Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SecurityHelper.dll is being detected every time I boot up


  • This topic is locked This topic is locked
2 replies to this topic

#1 jhb019

jhb019

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 26 April 2015 - 08:56 AM

Every time I boot up my computer, I get a message from ESET Smart Security saying that it has quarantined SecurityHelper.dll which is supposedly a variant of Win64/Sathurbot.A trojan. The file is located at C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll. It seems like the file is being generated in that location every time explorer.exe is run, as if I end the explorer.exe process and then restart it, I get the quarantine message again.

 

C:\ProgramData\Microsoft\Performance\Monitor\ also contains a file called PerformanceMonitor.dll which seems to have been created at the same time as the problem started. If I try and do anything with this file (such as copy it to another location), it tells me that I can't because the file is open in Windows Explorer.

 

C:\ProgramData\Microsoft\Performance\Monitor\ also contains a folder called temp. This folder is being created every time the file is being quarantined, but there is nothing in the folder.

 

I have run FRST and my logs are below.

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Jamie (administrator) on JAMIE-LAPTOP on 26-04-2015 14:39:51
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available profiles: Jamie)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Hanwang Technology Co.,Ltd. ) C:\Program Files\ASUS\ASUS FaceID\HWFaceKeyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\DS3 Drivers\ScpService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\Jamie\AppData\Roaming\ACEStream\updater\ace_update.exe
() C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(BitTorrent Inc.) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\Run: [Spotify Web Helper] => C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-15] (Spotify Ltd)
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\Run: [Google Update] => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-04] (Google Inc.)
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\Run: [AceUpdater] => C:\Users\Jamie\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\Run: [AceWebExtensionUpdater] => C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe [22824 2015-02-28] ()
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\MountPoints2: {231288d7-c827-11e4-826c-8019341093e7} - "D:\setup.exe" 
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-04-20]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-04-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-04-24] ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-1485790007-1687985068-345982264-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1485790007-1687985068-345982264-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-04-20] (LastPass)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-04-20] (LastPass)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-02-24] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-04-20] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-04-20] (LastPass)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-13] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\b4ekwmrf.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-04-20] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-01-26] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-04-20] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1485790007-1687985068-345982264-1001: @acestream.net/acestreamplugin,version=3.0.11 -> C:\Users\Jamie\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-1485790007-1687985068-345982264-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jamie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1485790007-1687985068-345982264-1001: @talk.google.com/O1DPlugin -> C:\Users\Jamie\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1485790007-1687985068-345982264-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1485790007-1687985068-345982264-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jamie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jamie\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: AS Magic Player - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\b4ekwmrf.default\Extensions\magicplayer@acestream.org [2015-03-11]
FF Extension: LastPass - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\b4ekwmrf.default\Extensions\support@lastpass.com [2015-04-20]
FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-03-19]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Angry Birds) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-02-13]
CHR Extension: (Chrome Key Event Tester) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\amndppkiecbdmiaihgbicalhabkkhhpk [2015-03-18]
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-13]
CHR Extension: (History site blocker) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgnheiibhnjklgimaldgngjcfblachh [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-13]
CHR Extension: (Mailto: for Gmail™) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2015-02-13]
CHR Extension: (MightyText - SMS from PC & Text from PC / Mac) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2015-03-03]
CHR Extension: (Google Play Music) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-02-13]
CHR Extension: (My JDownloader) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2015-04-25]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-02-13]
CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-02-13]
CHR Extension: (The Camelizer) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-02-13]
CHR Extension: (BetaFish Adblocker) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-13]
CHR Extension: (Cut the Rope) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-02-13]
CHR Extension: (Bookmark Manager) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (TU-95 - Pilot the Plane!) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjohfoloehbkffdihkengbkjgalmabj [2015-02-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-04-20]
CHR Extension: (AllCast Receiver) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2015-02-13]
CHR Extension: (SMS from Gmail™ & Facebook™ (MightyText)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffdacemhfpnchinokehhnppllonacfj [2015-03-03]
CHR Extension: (View Thru) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkncfnbcgbclefkbknfdbngiegdppgdd [2015-02-13]
CHR Extension: (Skyrama) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap [2015-02-13]
CHR Extension: (Cube Field) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkndehiddncobniolffmamhjfkdlhppa [2015-02-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Rally youbeQ) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcohfeeacabgogccgmhpgicpdcconlkc [2015-02-13]
CHR Extension: (Google Maps) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-02-13]
CHR Extension: (Qmee) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2015-02-13]
CHR Extension: (No Name) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2015-03-11]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-02-13]
CHR Extension: (Google Wallet) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-13]
CHR Extension: (APK Downloader) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba [2015-04-22]
CHR Extension: (Enhanced History) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocfblifjfffcokdoocoopcnaooljncbh [2015-02-13]
CHR Extension: (Burger Shop 2) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiahdjilmlekhacfggeipddaklcbiljf [2015-02-13]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-13]
CHR Extension: (Inbox by Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2015-04-16]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
 
