\FRST.txt
2014-08-26 20:40 - 2014-08-26 20:41 - 00000000 ____D () C:\FRST
2014-08-26 20:39 - 2014-08-26 20:40 - 02103296 _____ (Farbar) C:\Users\alee\Desktop\FRST64.exe
2014-08-26 20:38 - 2014-08-26 20:38 - 00006442 _____ () C:\Users\alee\Desktop\attach.zip
2014-08-26 20:32 - 2014-08-26 20:32 - 00688992 ____R (Swearware) C:\Users\alee\Desktop\dds.com
2014-08-24 15:10 - 2014-08-25 08:57 - 00000000 ____D () C:\Program Files (x86)\VisualRoute
2014-08-24 15:10 - 2014-08-24 15:10 - 00007548 _____ () C:\Users\alee\x.log
2014-08-24 15:10 - 2014-08-24 15:10 - 00000034 _____ () C:\Users\alee\VisualRoute-Path
2014-08-24 15:10 - 2014-08-24 15:10 - 00000000 ____D () C:\Users\alee\vw
2014-08-24 15:10 - 2014-08-24 15:10 - 00000000 ____D () C:\Users\alee\VisualRoute
2014-08-24 15:10 - 2014-08-24 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisualRoute
2014-08-24 15:09 - 2014-08-24 15:09 - 04572320 _____ () C:\Users\alee\Downloads\vrc.exe
2014-08-24 14:18 - 2014-02-14 10:00 - 04044800 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-08-24 10:34 - 2014-08-24 10:34 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-alee-PC-alee
2014-08-23 18:21 - 2014-08-23 18:21 - 00001242 _____ () C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
2014-08-23 18:21 - 2014-08-23 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
2014-08-23 18:21 - 2014-08-23 18:21 - 00000000 ____D () C:\Program Files (x86)\Xirrus
2014-08-23 18:20 - 2014-08-23 18:20 - 00000000 ____D () C:\Users\alee\AppData\Roaming\Xirrus
2014-08-23 15:09 - 2014-08-23 15:09 - 00000748 _____ () C:\Users\alee\Desktop\HxD.ini
2014-08-23 15:05 - 2011-06-30 17:20 - 01688576 _____ (Maël Hörz) C:\Users\alee\Desktop\HxD.exe
2014-08-23 14:52 - 2014-08-23 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2014-08-23 14:52 - 2014-08-23 14:52 - 00000000 ____D () C:\Program Files\TortoiseGit
2014-08-23 14:52 - 2014-08-23 14:52 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-08-22 08:34 - 2014-08-22 08:34 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-22 07:11 - 2014-08-22 07:11 - 00001071 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-08-22 07:11 - 2014-08-22 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-08-22 07:10 - 2014-08-26 20:03 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-22 07:09 - 2014-08-15 14:56 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-08-22 07:05 - 2014-08-22 07:06 - 00003510 _____ () C:\Users\alee\Desktop\Rkill.txt
2014-08-22 07:04 - 2014-08-22 07:05 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\alee\Desktop\WiNlOgOn.exe
2014-08-22 07:04 - 2014-08-22 07:04 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\alee\Desktop\uSeRiNiT.exe
2014-08-22 06:43 - 2014-08-22 07:09 - 233663808 _____ (Emsisoft GmbH ) C:\Users\alee\Desktop\Setup.exe
2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\192.168.1.1
2014-08-21 10:35 - 2014-08-21 10:35 - 00040960 _____ () C:\tftp2.exe
2014-08-21 08:01 - 2014-08-21 08:01 - 00349505 _____ () C:\Users\alee\AppData\Local\census.cache
2014-08-21 08:01 - 2014-08-21 08:01 - 00224755 _____ () C:\Users\alee\AppData\Local\ars.cache
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\XRiteDevice.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\vmprp332.ax
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\olepro32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\nvumdshim.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\igdumd32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\igd10umd32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\eEBUtil2.DLL
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\eEBUtil.dll
2014-08-21 07:53 - 2014-08-21 07:53 - 00000010 _____ () C:\Users\alee\AppData\Local\sponge.last.runtime.cache
2014-08-21 07:38 - 2014-08-21 07:38 - 00000036 _____ () C:\Users\alee\AppData\Local\housecall.guid.cache
2014-08-21 07:38 - 2013-09-02 14:58 - 00175528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-08-21 01:57 - 2014-08-21 01:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-21 00:40 - 2014-08-21 00:41 - 01769472 _____ () C:\dd-wrt.v24_micro_generic.bin
2014-08-20 21:32 - 2014-08-20 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinePixViewer
2014-08-20 21:32 - 2014-08-20 21:32 - 00002361 _____ () C:\Users\Public\Desktop\User's Guide.lnk
2014-08-20 21:32 - 2014-08-20 21:32 - 00002310 _____ () C:\Users\Public\Desktop\Introduction of Picture The Future.lnk
2014-08-20 21:32 - 2014-08-20 21:32 - 00001945 _____ () C:\Users\Public\Desktop\FinePixViewer.lnk
2014-08-20 21:31 - 2014-08-20 21:32 - 00000000 ____D () C:\Program Files (x86)\FinePixViewer
2014-08-20 18:24 - 2014-08-20 18:24 - 03099632 _____ (PassMark Software ® ) C:\wirelessmon.exe
2014-08-20 18:24 - 2014-08-20 18:24 - 00001023 _____ () C:\Users\alee\Desktop\WirelessMon.lnk
2014-08-20 18:24 - 2014-08-20 18:24 - 00000000 ____D () C:\ProgramData\PassMark
2014-08-20 18:24 - 2014-08-20 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WirelessMon
2014-08-20 18:24 - 2014-08-20 18:24 - 00000000 ____D () C:\Program Files (x86)\WirelessMon
2014-08-20 14:46 - 2014-08-26 18:35 - 00000000 ____D () C:\Users\alee\AppData\Local\Adobe
2014-08-20 08:55 - 2014-08-20 08:55 - 00000000 __SHD () C:\Users\alee\AppData\Local\icsxml
2014-08-20 08:54 - 2014-08-20 14:34 - 00000000 ____D () C:\Users\alee\AppData\Local\MetaGeek,_LLC
2014-08-20 08:54 - 2014-08-20 08:54 - 00000038 ___SH () C:\Users\alee\AppData\Local\134e6589520e51682091c0.32666518
2014-08-20 08:54 - 2014-08-20 08:54 - 00000000 ____D () C:\Users\alee\AppData\Local\MetaGeek, LLC
2014-08-20 08:53 - 2014-08-20 08:53 - 00002483 _____ () C:\Users\Public\Desktop\Chanalyzer.lnk
2014-08-20 08:53 - 2014-08-20 08:53 - 00000000 ____D () C:\Users\alee\AppData\Roaming\MetaGeek
2014-08-20 08:53 - 2014-08-20 08:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2014-08-20 08:53 - 2014-08-20 08:53 - 00000000 ____D () C:\Program Files (x86)\MetaGeek
2014-08-20 08:51 - 2014-08-20 08:52 - 32645120 _____ () C:\Chanalyzer-Installer.msi
2014-08-20 08:07 - 2014-08-20 08:07 - 00658944 _____ () C:\MicrosoftFixit50191.msi
2014-08-20 07:56 - 2014-08-20 07:56 - 06052529 _____ (Tim Kosse) C:\Users\alee\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-19 17:43 - 2014-08-19 17:43 - 00002962 _____ () C:\Windows\System32\Tasks\{C587858C-8DD2-4506-B2E6-83631E80B30D}
2014-08-19 17:26 - 2014-08-19 17:26 - 00002962 _____ () C:\Windows\System32\Tasks\{F18A9C1D-3CA1-4D3B-BD4B-39F3FE831889}
2014-08-19 17:26 - 2014-08-19 17:26 - 00002962 _____ () C:\Windows\System32\Tasks\{9F166603-4648-4BD9-9C20-0DE5E42FEBDE}
2014-08-19 09:19 - 2014-08-19 09:19 - 00659456 _____ (Speed Guide Inc.) C:\Users\alee\Desktop\TCPOptimizer.exe
2014-08-18 22:10 - 2014-08-18 22:10 - 01586165 _____ () C:\Users\alee\Desktop\ComIntRepair.exe
2014-08-18 22:10 - 2014-01-11 13:45 - 00000000 ____D () C:\Users\alee\Desktop\ComIntRepair
2014-08-18 20:21 - 2014-08-18 20:21 - 00002085 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk
2014-08-18 20:21 - 2014-08-18 20:21 - 00002065 _____ () C:\Users\Public\Desktop\LR 5.5.lnk
2014-08-18 08:23 - 2014-08-18 08:23 - 01118208 _____ () C:\Windows\system32\config\WLANAutoConfigLog.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 01118208 _____ () C:\Windows\system32\config\WindowsFirewallLog.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00673212 _____ () C:\Windows\system32\config\wfpstate.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00441904 _____ () C:\Windows\system32\config\WindowsFirewallConfig.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00377217 _____ () C:\Windows\system32\config\netevents.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00264242 _____ () C:\Windows\system32\config\wfpfilters.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00069632 _____ () C:\Windows\system32\config\WindowsFirewallLogVerbose.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00069632 _____ () C:\Windows\system32\config\WindowsFirewallConsecLogVerbose.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00069632 _____ () C:\Windows\system32\config\WindowsFirewallConsecLog.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00036110 _____ () C:\Windows\system32\config\WcnInfo.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00029931 _____ () C:\Windows\system32\config\envinfo.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00016482 _____ () C:\Windows\system32\config\Dns.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00007568 _____ () C:\Windows\system32\tempfile.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00003099 _____ () C:\Windows\system32\config\Neighbors.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00002719 _____ () C:\Windows\system32\config\FileSharing.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00002523 _____ () C:\Windows\system32\config\gpresult.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00001461 _____ () C:\Windows\system32\config\adapterinfo.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00000556 _____ () C:\Windows\system32\config\sysports.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00000543 _____ () C:\Windows\system32\config\netiostate.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00000466 _____ () C:\Windows\system32\config\WindowsFirewallEffectiveRules.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00000062 _____ () C:\Windows\system32\config\wfplog.log
2014-08-18 08:23 - 2014-08-18 08:23 - 00000000 ____D () C:\Windows\system32\config\LocaleMetaData
2014-08-18 08:22 - 2014-08-18 08:23 - 00011451 _____ () C:\Windows\system32\config\osinfo.txt
2014-08-18 08:22 - 2014-08-18 08:22 - 00000000 ____D () C:\Windows\system32\Reg
2014-08-17 10:27 - 2014-08-19 12:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 10:27 - 2014-08-17 10:27 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 10:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-17 10:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-17 10:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-16 10:49 - 2014-08-16 10:49 - 00026592 _____ () C:\Users\alee\Documents\Attach.txt
2014-08-16 10:15 - 2014-08-26 20:37 - 00031675 _____ () C:\Users\alee\Desktop\dds.txt
2014-08-16 10:15 - 2014-08-26 20:36 - 00024203 _____ () C:\Users\alee\Desktop\attach.txt
2014-08-16 02:20 - 2014-08-16 02:20 - 00000000 ___SD () C:\32788R22FWJFW
2014-08-16 02:01 - 2014-08-16 02:02 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\alee\Desktop\tdsskiller.exe
2014-08-16 01:57 - 2014-08-16 01:57 - 00001490 _____ () C:\Users\alee\Desktop\GooredFix.txt
2014-08-16 01:57 - 2014-08-16 01:57 - 00000000 ____D () C:\Users\alee\Desktop\GooredFix Backups
2014-08-15 15:08 - 2014-08-15 15:08 - 00046438 _____ () C:\ComboFix.txt
2014-08-14 21:22 - 2014-08-14 21:22 - 00000000 ____D () C:\NVIDIA
2014-08-14 19:43 - 2014-08-14 19:43 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-14 19:40 - 2014-08-14 19:40 - 50067152 _____ (Microsoft Corporation) C:\MouseKeyboardCenter_64bit_ENG_2.3.188.exe
2014-08-14 13:19 - 2014-08-14 13:20 - 00035482 _____ () C:\Users\alee\Desktop\Noname1.txt
2014-08-14 03:02 - 2014-07-01 05:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:02 - 2014-07-01 05:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:02 - 2014-03-10 04:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:02 - 2014-03-10 04:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:02 - 2014-03-10 04:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:02 - 2014-03-10 04:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 03:01 - 2014-06-06 13:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:01 - 2014-06-06 13:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 15:32 - 2014-08-17 10:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-13 15:32 - 2014-08-13 16:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-13 15:32 - 2014-08-13 15:32 - 00001389 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-13 15:32 - 2014-08-13 15:32 - 00001377 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-13 15:32 - 2014-08-13 15:32 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-13 15:32 - 2014-08-13 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-13 15:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-08-13 03:36 - 2014-07-09 09:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 03:36 - 2014-07-09 09:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 03:36 - 2014-07-09 09:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 03:36 - 2014-07-09 09:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 03:36 - 2014-07-09 09:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 03:36 - 2014-07-09 08:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 03:36 - 2014-07-09 08:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 03:36 - 2014-07-09 08:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 03:36 - 2014-07-09 08:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 03:36 - 2014-07-09 08:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 03:36 - 2014-07-09 05:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 03:36 - 2014-07-09 05:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 03:35 - 2014-07-16 10:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 03:35 - 2014-07-16 10:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 03:35 - 2014-07-16 09:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 03:35 - 2014-07-16 09:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 03:35 - 2014-07-16 09:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 03:35 - 2014-06-25 09:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 03:35 - 2014-06-25 08:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 03:35 - 2014-06-16 09:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 03:35 - 2014-06-03 17:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 03:35 - 2014-06-03 17:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 03:35 - 2014-06-03 17:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 03:35 - 2014-06-03 17:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 03:35 - 2014-06-03 16:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 03:35 - 2014-06-03 16:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 03:35 - 2014-06-03 16:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 03:34 - 2014-07-14 09:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 03:34 - 2014-07-14 08:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-11 11:42 - 2014-08-26 20:20 - 00004763 _____ () C:\Users\alee\Documents\com.robcole.MetadataExtensions.log
2014-08-09 08:37 - 2014-07-27 07:19 - 05326417 _____ (Phil Harvey) C:\Windows\exiftool.exe
2014-08-07 20:21 - 2014-08-26 20:20 - 03981918 _____ () C:\Users\alee\Documents\PiwigoExport.log
2014-08-07 18:40 - 2014-08-07 18:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-07 18:40 - 2014-08-07 18:40 - 00000000 ____D () C:\Windows\system32\NV
2014-08-07 18:37 - 2014-07-03 03:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-07 18:37 - 2014-07-03 03:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-07 18:37 - 2014-07-03 03:48 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-08-07 18:37 - 2014-07-03 03:48 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-08-07 12:33 - 2014-08-07 12:34 - 06004615 _____ (Tim Kosse) C:\Users\alee\Downloads\FileZilla_3.9.0.2_win32-setup.exe
2014-08-06 21:33 - 2014-08-06 21:33 - 00249120 _____ (NVIDIA Corporation) C:\Windows\system32\cudart32_55.dll
2014-08-06 21:29 - 2013-08-28 04:17 - 00431392 _____ (NVIDIA Corporation) C:\Windows\system32\cudart32_41_0.dll
2014-08-06 16:04 - 2014-08-06 16:04 - 00035479 _____ () C:\Users\alee\Desktop\Noname2.php
2014-08-05 23:04 - 2014-08-06 11:30 - 00000000 ____D () C:\Users\alee\AppData\Local\.pLoader
2014-08-05 12:34 - 2014-08-05 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 12:34 - 2014-08-05 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-08-03 15:51 - 2014-05-14 23:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 15:51 - 2014-05-14 23:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 15:51 - 2014-05-14 23:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 15:51 - 2014-05-14 23:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 15:50 - 2014-05-14 23:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 15:50 - 2014-05-14 23:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 15:50 - 2014-05-14 23:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 15:50 - 2014-05-14 23:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 15:50 - 2014-05-14 23:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 15:50 - 2014-05-14 23:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 15:50 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 15:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 15:50 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 15:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-03 14:20 - 2014-08-03 14:20 - 00000000 ____D () C:\JPEGView64
2014-08-03 06:33 - 2014-08-03 06:33 - 00192512 _____ () C:\Users\alee\Documents\test-2_backup024.dm~
2014-08-03 06:32 - 2014-08-03 06:37 - 00193536 _____ () C:\Users\alee\Documents\test-2.dmc
2014-08-01 21:47 - 2014-08-04 11:30 - 00016037 _____ () C:\Users\alee\Documents\com.robcole.FTPAggregator.log.bak
2014-08-01 21:46 - 2014-08-05 00:32 - 00050829 _____ () C:\Users\alee\Documents\com.robcole.lightroom.PhotooeyPublisher.log.bak
2014-08-01 18:57 - 2014-08-08 12:04 - 00048433 _____ () C:\Users\alee\Documents\com.robcole.FTPAggregator.log
2014-08-01 11:28 - 2014-08-01 11:34 - 00006582 _____ () C:\Users\alee\Documents\LogFile.log
2014-08-01 10:44 - 2014-08-01 11:20 - 00002726 _____ () C:\Users\alee\Documents\RC_Photooey_WebPhotos_LogFile.log
2014-07-30 20:34 - 2014-08-09 02:14 - 00351876 _____ () C:\Users\alee\Documents\com.robcole.lightroom.PhotooeyPublisher.log
2014-07-30 20:34 - 2014-08-05 20:55 - 00000000 ____D () C:\Users\alee\AppData\Roaming\com.robcole
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 11:57 - 2014-08-01 07:03 - 05981830 _____ (Tim Kosse) C:\Users\alee\Downloads\FileZilla_3.9.0.1_win32-setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-04-15 12:58 - 2014-04-01 01:53 - 00001492 _____ () C:\ProgramData\content.ie5
2020-04-15 16:32 - 2020-04-15 16:32 - 00000000 ____D () C:\ProgramData\Fawkes
2014-08-26 20:42 - 2014-08-26 20:40 - 00032866 _____ () C:\Users\alee\Desktop\FRST.txt
2014-08-26 20:41 - 2014-08-26 20:40 - 00000000 ____D () C:\FRST
2014-08-26 20:40 - 2014-08-26 20:39 - 02103296 _____ (Farbar) C:\Users\alee\Desktop\FRST64.exe
2014-08-26 20:38 - 2014-08-26 20:38 - 00006442 _____ () C:\Users\alee\Desktop\attach.zip
2014-08-26 20:37 - 2014-08-16 10:15 - 00031675 _____ () C:\Users\alee\Desktop\dds.txt
2014-08-26 20:37 - 2013-10-13 22:46 - 00000000 ____D () C:\Users\alee\AppData\Roaming\Skype
2014-08-26 20:36 - 2014-08-16 10:15 - 00024203 _____ () C:\Users\alee\Desktop\attach.txt
2014-08-26 20:32 - 2014-08-26 20:32 - 00688992 ____R (Swearware) C:\Users\alee\Desktop\dds.com
2014-08-26 20:29 - 2014-04-26 19:03 - 02095785 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 20:22 - 2014-07-03 05:17 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2915537779-2898195281-3898161190-1000UA.job
2014-08-26 20:20 - 2014-08-11 11:42 - 00004763 _____ () C:\Users\alee\Documents\com.robcole.MetadataExtensions.log
2014-08-26 20:20 - 2014-08-07 20:21 - 03981918 _____ () C:\Users\alee\Documents\PiwigoExport.log
2014-08-26 20:20 - 2014-07-19 07:22 - 00004295 _____ () C:\Users\alee\Documents\com.robcole.lightroom.ExifMeta.log
2014-08-26 20:03 - 2014-08-22 07:10 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-26 19:38 - 2013-07-09 00:41 - 00000000 ____D () C:\LRCATALOG2012