Opera: 
=======
OPR Extension: (LastPass) - C:\Users\Jamie\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2015-04-20]
OPR Extension: (AS Magic Player) - C:\Users\Jamie\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2015-03-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS FaceID Service; C:\Program Files\ASUS\ASUS FaceID\HWFaceKeyService.exe [261648 2013-10-24] (Hanwang Technology Co.,Ltd. )
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [448400 2014-03-24] (Nuance Communications, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 Ds3Service; C:\Program Files (x86)\DS3 Drivers\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (Condusiv Technologies)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [129992 2014-01-19] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [250880 2015-02-13] (My Digital Life Forums) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-04-26] (Enigma Software Group USA, LLC.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [146944 2015-02-23] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-03-31] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2014-08-18] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-08-18] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-09-18] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-04-26] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2013-11-18] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [117488 2013-11-18] (Condusiv Technologies)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2013-11-23] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3434464 2014-03-13] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-26 14:04 - 2015-04-26 14:04 - 00000000 ____D () C:\Program Files\Reason
2015-04-26 14:02 - 2015-04-26 14:03 - 02827152 _____ (Reason Company Software Inc.) C:\Users\Jamie\Downloads\herdProtectScan_Portable.exe
2015-04-26 13:50 - 2015-04-26 13:50 - 00000000 ____D () C:\Users\Jamie\Downloads\nsiDecomp#3
2015-04-26 13:49 - 2015-04-26 13:49 - 00242029 _____ () C:\Users\Jamie\Downloads\nsiDecomp#3.7z
2015-04-26 13:15 - 2015-04-26 13:17 - 00055439 _____ () C:\Users\Jamie\Desktop\Addition.txt
2015-04-26 13:12 - 2015-04-26 14:40 - 00037499 _____ () C:\Users\Jamie\Desktop\FRST.txt
2015-04-26 13:12 - 2015-04-26 14:40 - 00000000 ____D () C:\FRST
2015-04-26 13:11 - 2015-04-26 13:11 - 02101248 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe
2015-04-26 12:07 - 2015-04-26 12:07 - 00000000 _____ () C:\autoexec.bat
2015-04-26 12:06 - 2015-04-26 12:06 - 00003334 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-04-26 12:06 - 2015-04-26 12:06 - 00001105 _____ () C:\Users\Jamie\Desktop\SpyHunter.lnk
2015-04-26 12:06 - 2015-04-26 12:06 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Enigma Software Group
2015-04-26 12:06 - 2015-04-26 12:06 - 00000000 ____D () C:\sh4ldr
2015-04-26 12:05 - 2015-04-26 12:05 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Jamie\Downloads\SpyHunter-Installer.exe
2015-04-26 12:05 - 2015-04-26 12:05 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-04-26 12:05 - 2015-04-26 12:05 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-25 15:28 - 2015-04-25 15:28 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel M1 - Impulse and Momentum
2015-04-25 15:26 - 2015-04-25 15:28 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edxecel M1 - Moments
2015-04-25 15:26 - 2015-04-25 15:28 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel M1 - Kinematics
2015-04-25 15:25 - 2015-04-25 15:28 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Videos_ Edexcel S1 - Probability
2015-04-25 15:24 - 2015-04-25 15:26 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Videos_ Edexcel S1 - Normal Distribution
2015-04-25 15:24 - 2015-04-25 15:26 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Videos_ Edexcel S1 - Discrete Random Variables
2015-04-25 15:23 - 2015-04-25 15:25 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Videos_ Edexcel S1 - Central Tendency and Dispersion
2015-04-25 15:23 - 2015-04-25 15:24 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Videos_ Edexcel S1 - Correlation and Regression
2015-04-25 15:21 - 2015-04-25 15:24 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel FP1 - Proof by Induction
2015-04-25 15:21 - 2015-04-25 15:22 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel FP1 - Numerical Solutions of Equations
2015-04-25 15:20 - 2015-04-25 15:23 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel FP1 - Series
2015-04-25 15:19 - 2015-04-25 15:21 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel FP1 - Matrices
2015-04-25 15:18 - 2015-04-25 15:21 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel FP1 - Complex Numbers
2015-04-25 15:18 - 2015-04-25 15:20 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel FP1 - Coordinate Systems
2015-04-25 15:17 - 2015-04-25 15:19 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Route Inspection
2015-04-25 15:16 - 2015-04-25 15:18 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Minimum Spanning Trees
2015-04-25 15:16 - 2015-04-25 15:18 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Matchings
2015-04-25 15:13 - 2015-04-25 15:17 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Linear Programming
2015-04-25 15:13 - 2015-04-25 15:14 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel M1 - Newton's Laws
2015-04-25 15:12 - 2015-04-25 15:16 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Dijkstra's Algorithm
2015-04-25 15:11 - 2015-04-25 15:16 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Critical Path Analysis
2015-04-25 15:10 - 2015-04-25 15:12 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Algorithms 2
2015-04-25 15:09 - 2015-04-25 15:11 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel D1 - Algorithms 1
2015-04-25 15:06 - 2015-04-25 15:10 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel M1 - Vectors
2015-04-25 15:06 - 2015-04-25 15:09 - 00000000 ____D () C:\Users\Jamie\Downloads\FMSP Revision Video_ Edexcel M1 - Statics
2015-04-25 15:00 - 2015-04-25 15:01 - 93413830 _____ () C:\Users\Jamie\Downloads\FMSP Revision Video- Edxecel M1 - Moments.mp4
2015-04-25 14:59 - 2015-04-25 15:00 - 87040612 _____ () C:\Users\Jamie\Downloads\FMSP Revision Video- Edexcel M1 - Kinematics.mp4
2015-04-25 14:55 - 2015-04-25 14:55 - 00019711 _____ () C:\Users\Jamie\Desktop\clipconverter_133.crx
2015-04-25 14:54 - 2015-04-25 14:55 - 60213687 _____ () C:\Users\Jamie\Downloads\FMSP Revision Video- Edexcel M1 - Impulse and Momentum.mp4
2015-04-25 14:12 - 2015-04-25 14:12 - 00004203 _____ () C:\Users\Jamie\Downloads\nativeplayback (2).collab
2015-04-25 14:08 - 2015-04-25 14:12 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Blackboard
2015-04-25 14:07 - 2015-04-25 14:07 - 00009718 _____ () C:\Users\Jamie\Downloads\nativeplayback (1).collab
2015-04-25 13:54 - 2015-04-25 14:07 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Elluminate
2015-04-25 13:53 - 2015-04-25 13:53 - 00001690 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackboard Collaborate Launcher.lnk
2015-04-25 13:53 - 2015-04-25 13:53 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Blackboard
2015-04-25 13:50 - 2015-04-25 13:52 - 42807296 _____ () C:\Users\Jamie\Downloads\BlackboardCollaborateLauncher-Win.msi
2015-04-25 13:50 - 2015-04-25 13:50 - 00004203 _____ () C:\Users\Jamie\Downloads\nativeplayback.collab
2015-04-25 13:42 - 2015-04-25 13:42 - 00159028 _____ () C:\Users\Jamie\Downloads\Mathsboxres.xlsx