2014-08-26 18:35 - 2014-08-20 14:46 - 00000000 ____D () C:\Users\alee\AppData\Local\Adobe
2014-08-26 16:08 - 2014-04-16 11:57 - 00000000 ____D () C:\Users\alee\AppData\Roaming\AIMP3
2014-08-26 12:06 - 2013-09-20 18:58 - 00000000 ____D () C:\_Dwnlod_
2014-08-26 08:00 - 2013-11-06 03:23 - 00000388 _____ () C:\Windows\Tasks\X-Rite Device Services Software Updater.job
2014-08-26 06:17 - 2014-01-04 14:37 - 00000000 ____D () C:\Users\alee\AppData\Roaming\EditPlus 3
2014-08-26 05:46 - 2009-07-14 11:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 05:46 - 2009-07-14 11:45 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 05:39 - 2013-10-15 22:26 - 00000000 ___RD () C:\Users\alee\Dropbox
2014-08-26 05:39 - 2013-10-15 22:12 - 00000000 ____D () C:\Users\alee\AppData\Roaming\Dropbox
2014-08-26 05:36 - 2014-07-10 06:41 - 00014910 _____ () C:\Windows\setupact.log
2014-08-26 05:34 - 2009-07-14 12:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 22:33 - 2014-07-03 05:17 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2915537779-2898195281-3898161190-1000Core.job
2014-08-25 08:57 - 2014-08-24 15:10 - 00000000 ____D () C:\Program Files (x86)\VisualRoute
2014-08-25 08:09 - 2014-06-03 12:17 - 00001043 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2014-08-25 08:09 - 2014-06-03 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2014-08-25 07:44 - 2014-05-12 08:27 - 05108496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 18:38 - 2009-07-14 10:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-24 15:10 - 2014-08-24 15:10 - 00007548 _____ () C:\Users\alee\x.log
2014-08-24 15:10 - 2014-08-24 15:10 - 00000034 _____ () C:\Users\alee\VisualRoute-Path
2014-08-24 15:10 - 2014-08-24 15:10 - 00000000 ____D () C:\Users\alee\vw
2014-08-24 15:10 - 2014-08-24 15:10 - 00000000 ____D () C:\Users\alee\VisualRoute
2014-08-24 15:10 - 2014-08-24 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisualRoute
2014-08-24 15:10 - 2013-09-20 05:20 - 00000000 ____D () C:\Users\alee
2014-08-24 15:09 - 2014-08-24 15:09 - 04572320 _____ () C:\Users\alee\Downloads\vrc.exe
2014-08-24 10:34 - 2014-08-24 10:34 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-alee-PC-alee
2014-08-24 07:03 - 2013-09-20 17:14 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2014-08-23 20:31 - 2014-06-18 13:55 - 00000000 ____D () C:\Program Files (x86)\Pandora Recovery
2014-08-23 18:21 - 2014-08-23 18:21 - 00001242 _____ () C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
2014-08-23 18:21 - 2014-08-23 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
2014-08-23 18:21 - 2014-08-23 18:21 - 00000000 ____D () C:\Program Files (x86)\Xirrus
2014-08-23 18:20 - 2014-08-23 18:20 - 00000000 ____D () C:\Users\alee\AppData\Roaming\Xirrus
2014-08-23 18:04 - 2013-09-22 01:26 - 00000000 ____D () C:\TEMP
2014-08-23 15:09 - 2014-08-23 15:09 - 00000748 _____ () C:\Users\alee\Desktop\HxD.ini
2014-08-23 14:52 - 2014-08-23 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2014-08-23 14:52 - 2014-08-23 14:52 - 00000000 ____D () C:\Program Files\TortoiseGit
2014-08-23 14:52 - 2014-08-23 14:52 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-08-23 09:37 - 2013-09-21 00:12 - 00000000 ____D () C:\Users\alee\AppData\Local\CrashDumps
2014-08-23 06:33 - 2009-07-14 10:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 09:11 - 2009-07-14 10:20 - 00000000 ____D () C:\Windows\rescache
2014-08-22 08:34 - 2014-08-22 08:34 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-22 07:11 - 2014-08-22 07:11 - 00001071 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-08-22 07:11 - 2014-08-22 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-08-22 07:09 - 2014-08-22 06:43 - 233663808 _____ (Emsisoft GmbH ) C:\Users\alee\Desktop\Setup.exe
2014-08-22 07:06 - 2014-08-22 07:05 - 00003510 _____ () C:\Users\alee\Desktop\Rkill.txt
2014-08-22 07:05 - 2014-08-22 07:04 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\alee\Desktop\WiNlOgOn.exe
2014-08-22 07:04 - 2014-08-22 07:04 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\alee\Desktop\uSeRiNiT.exe
2014-08-22 06:24 - 2014-07-21 01:16 - 00006384 _____ () C:\Windows\PFRO.log
2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\192.168.1.1
2014-08-21 10:35 - 2014-08-21 10:35 - 00040960 _____ () C:\tftp2.exe
2014-08-21 08:01 - 2014-08-21 08:01 - 00349505 _____ () C:\Users\alee\AppData\Local\census.cache
2014-08-21 08:01 - 2014-08-21 08:01 - 00224755 _____ () C:\Users\alee\AppData\Local\ars.cache
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\XRiteDevice.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\vmprp332.ax
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\olepro32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\nvumdshim.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\igdumd32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\igd10umd32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\eEBUtil2.DLL
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\eEBUtil.dll
2014-08-21 07:53 - 2014-08-21 07:53 - 00000010 _____ () C:\Users\alee\AppData\Local\sponge.last.runtime.cache
2014-08-21 07:38 - 2014-08-21 07:38 - 00000036 _____ () C:\Users\alee\AppData\Local\housecall.guid.cache
2014-08-21 06:46 - 2014-03-01 14:14 - 00000000 ____D () C:\_dwnld_folders
2014-08-21 06:45 - 2014-07-24 10:42 - 00000000 ____D () C:\Program Files (x86)\RegInOut System Utilities
2014-08-21 06:45 - 2014-07-07 22:00 - 00000000 ____D () C:\CCE_Quarantine
2014-08-21 01:57 - 2014-08-21 01:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-21 01:55 - 2014-04-26 23:21 - 00000000 ____D () C:\Users\alee\AppData\Roaming\QuickScan
2014-08-21 00:41 - 2014-08-21 00:40 - 01769472 _____ () C:\dd-wrt.v24_micro_generic.bin
2014-08-20 21:56 - 2014-06-15 12:55 - 00000000 ____D () C:\Users\alee\Desktop\Tor Browser
2014-08-20 21:33 - 2014-08-20 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinePixViewer
2014-08-20 21:33 - 2013-09-20 05:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-20 21:32 - 2014-08-20 21:32 - 00002361 _____ () C:\Users\Public\Desktop\User's Guide.lnk
2014-08-20 21:32 - 2014-08-20 21:32 - 00002310 _____ () C:\Users\Public\Desktop\Introduction of Picture The Future.lnk
2014-08-20 21:32 - 2014-08-20 21:32 - 00001945 _____ () C:\Users\Public\Desktop\FinePixViewer.lnk
2014-08-20 21:32 - 2014-08-20 21:31 - 00000000 ____D () C:\Program Files (x86)\FinePixViewer
2014-08-20 21:32 - 2014-05-24 22:52 - 00000000 ____D () C:\Users\alee\AppData\Roaming\FUJIFILM
2014-08-20 18:36 - 2014-05-24 22:59 - 00000020 ____H () C:\ProgramData\PKP_DLex.DAT
2014-08-20 18:24 - 2014-08-20 18:24 - 03099632 _____ (PassMark Software ® ) C:\wirelessmon.exe
2014-08-20 18:24 - 2014-08-20 18:24 - 00001023 _____ () C:\Users\alee\Desktop\WirelessMon.lnk
2014-08-20 18:24 - 2014-08-20 18:24 - 00000000 ____D () C:\ProgramData\PassMark
2014-08-20 18:24 - 2014-08-20 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WirelessMon
2014-08-20 18:24 - 2014-08-20 18:24 - 00000000 ____D () C:\Program Files (x86)\WirelessMon
2014-08-20 16:30 - 2013-12-02 19:47 - 00007680 _____ () C:\Users\alee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-20 14:34 - 2014-08-20 08:54 - 00000000 ____D () C:\Users\alee\AppData\Local\MetaGeek,_LLC
2014-08-20 08:55 - 2014-08-20 08:55 - 00000000 __SHD () C:\Users\alee\AppData\Local\icsxml
2014-08-20 08:54 - 2014-08-20 08:54 - 00000038 ___SH () C:\Users\alee\AppData\Local\134e6589520e51682091c0.32666518
2014-08-20 08:54 - 2014-08-20 08:54 - 00000000 ____D () C:\Users\alee\AppData\Local\MetaGeek, LLC
2014-08-20 08:53 - 2014-08-20 08:53 - 00002483 _____ () C:\Users\Public\Desktop\Chanalyzer.lnk
2014-08-20 08:53 - 2014-08-20 08:53 - 00000000 ____D () C:\Users\alee\AppData\Roaming\MetaGeek
2014-08-20 08:53 - 2014-08-20 08:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2014-08-20 08:53 - 2014-08-20 08:53 - 00000000 ____D () C:\Program Files (x86)\MetaGeek
2014-08-20 08:52 - 2014-08-20 08:51 - 32645120 _____ () C:\Chanalyzer-Installer.msi
2014-08-20 08:11 - 2014-05-16 06:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 08:09 - 2014-04-02 21:48 - 00000000 ____D () C:\Users\alee\AppData\Roaming\FileZilla
2014-08-20 08:07 - 2014-08-20 08:07 - 00658944 _____ () C:\MicrosoftFixit50191.msi
2014-08-20 07:56 - 2014-08-20 07:56 - 06052529 _____ (Tim Kosse) C:\Users\alee\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-20 07:22 - 2014-05-16 06:58 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-20 07:22 - 2013-10-16 21:30 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-20 07:22 - 2013-10-16 21:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-19 17:43 - 2014-08-19 17:43 - 00002962 _____ () C:\Windows\System32\Tasks\{C587858C-8DD2-4506-B2E6-83631E80B30D}
2014-08-19 17:26 - 2014-08-19 17:26 - 00002962 _____ () C:\Windows\System32\Tasks\{F18A9C1D-3CA1-4D3B-BD4B-39F3FE831889}
2014-08-19 17:26 - 2014-08-19 17:26 - 00002962 _____ () C:\Windows\System32\Tasks\{9F166603-4648-4BD9-9C20-0DE5E42FEBDE}
2014-08-19 15:12 - 2014-06-20 15:35 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403253303
2014-08-19 15:12 - 2014-06-20 15:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-19 12:06 - 2014-08-17 10:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 09:19 - 2014-08-19 09:19 - 00659456 _____ (Speed Guide Inc.) C:\Users\alee\Desktop\TCPOptimizer.exe
2014-08-18 22:15 - 2009-07-14 12:08 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-18 22:10 - 2014-08-18 22:10 - 01586165 _____ () C:\Users\alee\Desktop\ComIntRepair.exe
2014-08-18 20:21 - 2014-08-18 20:21 - 00002085 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk
2014-08-18 20:21 - 2014-08-18 20:21 - 00002065 _____ () C:\Users\Public\Desktop\LR 5.5.lnk
2014-08-18 20:20 - 2013-11-24 14:26 - 00000000 ____D () C:\Program Files\Adobe
2014-08-18 20:13 - 2014-06-14 20:52 - 00000000 ____D () C:\Users\alee\Desktop\Adobe
2014-08-18 17:07 - 2013-10-13 22:40 - 00007612 _____ () C:\Users\alee\AppData\Local\resmon.resmoncfg
2014-08-18 08:23 - 2014-08-18 08:23 - 01118208 _____ () C:\Windows\system32\config\WLANAutoConfigLog.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 01118208 _____ () C:\Windows\system32\config\WindowsFirewallLog.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00673212 _____ () C:\Windows\system32\config\wfpstate.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00441904 _____ () C:\Windows\system32\config\WindowsFirewallConfig.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00377217 _____ () C:\Windows\system32\config\netevents.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00264242 _____ () C:\Windows\system32\config\wfpfilters.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00069632 _____ () C:\Windows\system32\config\WindowsFirewallLogVerbose.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00069632 _____ () C:\Windows\system32\config\WindowsFirewallConsecLogVerbose.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00069632 _____ () C:\Windows\system32\config\WindowsFirewallConsecLog.evtx
2014-08-18 08:23 - 2014-08-18 08:23 - 00036110 _____ () C:\Windows\system32\config\WcnInfo.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00029931 _____ () C:\Windows\system32\config\envinfo.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00016482 _____ () C:\Windows\system32\config\Dns.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00007568 _____ () C:\Windows\system32\tempfile.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00003099 _____ () C:\Windows\system32\config\Neighbors.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00002719 _____ () C:\Windows\system32\config\FileSharing.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00002523 _____ () C:\Windows\system32\config\gpresult.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00001461 _____ () C:\Windows\system32\config\adapterinfo.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00000556 _____ () C:\Windows\system32\config\sysports.xml
2014-08-18 08:23 - 2014-08-18 08:23 - 00000543 _____ () C:\Windows\system32\config\netiostate.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00000466 _____ () C:\Windows\system32\config\WindowsFirewallEffectiveRules.txt
2014-08-18 08:23 - 2014-08-18 08:23 - 00000062 _____ () C:\Windows\system32\config\wfplog.log
2014-08-18 08:23 - 2014-08-18 08:23 - 00000000 ____D () C:\Windows\system32\config\LocaleMetaData
2014-08-18 08:23 - 2014-08-18 08:22 - 00011451 _____ () C:\Windows\system32\config\osinfo.txt
2014-08-18 08:22 - 2014-08-18 08:22 - 00000000 ____D () C:\Windows\system32\Reg
2014-08-17 10:47 - 2014-08-13 15:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-17 10:27 - 2014-08-17 10:27 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-16 10:49 - 2014-08-16 10:49 - 00026592 _____ () C:\Users\alee\Documents\Attach.txt
2014-08-16 09:38 - 2013-10-14 00:10 - 00000000 ____D () C:\Users\alee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-16 09:38 - 2013-10-14 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-16 02:20 - 2014-08-16 02:20 - 00000000 ___SD () C:\32788R22FWJFW
2014-08-16 02:20 - 2014-06-07 18:48 - 00000000 ____D () C:\Qoobox
2014-08-16 02:20 - 2014-06-07 18:47 - 00000000 ____D () C:\Windows\erdnt
2014-08-16 02:02 - 2014-08-16 02:01 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\alee\Desktop\tdsskiller.exe
2014-08-16 01:57 - 2014-08-16 01:57 - 00001490 _____ () C:\Users\alee\Desktop\GooredFix.txt
2014-08-16 01:57 - 2014-08-16 01:57 - 00000000 ____D () C:\Users\alee\Desktop\GooredFix Backups
2014-08-15 15:08 - 2014-08-15 15:08 - 00046438 _____ () C:\ComboFix.txt
2014-08-15 14:57 - 2009-07-14 09:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-15 14:56 - 2014-08-22 07:09 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-08-15 04:19 - 2014-05-26 08:47 - 00000000 ____D () C:\Users\alee\AppData\Roaming\0install.net
2014-08-15 04:17 - 2013-10-15 22:26 - 00001021 _____ () C:\Users\alee\Desktop\Dropbox.lnk
2014-08-15 04:17 - 2013-10-15 22:13 - 00000000 ____D () C:\Users\alee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-15 04:13 - 2014-05-26 08:47 - 00000000 ____D () C:\Users\alee\AppData\Local\0install.net
2014-08-15 03:00 - 2013-05-30 00:10 - 00000000 ____D () C:\_DownloadedMedia
2014-08-14 21:22 - 2014-08-14 21:22 - 00000000 ____D () C:\NVIDIA
2014-08-14 19:43 - 2014-08-14 19:43 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-08-14 19:43 - 2014-08-14 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-08-14 19:40 - 2014-08-14 19:40 - 50067152 _____ (Microsoft Corporation) C:\MouseKeyboardCenter_64bit_ENG_2.3.188.exe
2014-08-14 13:20 - 2014-08-14 13:19 - 00035482 _____ () C:\Users\alee\Desktop\Noname1.txt
2014-08-14 12:19 - 2013-09-20 17:21 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-08-14 12:04 - 2013-09-20 17:30 - 00000000 ____D () C:\Windows\pss
2014-08-14 09:38 - 2014-07-20 20:59 - 00000000 ____D () C:\Users\alee\AppData\Local\Picmeta
2014-08-14 09:32 - 2014-07-20 20:09 - 00000000 ____D () C:\Program Files\Bulk Rename Utility
2014-08-14 03:18 - 2013-09-20 18:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:13 - 2013-09-20 20:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:06 - 2013-09-20 20:45 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 16:16 - 2014-08-13 15:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-13 15:32 - 2014-08-13 15:32 - 00001389 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-13 15:32 - 2014-08-13 15:32 - 00001377 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-13 15:32 - 2014-08-13 15:32 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-13 15:32 - 2014-08-13 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-13 15:32 - 2009-07-14 10:20 - 00000000 ____D () C:\ProgramData\Microsoft
2014-08-13 14:18 - 2013-10-17 00:41 - 00004111 _____ () C:\Users\alee\Desktop\New Text Document.txt
2014-08-13 07:53 - 2013-09-20 18:09 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-08-10 22:03 - 2014-01-14 07:46 - 00000000 ____D () C:\BKK
2014-08-10 11:57 - 2009-07-14 12:13 - 00787214 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-09 10:56 - 2014-04-02 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-09 10:56 - 2014-04-02 21:47 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-09 02:14 - 2014-07-30 20:34 - 00351876 _____ () C:\Users\alee\Documents\com.robcole.lightroom.PhotooeyPublisher.log
2014-08-08 12:04 - 2014-08-01 18:57 - 00048433 _____ () C:\Users\alee\Documents\com.robcole.FTPAggregator.log
2014-08-07 20:23 - 2014-06-01 18:32 - 00000000 ____D () C:\Users\alee\AppData\Roaming\PhotoLine
2014-08-07 18:40 - 2014-08-07 18:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-07 18:40 - 2014-08-07 18:40 - 00000000 ____D () C:\Windows\system32\NV
2014-08-07 18:40 - 2014-06-03 11:41 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-07 18:38 - 2013-09-20 06:41 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-07 12:34 - 2014-08-07 12:33 - 06004615 _____ (Tim Kosse) C:\Users\alee\Downloads\FileZilla_3.9.0.2_win32-setup.exe
2014-08-07 12:29 - 2013-11-13 01:22 - 00000000 ____D () C:\Users\alee\AppData\Local\NVIDIA Corporation
2014-08-06 21:33 - 2014-08-06 21:33 - 00249120 _____ (NVIDIA Corporation) C:\Windows\system32\cudart32_55.dll
2014-08-06 16:04 - 2014-08-06 16:04 - 00035479 _____ () C:\Users\alee\Desktop\Noname2.php
2014-08-06 11:30 - 2014-08-05 23:04 - 00000000 ____D () C:\Users\alee\AppData\Local\.pLoader
2014-08-05 20:55 - 2014-07-30 20:34 - 00000000 ____D () C:\Users\alee\AppData\Roaming\com.robcole
2014-08-05 12:40 - 2014-05-11 19:16 - 00134720 _____ () C:\Users\alee\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 12:34 - 2014-08-05 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-08-05 12:34 - 2014-08-05 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-08-05 09:20 - 2010-11-21 10:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-05 00:32 - 2014-08-01 21:46 - 00050829 _____ () C:\Users\alee\Documents\com.robcole.lightroom.PhotooeyPublisher.log.bak
2014-08-04 11:30 - 2014-08-01 21:47 - 00016037 _____ () C:\Users\alee\Documents\com.robcole.FTPAggregator.log.bak
2014-08-03 14:20 - 2014-08-03 14:20 - 00000000 ____D () C:\JPEGView64
2014-08-03 06:37 - 2014-08-03 06:32 - 00193536 _____ () C:\Users\alee\Documents\test-2.dmc
2014-08-03 06:37 - 2014-06-27 11:51 - 16264192 _____ () C:\Users\alee\Documents\test.dmc
2014-08-03 06:33 - 2014-08-03 06:33 - 00192512 _____ () C:\Users\alee\Documents\test-2_backup024.dm~
2014-08-01 11:34 - 2014-08-01 11:28 - 00006582 _____ () C:\Users\alee\Documents\LogFile.log
2014-08-01 11:20 - 2014-08-01 10:44 - 00002726 _____ () C:\Users\alee\Documents\RC_Photooey_WebPhotos_LogFile.log
2014-08-01 07:03 - 2014-07-29 11:57 - 05981830 _____ (Tim Kosse) C:\Users\alee\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-08-01 06:19 - 2014-07-06 18:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 08:25 - 2014-07-12 21:03 - 00000000 ____D () C:\Users\alee\Desktop\Old Firefox Data
2014-07-27 10:16 - 2014-07-13 15:28 - 00009538 _____ () C:\Windows\DPINST.LOG
2014-07-27 10:15 - 2013-11-30 20:22 - 00000989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2014-07-27 10:15 - 2013-11-30 20:22 - 00000983 _____ () C:\Users\Public\Desktop\VueScan x64.lnk
2014-07-27 10:15 - 2013-11-30 20:22 - 00000000 ____D () C:\Program Files\VueScan
2014-07-27 08:14 - 2009-07-14 10:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-27 08:14 - 2009-07-14 10:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-27 07:19 - 2014-08-09 08:37 - 05326417 _____ (Phil Harvey) C:\Windows\exiftool.exe
2014-07-27 02:26 - 2013-09-20 16:44 - 00779828 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\alee\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa0qouu.dll
C:\Users\alee\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 20:45