2015-04-24 17:17 - 2015-04-24 17:17 - 00000000 ____D () C:\Users\Jamie\AppData\Local\2K Games
2015-04-23 14:08 - 2015-04-23 14:29 - 00000511 _____ () C:\Users\Jamie\Desktop\save.txt
2015-04-23 14:05 - 2015-04-23 14:33 - 00010217 _____ () C:\Users\Jamie\Desktop\Comp1_Summer_2015_Python3Pub0.0.0.py
2015-04-23 11:30 - 2015-04-23 11:31 - 00000076 _____ () C:\Users\Jamie\Desktop\test.py
2015-04-22 20:21 - 2015-04-22 20:26 - 00000000 ____D () C:\Users\Jamie\AppData\Local\QuickPar
2015-04-22 20:20 - 2015-04-22 20:20 - 00501363 _____ (Peter B Clements) C:\Users\Jamie\Downloads\QuickPar-0.9.1.0.exe
2015-04-22 20:20 - 2015-04-22 20:20 - 00001021 _____ () C:\Users\Jamie\Desktop\QuickPar.lnk
2015-04-22 20:20 - 2015-04-22 20:20 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-04-22 20:20 - 2015-04-22 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-04-22 20:20 - 2015-04-22 20:20 - 00000000 ____D () C:\Program Files (x86)\QuickPar
2015-04-22 19:44 - 2015-04-22 19:44 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-04-22 19:44 - 2015-04-22 19:44 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Vitalwerks
2015-04-22 19:44 - 2015-04-22 19:44 - 00000000 ____D () C:\Program Files (x86)\No-IP
2015-04-22 19:43 - 2015-04-22 19:43 - 00239648 _____ () C:\Users\Jamie\Downloads\DUCSetup_v4_1_0.exe
2015-04-22 19:02 - 2015-04-22 19:02 - 00001005 _____ () C:\Users\Jamie\Desktop\SABnzbd.lnk
2015-04-22 19:02 - 2015-04-22 19:02 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd
2015-04-22 19:02 - 2015-04-22 19:02 - 00000000 ____D () C:\Users\Jamie\AppData\Local\sabnzbd
2015-04-22 19:02 - 2015-04-22 19:02 - 00000000 ____D () C:\Program Files (x86)\SABnzbd
2015-04-22 19:01 - 2015-04-22 19:01 - 10926924 _____ () C:\Users\Jamie\Downloads\SABnzbd-0.7.20-win32-setup.exe
2015-04-20 22:13 - 2015-04-20 22:13 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2015-04-20 22:13 - 2015-04-20 22:13 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2015-04-20 22:13 - 2015-04-20 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2015-04-20 22:13 - 2015-04-20 22:13 - 00000000 ____D () C:\Program Files (x86)\LastPass
2015-04-20 22:11 - 2015-04-20 22:12 - 14283832 _____ (LastPass) C:\Users\Jamie\Downloads\lastpass_x64.exe
2015-04-20 09:09 - 2015-04-22 11:34 - 00009679 _____ () C:\Users\Jamie\Downloads\Comp1_Summer_2015_Python3Pub0.0.0 (2).py
2015-04-19 13:17 - 2015-04-19 13:17 - 00000222 _____ () C:\Users\Jamie\Desktop\Monaco.url
2015-04-19 13:17 - 2015-04-19 13:17 - 00000221 _____ () C:\Users\Jamie\Desktop\PAYDAY The Heist.url
2015-04-19 13:15 - 2015-04-19 13:15 - 00000221 _____ () C:\Users\Jamie\Desktop\Bully Scholarship Edition.url
2015-04-19 12:21 - 2015-04-19 12:21 - 13087456 _____ (Microsoft Corporation) C:\Users\Jamie\Downloads\Silverlight_x64.exe
2015-04-19 00:48 - 2015-04-19 00:50 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\PortForward.com
2015-04-19 00:48 - 2015-04-19 00:48 - 03618904 _____ (Portforward, LLC) C:\Users\Jamie\Downloads\setup-network-utilities.exe
2015-04-19 00:48 - 2015-04-19 00:48 - 00002831 _____ () C:\Users\Public\Desktop\PortForward Network Utilities.lnk
2015-04-19 00:48 - 2015-04-19 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortForward.com
2015-04-19 00:48 - 2015-04-19 00:48 - 00000000 ____D () C:\Program Files (x86)\Portforward
2015-04-18 23:48 - 2015-04-18 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-04-17 15:30 - 2015-03-22 23:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-17 15:30 - 2015-03-22 23:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-17 15:30 - 2015-03-22 23:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-17 15:30 - 2015-03-22 23:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-17 15:30 - 2015-03-22 23:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-17 15:30 - 2015-03-22 23:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-17 15:30 - 2015-03-22 23:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-17 15:30 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-17 15:30 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-16 18:01 - 2015-04-16 18:01 - 00000021 _____ () C:\Users\Jamie\Desktop\qmee.txt