==================== End Of Log ============================

************************************

* The FRST Addiction.txt: *

************************************

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by alee at 2014-08-26 20:42:39
Running from C:\Users\alee\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Disabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe CMM (HKLM-x32\...\Adobe_20605a51cb0190b8e219bc496fc6aa0) (Version: 1.1 - Adobe Systems Incorporated)
Adobe CMM (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AmoK Exif Sorter 2.5.6 (remove only) (HKLM-x32\...\AmoKExifSorter2) (Version:  - )
Assessments on Client (x32 Version: 8.100.26629 - Microsoft) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
Attachments Processor for Outlook (HKLM-x32\...\{2006DA28-2AC7-44C4-A04D-FE87DCB0AF66}) (Version: 4.4.0 - MAPILab Ltd.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone (HKLM-x32\...\{2DD49F19-1D22-494C-8EF3-4ED4803BC0B8}) (Version: 5.0.0.681 (Platform 5.2.0.67) - Research In Motion Ltd.)
BlackBerry World Browser Plugin (HKLM-x32\...\{FBB8780A-27B9-4A07-ACB6-85A46262A002}) (Version: 10.2.168.17 - Research In Motion Limited)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
calibre (HKLM-x32\...\{35FF5DC5-A622-4055-A8BB-6D4F01AF6F57}) (Version: 1.22.0 - Kovid Goyal)
Capture NX-D (HKLM\...\{56E8726C-8674-4715-8535-011DE67F2A6D}) (Version: 0.9.1 - Nikon)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Celestia 1.5.1 (HKLM-x32\...\Celestia_is1) (Version:  - Shatters Software)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Chanalyzer (HKLM-x32\...\{1D87ABCE-BC53-4B5A-A604-4CCC50E8D1F1}) (Version: 5.6.0.113 - MetaGeek, LLC)
ColorSpace 1.1.1 (HKLM-x32\...\ColorSpace_is1) (Version:  - Couleur.org)
ColorThink Pro v3.0.3 (HKLM-x32\...\{ 2BA6AC98-27FE-52BE-AA1D-1542547B260E }_is1) (Version:  - CHROMiX, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.32.50 - Conexant)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daminion 3.0.0.994 (HKLM-x32\...\{EFD0A11E-2F0B-40A9-A4BA-DD63C779E4D5}_is1) (Version: 3.0.0.994 - Daminion Software)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Document Express DjVu Plug-in (HKLM-x32\...\{6917F75F-9CB8-4FC5-AA62-480B0C104619}) (Version: 6.1.33592 - Cuminas Corporation)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dolphin 4.0 (HKLM-x32\...\Dolphin) (Version: 4.0 - Dolphin Development Team)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Duplicate Email Remover (HKLM-x32\...\{7AA36634-4324-4EF4-8C0C-D8EF1FC2BEA4}) (Version: 2.17.2 - MAPILab Ltd.)
Duplicates Remover for Outlook (HKLM-x32\...\{27A46318-2195-4B4F-9D5D-9ED27C2520A2}) (Version: 2.6.0 - MAPILab Ltd.)
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A3_is1) (Version: DVD slideshow GUI 0.9.5.4 - Tin2tin)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
EditPlus 3 (HKLM-x32\...\EditPlus 3) (Version:  - ES-Computing)
Elevated Installer (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)
Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden
EPSON ColorBase (HKLM-x32\...\{A9B13886-4787-4BE5-B291-7A668CF30F1E}) (Version: 2.6.3.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{674E262F-72EA-41C1-AF16-9727311A4553}) (Version: 2.4.1.0 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version: 1.60.000 - )
Epson Print Plug-In for Photoshop (HKLM-x32\...\{55C46E37-2E54-49A4-8395-C1C252B26D09}) (Version: 1.2.1.0 - SEIKO EPSON CORPORATION)
Epson Print Plug-In for SILKYPIX (HKLM-x32\...\{1E7BB5E4-30B7-4237-94BB-DC5CE594D5B2}) (Version: 1.0.3.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Stylus Photo R3000 Printer Uninstall (HKLM\...\Epson Stylus Photo R3000) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet SDK for Windows (HKLM-x32\...\{57E43A88-5936-11D7-AB30-0050DA8CDA09}) (Version: 1.00.020 - EPSON)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
ExpressPCB (HKLM-x32\...\{ED5F7AF9-347B-4440-A211-C6236508CC08}) (Version: 7.0.2 - ExpressPCB)
FileZilla Client 3.9.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.2 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
FreeHDL 0.0.8 binary package for Win32 (HKLM-x32\...\FreeHDL_is1) (Version:  - the Qucs team)
Garmin City Navigator Europe NT 2012.30 Update (HKLM-x32\...\{71401465-5DAD-4E95-BCFC-B13DFDD9771E}) (Version: 15.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d6f59919-3fd4-48c5-8404-def6f92d8422}) (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Chrome Canary (HKCU\...\Google Chrome SxS) (Version: 39.0.2130.0 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp Pro 2014 v14.0.4900 (HKLM-x32\...\Google SketchUp Pro 2014 v14.0.490014.0.4900) (Version: 14.0.4900 - Friends in War)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version:  - )
i1Profiler (HKLM-x32\...\i1Profiler_is1) (Version: 1.5.4 - X-Rite)
Icarus Verilog 0.9.6 (HKLM-x32\...\Icarus Verilog 0.9.6_is1) (Version: 0.9.6 - Icarus)
ICC Profile Inspector 2.4.0 (HKLM-x32\...\ICC Profile Inspector_is1) (Version:  - Huanzhao Zeng)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version:  - Christian Kindahl)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
ISO Creator 1.0 (HKLM-x32\...\{78D80EAF-1ADB-46A8-AF6F-EBB18B6ADBCE}) (Version: 1.0.0 - Bunny-Wabbit)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
JExifViewer (HKLM-x32\...\{8CE0D80E-6BBA-4F65-90CE-D44DC99B4F0C}) (Version: 1.8.0.0 - Reiner Pröls)
jMonkeyEngine SDK (HKLM\...\nbi-jmonkeyplatform-3.0.5.0.4) (Version:  - )
JPEG Recovery Pro 5.0 (HKLM-x32\...\JPEG Recovery Pro5.0) (Version: 5.0 - e.World Technology Limited)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.204.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1519 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1519 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.3.3 - ELAN Microelectronic Corp.)
Lenovo Solution Center (HKLM\...\{B73D2BF9-2C82-40A4-AFA8-32CE2E501640}) (Version: 2.2.002.00 - Lenovo Group Limited)
LINE (HKLM-x32\...\LINE) (Version: 3.7.4.97 - LINE Corporation)
LProf (remove only) (HKLM-x32\...\LProf) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft USB Hub and Controller Test Tool (MUTT) v1.9.1 (HKLM-x32\...\{3CD9D9C8-AE23-4503-A665-FB5DF9442685}) (Version: 1.9.1 - Microsoft)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Finalizer (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support  - Module linguistique Français (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MinGW32 C/C++ 0.0.2 binary package for Win32 (HKLM-x32\...\MinGW32 C/C++_is1) (Version:  - the Qucs team)
MiniTool Partition Wizard Home Edition 8.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nalpeiron Service Update to 7.3.5 (HKLM-x32\...\Nalpeiron Service Update to 7.3.5) (Version: 7.3.5 - Nalpeiron)
Nalpeiron Service Update to 7.3.5 (x32 Version: 7.3.5 - Nalpeiron) Hidden
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ONYX Printer & Profile Download Manager 20100602-0 (HKLM-x32\...\ONYX Printer & Profile Download Manager 20100602-0) (Version:  - Onyx Graphics)
Opera Stable 23.0.1522.77 (HKLM-x32\...\Opera 23.0.1522.77) (Version: 23.0.1522.77 - Opera Software ASA)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Palringo (HKLM-x32\...\Palringo) (Version:  - Palringo Limited)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PhotoLine 18.0.2.0 (HKLM\...\PhotoLine_is1) (Version: 18.0.2.0 - Computerinsel GmbH)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.0 - Nikon)
Piwigo Export Plug-in version 2.2.5 for Adobe Lightroom (HKLM-x32\...\Piwigo Export Plug-in for Adobe Lightroom_is1) (Version: 2.2 - AlloyPhoto)
Planetary, Lunar, and Stellar Visibility (HKLM-x32\...\{82D73838-E380-486A-A083-9D267ADFC5CB}) (Version: 3.1.0 - Alcyone Software)
PoivY (HKLM-x32\...\PoivY_is1) (Version: 4.13 build 735 - Finarea S.A. Switzerland)
ProductionHouse 10 (HKLM-x32\...\ProductionHouse 10) (Version:  - Onyx Graphics)
PRODUCTIONSERVER4 (x32 Version: 4.04.0079 - ColorGATE Digital Output Solutions GmbH) Hidden
ProTiler 1.0 (HKLM-x32\...\ProTiler 1.0) (Version:  - )
PTLens (HKLM\...\{4B6787A4-B814-4C6E-832B-4D8634C4585F}) (Version: 3.0.659 - ePaperPress)
Qimage Ultimate (HKLM-x32\...\Qimage Ultimate) (Version:  - )
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quite Universal Circuit Simulator 0.0.17 binary package for Win32 (HKLM-x32\...\Qucs_is1) (Version:  - the Qucs team)
RAW FILE CONVERTER EX powered by SILKYPIX (HKLM-x32\...\InstallShield_{30B1CCDB-209B-4E94-8311-379F2E6B6B59}) (Version: 3 - Ichikawa Soft Laboratory)
RAW FILE CONVERTER EX powered by SILKYPIX (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.)
RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities_is1) (Version: 4.0 - SORCIM Technologies Pvt Ltd)
RGB Cube 1.1.1 (HKLM-x32\...\RGB Cube_is1) (Version:  - Couleur.org)
RTI RIP-Kit 10.0 Demo (HKLM-x32\...\{DCCD147F-EB78-4C74-8259-C64D11C2F15D}) (Version:  - )
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Sentinel Runtime (HKLM-x32\...\{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}) (Version: 6.3.1.28367 - SafeNet Inc.)
Sentinel System Driver (HKLM-x32\...\Rainbow Sentinel Driver) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
SILKYPIX Developer Studio Pro 6 English (HKLM-x32\...\InstallShield_{ADB2068B-EA4D-463F-81FB-6B9BFC408B71}) (Version: 6 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio Pro 6 English (Version: 6 - Ichikawa Soft Laboratory) Hidden
SILKYPIX Developer Studio Pro 6 English Library (Version: 6.0.8.1 - Ichikawa Soft Laboratory) Hidden
SILKYPIX Developer Studio Pro 6 English Library (x32 Version:  - ) Hidden
SketchUp 2013 (HKLM-x32\...\{E74C0D09-8730-4714-8C6F-019FBF7F1B42}) (Version: 13.0.3689 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
SketchUp Viewer (HKLM-x32\...\{6A4BE330-6778-4329-AB4E-69E86786DAB6}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sonic Visualiser (HKLM-x32\...\{49ECD2A3-7B85-4DCB-A900-44D64F5C5687}) (Version: 2.3.0 - Queen Mary, University of London)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
StellariumZodiacPlugin 0.12.0 (HKLM-x32\...\StellariumZodiacPlugin_is1) (Version:  - )
Timeline 1.3.0 (HKLM-x32\...\Timeline_is1) (Version:  - Rickard Lindberg <ricli85@gmail.com>)
Toolkit Documentation (x32 Version: 8.100.26629 - Microsoft) Hidden
TortoiseGit 1.8.3.0 (64 bit) (HKLM\...\{C39D5E7E-0CA3-4090-AAE3-9F7F4D5D567A}) (Version: 1.8.3.0 - TortoiseGit)
Twilight 1.5.0 (HKLM-x32\...\{85DE2438-F521-4867-8CB5-2B82013B5C7B}_is1) (Version:  - )
UIF to ISO version 1.0 (HKLM-x32\...\{D1A56C98-DCAD-4735-8E61-02C867D92DE8}_is1) (Version: 1.0 - uiftoiso.com)
UltraStar Creator (HKLM-x32\...\UltraStar Creator) (Version: 1.1.0 - usc Community)
Uninstall dispcalGUI (HKLM-x32\...\{4714199A-0D66-4E69-97FF-7B54BFF80B88}_is1) (Version: 2.1.0.0 - Florian Höch)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPRO_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPRO_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPRO_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPRO_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPRO_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJPRO_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPRO_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPRO_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
USB GamePad (HKLM-x32\...\{B8CDAD75-96FB-48A5-A2AE-6515DDEB7BFA}) (Version: 3.85 - My Company Name)
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VisualRoute (HKLM-x32\...\VisualRoute) (Version:  - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WicReset version 3.0.1.1 (HKLM-x32\...\{20379D3A-321B-4830-96A6-37183B713AE8}_is1) (Version: 3.0.1.1 - TWOMANUALS)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{9277b0c4-2ca8-431b-b4e2-98daf4005ec0}) (Version: 8.100.26629 - Microsoft Corporation)
Windows Assessment Services - Client (AMD64 Architecture Specific, Client SKU) (x32 Version: 8.100.25984 - Microsoft) Hidden
Windows Assessment Services - Client (Client SKU) (x32 Version: 8.100.26629 - Microsoft) Hidden
Windows Assessment Toolkit (AMD64 Architecture Specific) (x32 Version: 8.100.25984 - Microsoft) Hidden
Windows Assessment Toolkit (x32 Version: 8.100.26629 - Microsoft) Hidden
Windows Deployment Customizations (x32 Version: 8.100.25984 - Microsoft) Hidden
Windows Deployment Tools (x32 Version: 8.100.26629 - Microsoft) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 4.0.9.0 - BiniSoft.org)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows PE x86 x64 (x32 Version: 8.100.25984 - Microsoft) Hidden
Windows PE x86 x64 wims (x32 Version: 8.100.25984 - Microsoft) Hidden
Windows System Image Manager on amd64 (x32 Version: 8.100.26629 - Microsoft) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WirelessMon V4.0 (HKLM-x32\...\WirelessMon_is1) (Version:  - PassMark Software ®)
WPT Redistributables (x32 Version: 8.100.26629 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26629 - Microsoft) Hidden
Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
X-Rite Device Services Manager (HKLM-x32\...\{2ECE8EE0-2DBB-444F-92F1-D7C7637CCF70}) (Version: 2.3.81 - X-Rite)
Zero Install (HKLM\...\Zero Install_is1) (Version: 2.6.2 - 0install.de)
ZoneAlarm Firewall (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.1.211.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZynAddSubFX 2.2.0 (HKLM-x32\...\ZynAddSubFX) (Version: 2.2.0 - Nasca Octavian Paul)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{1BEAC3E3-B852-44F4-B468-8906C062422E}\localserver32 -> C:\Users\alee\AppData\Local\Google\Chrome SxS\Application\39.0.2130.0\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\alee\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\alee\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\alee\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\alee\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\alee\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\alee\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\alee\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2915537779-2898195281-3898161190-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\alee\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-08-2014 14:31:02 Installed FinePixViewer
20-08-2014 14:32:14 Installed FinePixViewer Resource
20-08-2014 14:32:59 Installed FinePixViewer YTUPL
21-08-2014 03:25:35 Windows Modules Installer
21-08-2014 03:52:10 Windows Modules Installer
22-08-2014 23:33:08 Installed Microsoft Camera Codec Pack
23-08-2014 07:52:27 Installed TortoiseGit 1.8.3.0 (64 bit)
23-08-2014 11:20:20 Installed Xirrus Wi-Fi Inspector
24-08-2014 00:02:41 Installed Atheros Communications Inc.® AR81Family Gigabit/Fast…j`e

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-04-03 17:07 - 2014-08-22 10:27 - 00001506 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 wip.adobe.com adobe-dns-2.adobe.com activate-sjc0.adobe.com practivate.adobe.ipp adobe-dns-2.adobe.de 3dns-1.adobe.com activate.wip1.adobe.com practivate.adobe.newoa activate.wip.adobe.com
127.0.0.1 wip1.adobe.com 3dns-4.adobe.com activate.wip2.adobe.com activate.adobe.de practivate.adobe.de 3dns-3.adobe.com crl.verisign.net activate.wip3.adobe.com hl2rcv.adobe.com
127.0.0.1 wip4.adobe.com practivate.adobe.com www.wip2.adobe.com wip2.adobe.com 3dns-3.adobe.de adobe-dns-3.adobe.com activate-sjc0.adobe.de ereg.wip1.adobe.com CRL.VERISIGN.NET
127.0.0.1 www.wip3.adobe.com wwis-dubc1-vip60.adobe.com ood.opsource.net ereg.adobe.de activate.adobe.com ereg.wip.adobe.com adobe-dns-5.adobe.com 3dns-2.adobe.de practivate.adobe.ntp
127.0.0.1 na1r.services.adobe.com practivate.adobe adobe-dns-3.adobe.de 3dns-2.adobe.com adobe-dns.adobe.de lm.licenses.adobe.com www.hh-software.com adobe-dns-4.adobe.com adobe-dns-1.adobe.com
127.0.0.1 ereg.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com wip3.adobe.com wip3.adobe.de cmdls.adobe.com www.adobeereg.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ereg.wip2.adobe.com
127.0.0.1 hl2rcv.adobe.de www.wip.adobe.com ereg.wip4.adobe.com hh-software.com wwis-dubc1-vip60.adobe.de activate-sea.adobe.de www.wip1.adobe.com activate.wip4.adobe.com activate-sea.adobe.com
127.0.0.1 ereg.wip3.adobe.de 3dns.adobe.com www.wip4.adobe.com activate.wip3.adobe.de adobe-dns.adobe.com ereg.wip3.adobe.com adobeereg.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {105736F0-F4DA-48F7-9D56-DB9304E31BFA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2915537779-2898195281-3898161190-1000UA => C:\Users\alee\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-03] (Google Inc.)
Task: {130E01BD-D7D9-480B-A375-FE0FB43A3093} - System32\Tasks\{F18A9C1D-3CA1-4D3B-BD4B-39F3FE831889} => Firefox.exe
Task: {168C0A66-D571-4FA2-8297-A4BC5C9FDE60} - \Lenovo\Lenovo Solution Center Launcher No Task File <==== ATTENTION
Task: {2270E007-09D4-4CAC-8812-F01AF924703B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {505794F5-0F15-4203-A9A3-B157DD17ACD1} - System32\Tasks\Opera scheduled Autoupdate 1403253303 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-14] (Opera Software)
Task: {6B5C3BD9-ACAA-45BE-95BF-2D2D4651F196} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7216990C-F1F5-4A3D-89DE-0DA32BE13C89} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2014-04-10] (X-Rite Inc.)
Task: {7ED61FAA-BD35-49AA-95AA-D32020197926} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {7F29C8D7-6927-4B85-B907-D582371C8D7F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.)
Task: {826495CD-8C9F-41E7-AAE6-AF8F55DFD035} - \Lenovo\Lenovo Customer Feedback Program No Task File <==== ATTENTION
Task: {8B1C8D2D-9276-4F80-93DC-FC015616BCBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.)
Task: {8E442CB0-7D43-4FC3-B13D-0B46DA10947F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {93EBDB98-CC7D-40A4-AD2B-0DE59457936E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2915537779-2898195281-3898161190-1000Core => C:\Users\alee\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-03] (Google Inc.)
Task: {9A434334-7226-4E11-9A68-6EFF8B9DD33A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {A6DF8D76-01D6-4CF7-AF18-FB54BAD7C3FB} - System32\Tasks\{C587858C-8DD2-4506-B2E6-83631E80B30D} => Firefox.exe
Task: {B54E151A-0CF7-46AE-9770-C6E471703D6B} - System32\Tasks\{9F166603-4648-4BD9-9C20-0DE5E42FEBDE} => Firefox.exe
Task: {B8B9036A-4822-4DA5-B961-F05E86BEFB2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-20] (Adobe Systems Incorporated)
Task: {C504FC07-0D16-4085-8BCF-52F1AA6CC838} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {C8910516-23DB-49C2-A1B7-D19F974606DC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {E56855C0-C675-4DA6-AA16-36E7C88D4AE8} - System32\Tasks\AdobeAAMUpdater-1.0-alee-PC-alee => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-28] (Adobe Systems Incorporated)
Task: {EF44ADD1-35AC-42E8-9FF8-6FF54155221F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {FF020339-31C7-40C3-8D7B-A9DB8F1BDDDE} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-09] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2915537779-2898195281-3898161190-1000Core.job => C:\Users\alee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2915537779-2898195281-3898161190-1000UA.job => C:\Users\alee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

==================== Loaded Modules (whitelisted) =============

2014-06-03 09:27 - 2014-07-03 01:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-02 02:29 - 2014-05-02 02:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-05 16:26 - 2013-05-05 16:26 - 00597144 _____ () C:\Program Files\TortoiseGit\bin\libgit2.dll
2013-05-05 16:26 - 2013-05-05 16:26 - 00087704 _____ () C:\Program Files\TortoiseGit\bin\zlib1.dll
2014-02-28 17:44 - 2013-12-10 00:33 - 00062000 _____ () C:\Program Files (x86)\EditPlus 3\eppshell64.dll
2014-04-09 16:43 - 2013-06-26 06:54 - 00559680 _____ () C:\Program Files (x86)\Common Files\Global Graphics Software\Harlequin License Server\bin\hqn_lsd.exe
2012-06-07 16:51 - 2012-06-07 16:51 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 10:20 - 2013-09-20 17:04 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2008-12-20 10:20 - 2013-09-20 17:04 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-03-10 23:30 - 2013-09-20 17:04 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2013-09-16 15:40 - 2013-01-09 00:04 - 02936832 _____ () C:\exiftoolgui\ExifToolGUI.exe
2014-07-22 11:47 - 2014-07-22 11:47 - 00575176 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\AgKernel.dll
2014-07-22 11:48 - 2014-07-22 11:48 - 00353992 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\WFCore.dll
2014-07-22 11:48 - 2014-07-22 11:48 - 00033480 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\WFSQLite.dll
2014-07-22 11:48 - 2014-07-22 11:48 - 00088776 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\WFWeb.dll
2014-07-22 11:48 - 2014-07-22 11:48 - 00815304 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\WFOzClient.dll
2014-07-22 11:47 - 2014-07-22 11:47 - 00024776 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\LightroomModels.dll
2014-07-22 11:48 - 2014-07-22 11:48 - 00114888 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\moxplugins\AppManagerLR.mox
2014-07-22 11:48 - 2014-07-22 11:48 - 00246472 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\moxplugins\wpdmanager.mox
2014-08-15 17:25 - 2014-08-15 17:25 - 00053299 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\exiftool.exe
2014-08-22 07:10 - 2014-08-22 16:02 - 00746536 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2014-06-03 08:58 - 2014-07-03 03:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\eEBUtil2.DLL
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\eEBUtil.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\XRiteDevice.dll
2013-06-21 18:29 - 2013-06-21 18:29 - 01588224 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 18:29 - 2013-06-21 18:29 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2014-07-23 15:33 - 2014-07-23 15:33 - 00113664 _____ () C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
2014-08-22 13:40 - 2014-08-22 13:40 - 02116456 _____ () C:\Program Files (x86)\Naver\LINE\amp_window.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\nvumdshim.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\igdumd32.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\olepro32.dll
2014-08-20 21:31 - 2007-02-16 20:01 - 00081920 _____ () C:\Program Files (x86)\FinePixViewer\wia_register_event.dll
2014-08-26 05:38 - 2014-08-26 05:38 - 00043008 _____ () c:\users\alee\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa0qouu.dll
2013-08-24 02:01 - 2013-08-24 02:01 - 25100288 _____ () C:\Users\alee\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-14 03:44 - 2014-08-14 03:44 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2013-09-20 16:58 - 2011-11-30 03:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-09-20 17:25 - 2012-02-22 11:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-07-30 11:42 - 2014-07-30 11:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-21 07:54 - 2014-08-21 07:54 - 00000000 _____ () C:\Windows\system32\igd10umd32.dll
2014-07-08 07:55 - 2014-07-11 02:58 - 00018856 _____ () C:\Program Files (x86)\Java\jre7\bin\jp2native.dll
2014-04-16 11:56 - 2014-07-17 15:05 - 00505344 _____ () C:\Program Files (x86)\AIMP3\Sqlite3.dll
2014-04-16 11:56 - 2014-07-17 15:05 - 00218112 _____ () C:\Program Files (x86)\AIMP3\libsoxr.dll
2014-07-17 15:05 - 2014-07-17 15:05 - 00220672 _____ () C:\Program Files (x86)\AIMP3\Modules\MACDll.dll
2014-07-17 15:05 - 2014-07-17 15:05 - 00294400 _____ () C:\Program Files (x86)\AIMP3\Modules\libFLAC.dll
2014-07-17 15:05 - 2014-07-17 15:05 - 01733120 _____ () C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll
2014-04-16 11:56 - 2014-07-17 15:05 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll
2014-04-16 11:56 - 2014-07-17 15:05 - 00141768 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll
2013-05-05 16:18 - 2013-05-05 16:18 - 00451736 _____ () C:\Program Files\TortoiseGit\bin\libgit232.dll
2013-05-05 16:18 - 2013-05-05 16:18 - 00077464 _____ () C:\Program Files\TortoiseGit\bin\zlib132.dll
2014-02-28 17:46 - 2013-12-10 00:33 - 00060968 _____ () C:\Program Files (x86)\EditPlus 3\eppshell.dll
2014-08-15 17:25 - 2014-08-15 17:25 - 00024665 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\278090af.dll
2014-08-15 17:25 - 2014-08-15 17:25 - 00024671 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\9a6a9a93.dll
2014-08-15 17:25 - 2014-08-15 17:25 - 00086133 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\34bdba63.dll
2014-08-15 17:25 - 2014-08-15 17:25 - 00020571 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\d183fe29.dll
2014-08-15 17:25 - 2014-08-15 17:25 - 00028770 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\4a2ee9db.dll
2014-08-15 17:25 - 2014-08-15 17:25 - 00024674 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\671d8b64.dll
2014-08-17 13:53 - 2014-08-17 13:53 - 00024674 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\966815f4.dll
2014-08-17 18:00 - 2014-08-17 18:00 - 00032865 _____ () C:\Users\alee\AppData\Local\Temp\par-alee\cache-exiftool-9.69\6d48952f.dll
2014-08-20 07:22 - 2014-08-20 07:22 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\alee\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: FolderSize => 2
MSCONFIG\Services: gupdate => 2

==================== Faulty Device Manager Devices =============

Name: Lenovo pointing device
Description: Lenovo pointing device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: ELAN
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/26/2014 00:06:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 05:58:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/26/2014 05:36:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:41:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/24/2014 05:46:32 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-2915537779-2898195281-3898161190-1000}/">.

Error: (08/24/2014 07:53:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/24/2014 07:34:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/24/2014 05:51:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2014 09:39:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2014 06:17:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/26/2014 05:36:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
%%1053

Error: (08/26/2014 05:36:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm Privacy Service service to connect.

Error: (08/26/2014 05:35:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Nalpeiron Licensing Service service terminated with the following error:
%%5

Error: (08/26/2014 05:35:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053

Error: (08/26/2014 05:35:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

Error: (08/26/2014 05:35:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (08/26/2014 05:35:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/26/2014 05:35:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Zero Install Store Service service failed to start due to the following error:
%%1053

Error: (08/26/2014 05:35:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Zero Install Store Service service to connect.

Error: (08/26/2014 05:34:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Sentinel service failed to start due to the following error:
%%1275


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-08-17 14:11:42.065
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 14:11:42.018
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 14:11:41.974
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 14:11:41.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 13:49:57.667
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\consent.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 13:49:57.613
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\consent.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 13:49:57.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\consent.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-17 13:49:57.477
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\consent.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-15 14:42:03.035
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-15 14:42:03.006
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 79%
Total physical RAM: 6009.77 MB
Available physical RAM: 1208.54 MB
Total Pagefile: 12017.73 MB
Available Pagefile: 6221.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Lenovo) (Fixed) (Total:579.12 GB) (Free:101.56 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:97.66 GB) (Free:53.31 GB) NTFS
Drive x: (1K_DigiCamera) (Fixed) (Total:493.98 GB) (Free:314.74 GB) NTFS
Drive y: (1K_Filmscan) (Fixed) (Total:200.35 GB) (Free:139.19 GB) NTFS
Drive z: (1K_Music) (Fixed) (Total:237.18 GB) (Free:80.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 9379923D)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 9865789A)
Partition 1: (Active) - (Size=494 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.3 GB) - (Type=OF Extended)

==================== End Of Log ============================

 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 26 August 2014 - 09:14 AM

Welcome,

 

Just wanted to let you know I am here but on my way out for a few hours.  My guess is you will be fast asleep before I am able to post a reply but rest assured I will post as soon as possible.  Thanks for the information.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 26 August 2014 - 01:52 PM

Greetings and thank you for your patience.

 

There is evidence of pirated software on your computer and I am going to request you remove it.  Please let me know if you are willing to do that so that we may continue.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#8 teebe

teebe
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 26 August 2014 - 07:40 PM

Ok, let me know, thank's

T



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 26 August 2014 - 08:07 PM

Thank you.

Looks like you have done quite a bit of work already on this. Please do this.

===================================================

Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I recommend uninstalling Spybot Search & Destroy at least while we are addressing your issues. The presence of this program can make cleaning your computer more difficult.

If you choose to uninstall please go to Start, Control Panel, Add/Remove Programs (or Programs and Features) and uninstall the program.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
S3 ALSysIO; \??\C:\Users\alee\AppData\Local\Temp\ALSysIO64.sys [X]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\combofix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; No ImagePath
Task: {168C0A66-D571-4FA2-8297-A4BC5C9FDE60} - \Lenovo\Lenovo Solution Center Launcher No Task File <==== ATTENTION
Task: {7ED61FAA-BD35-49AA-95AA-D32020197926} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {826495CD-8C9F-41E7-AAE6-AF8F55DFD035} - \Lenovo\Lenovo Customer Feedback Program No Task File <==== ATTENTION
AlternateDataStreams: C:\Users\alee\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Copy/paste the following in the Search Field
tcpip.sys
  • Click Search File(s) button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Search.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#10 teebe

teebe
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 27 August 2014 - 10:35 PM

As requested

************

*FIXLOG*

************

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by alee at 2014-08-28 10:20:48 Run:1
Running from C:\Users\alee\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
S3 ALSysIO; \??\C:\Users\alee\AppData\Local\Temp\ALSysIO64.sys [X]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\combofix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter;
system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; No ImagePath
Task: {168C0A66-D571-4FA2-8297-A4BC5C9FDE60} - \Lenovo\Lenovo Solution Center Launcher No Task File <==== ATTENTION
Task: {7ED61FAA-BD35-49AA-95AA-D32020197926} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {826495CD-8C9F-41E7-AAE6-AF8F55DFD035} - \Lenovo\Lenovo Customer Feedback Program No Task File <==== ATTENTION
AlternateDataStreams: C:\Users\alee\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
ALSysIO => Service deleted successfully.
AthBTPort => Service deleted successfully.
BTATH_A2DP => Service deleted successfully.
btath_avdt => Service deleted successfully.
BTATH_BUS => Service deleted successfully.
BTATH_HCRP => Service deleted successfully.
BTATH_LWFLT => Service deleted successfully.
BTATH_RCP => Service deleted successfully.
BtFilter => Service deleted successfully.
catchme => Service deleted successfully.
ewusbmbb => Service deleted successfully.
ew_hwusbdev => Service deleted successfully.
ew_usbenumfilter => Service deleted successfully.
system32\DRIVERS\ew_usbenumfilter.sys [X] => Error: No automatic fix found for this entry.
huawei_enumerator => Service deleted successfully.
hwdatacard => Service deleted successfully.
Sentinel => Service deleted successfully.
VGPU => Service deleted successfully.
vsserv => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{168C0A66-D571-4FA2-8297-A4BC5C9FDE60}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{168C0A66-D571-4FA2-8297-A4BC5C9FDE60}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Solution Center Launcher" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7ED61FAA-BD35-49AA-95AA-D32020197926}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ED61FAA-BD35-49AA-95AA-D32020197926}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{826495CD-8C9F-41E7-AAE6-AF8F55DFD035}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{826495CD-8C9F-41E7-AAE6-AF8F55DFD035}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program" => Key deleted successfully.
C:\Users\alee\AppData\Roaming\Microsoft Excel 97-2003.EML => ":OECustomProperty" ADS removed successfully.

==== End of Fixlog ====

 

****************

*Search.txt*

****************

Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by alee at 2014-08-28 10:23:28
Running from C:\Users\alee\Desktop
Boot Mode: Normal

================== Search Files: "tcpip.sys" =============

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2014-06-12 07:59][2014-04-05 09:37] 1897408 ____A (Microsoft Corporation) 4F80944B03112F486212DC20BE166079 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013-10-13 22:39][2013-09-07 09:27] 1896896 ____A (Microsoft Corporation) 75F9106B74585D38C8FF6BB5CAD262D7 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013-09-20 18:24][2012-10-04 00:44] 1902472 ____A (Microsoft Corporation) D5707FC2300AA5B04B7BFE86D40C0133 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2014-06-12 07:59][2014-04-05 09:47] 1903552 ____A (Microsoft Corporation) 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2013-10-13 22:39][2013-09-08 09:30] 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013-09-20 18:24][2012-10-04 00:56] 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010-11-21 10:24][2010-11-21 10:24] 1924480 ____A (Microsoft Corporation) 509383E505C973ED7534A06B3D19688D [File is signed]

C:\Windows\System32\drivers\tcpip.sys
[2014-06-12 07:59][2014-04-05 09:47] 1903552 ____A (Microsoft Corporation) 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E [File is signed]

C:\Windows\erdnt\cache64\tcpip.sys
[2014-08-14 10:17][2014-04-05 09:47] 1903552 ____A (Microsoft Corporation) 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E [File is signed]

====== End Of Search ======



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 28 August 2014 - 08:29 AM

Thank you,

How is your computer behaving?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#12 teebe

teebe
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 28 August 2014 - 09:40 AM

Yes, is better now. Slight shorter boot time, no SWF Flashplayer crashes in 12h. However this behavior was already seen, i.e, installing new FF version or resetting either Chorome or FF, went stable and then it fail again after one or two days (no torrents in between). I would better answer tomorrow or after tomorrow; this behavior made me thinking to a bunch of different infection, tapping, malware or even ISP throttling or killing persistent video streaming. Also, I noticed in addition.txt is not sure if tcpip.sys is the latest MS version or a forged one (missing signature) and in search.txt was listed a number of same filenames with different signatures but no action has been taken, what to do? Am I wrong? BTW, thanks for your efforts, Tiberio

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 28 August 2014 - 01:19 PM

Greetings,

All copies of tcpip.sys are legitimate. Please run these.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
EmptyTemp:
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

HijackThis

--------------------
  • Download HijackThis and save it to your desktop
  • Double click the HijackThis icon, then select Run
  • If prompted select I Accept
  • Click on Do a system scan and save a logfile
  • Ignore any warning regarding the Hosts file
  • A report will be generated and will appear on your desktop as an open Notepad document
  • Copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • HJT log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:16 AM

Posted 01 September 2014 - 07:40 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#15 teebe

teebe
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 01 September 2014 - 08:10 AM

ok, here is my report: - Slow boot, before was ~15min from power-on to complete desktop draw and refresh, now is about 10min. No new application installed. Suddenly on first boot after last action taken and logoff-shutdown Windows update installed about 80 updates. - SWF Flashplayer crashes, before was many per day, about 2h survival time. The first day was smooth, no crashes; the second day 12h (x2 crashes), now is around 3..4 FF plugin crashes per day. Just installed one translator plugin today. This figure is not specific, it could be better or worse in next days, my felling is like it's filling up a cup of worms time by time but I might be wrong. As someone says, the only secured computer is the one powered off and buried. Do there is any further action? As this Win7 was installed (painfully because of Lenovo drivers) one year ago, then at least two big applications installation event with malware contamination happen, it could better to scratch the system and start from fresh, I wouldn't be surprised. However if you have a last chance let's try it. In any case thank you for your efforts, it's working better than before. Tiberio




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users