2015-04-16 09:55 - 2015-04-16 09:55 - 00031046 _____ () C:\Users\Jamie\Downloads\gear.dxf
2015-04-15 13:38 - 2015-03-23 22:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 13:38 - 2015-03-23 22:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 13:38 - 2015-03-23 22:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 13:38 - 2015-03-23 22:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 13:38 - 2015-03-23 22:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 13:38 - 2015-03-20 05:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 13:38 - 2015-03-20 05:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 13:38 - 2015-03-20 05:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 13:38 - 2015-03-20 04:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 13:38 - 2015-03-20 03:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 13:38 - 2015-03-20 03:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 13:38 - 2015-03-20 03:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 13:38 - 2015-03-13 05:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 13:38 - 2015-03-13 05:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 13:38 - 2015-03-13 05:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 13:38 - 2015-03-13 04:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 13:38 - 2015-03-13 04:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 13:38 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 13:38 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 13:38 - 2015-03-13 04:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 13:38 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 13:38 - 2015-03-13 04:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 13:38 - 2015-03-13 04:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 13:38 - 2015-03-13 04:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 13:38 - 2015-03-13 04:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 13:38 - 2015-03-13 04:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 13:38 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 13:38 - 2015-03-13 03:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 13:38 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 13:38 - 2015-03-13 03:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 13:38 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 13:38 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 13:38 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 13:38 - 2015-03-13 03:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 13:38 - 2015-03-13 03:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 13:38 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 13:38 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 13:38 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 13:38 - 2015-02-21 00:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 13:37 - 2015-03-14 09:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 13:37 - 2015-03-14 02:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 13:37 - 2015-03-14 02:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 13:37 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 13:37 - 2015-03-14 02:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 13:37 - 2015-03-14 02:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 13:37 - 2015-03-14 01:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 13:37 - 2015-03-14 01:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 13:37 - 2015-03-14 01:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 13:37 - 2015-03-14 01:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 13:37 - 2015-03-14 01:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 13:37 - 2015-03-14 01:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 13:37 - 2015-03-14 01:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 13:37 - 2015-03-14 01:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 13:37 - 2015-03-14 01:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 13:37 - 2015-03-14 01:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 13:37 - 2015-03-14 00:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 13:37 - 2015-03-14 00:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 13:37 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 13:37 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 13:37 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 13:37 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 18:57 - 2015-04-14 18:57 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\BitTorrent Maelstrom
2015-04-14 18:55 - 2015-04-14 18:56 - 37858152 _____ (The Chromium Authors) C:\Users\Jamie\Downloads\Maelstrom.exe
2015-04-14 15:21 - 2015-04-14 15:21 - 04017098 _____ () C:\Users\Jamie\Downloads\UPDATE-SuperSU-v2.46.zip
2015-04-14 14:14 - 2015-04-14 14:14 - 00268376 _____ () C:\Users\Jamie\Downloads\winmd5free.zip
2015-04-14 14:10 - 2015-04-14 14:16 - 598336820 _____ () C:\Users\Jamie\Downloads\cm-12.0-YNG1TAS0YL-bacon-signed-TWRPABLE.zip
2015-04-13 17:52 - 2015-04-13 17:52 - 00187392 _____ () C:\Users\Jamie\Downloads\s3395.pps
2015-04-13 17:42 - 2015-04-09 01:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-13 17:42 - 2015-04-09 01:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-13 17:42 - 2015-04-09 01:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-13 17:21 - 2015-04-13 17:21 - 00014246 _____ () C:\Users\Jamie\Downloads\OnePlus-Sidebar-Script-2.4.6.zip
2015-04-13 15:05 - 2015-04-13 15:05 - 01011603 _____ () C:\Users\Jamie\Downloads\SuperPI190.zip
2015-04-13 14:37 - 2015-04-13 14:37 - 00012644 _____ () C:\Users\Jamie\Downloads\Information re Work Experience Week.eml
2015-04-11 17:39 - 2015-04-11 17:39 - 00593292 _____ () C:\Users\Jamie\Downloads\keyboard_controls_AXE.zip
2015-04-11 17:26 - 2015-04-11 17:26 - 00000000 ____D () C:\Users\Jamie\Documents\AerosoftFlightRecorder
2015-04-10 14:19 - 2015-04-10 14:19 - 00001274 _____ () C:\Users\Jamie\Desktop\WEATHER BRIEFING - BAW233 LFMN-EGLL 10APR15 1319UTC.txt
2015-04-10 14:18 - 2015-04-10 14:18 - 00008797 _____ () C:\Users\Jamie\Desktop\TAKE-OFF AND LANDING REPORT - BAW233 LFMN-EGLL 10APR15.txt
2015-04-10 14:18 - 2015-04-10 14:18 - 00001711 _____ () C:\Users\Jamie\Desktop\LOADSHEET - BAW233 LFMN-EGLL 10APR15.txt
2015-04-10 13:43 - 2015-04-10 13:43 - 00000616 _____ () C:\Users\Jamie\Desktop\PRO-ATC-X.lnk
2015-04-10 13:43 - 2015-04-10 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRO-ATC-X
2015-04-10 13:41 - 2015-04-10 14:08 - 00000000 ____D () C:\PRO-ATC-X
2015-04-10 13:37 - 2015-04-10 13:37 - 00184400 _____ () C:\Users\Jamie\Downloads\WindowsEnablerv1.1.zip
2015-04-10 13:28 - 2015-04-10 13:29 - 15670919 _____ () C:\Users\Jamie\Downloads\proatcx-update-1442ac.zip
2015-04-10 13:18 - 2015-04-10 13:18 - 00338399 _____ () C:\Users\Jamie\Downloads\metars.cache (1).xml.gz
2015-04-10 13:09 - 2015-04-10 13:08 - 04364432 _____ () C:\Users\Jamie\Downloads\metars.cache.xml.tmp
2015-04-10 13:08 - 2015-04-10 13:08 - 00366416 _____ () C:\Users\Jamie\Downloads\metars.cache.xml.gz
2015-04-09 21:05 - 2015-04-09 21:05 - 00028246 _____ () C:\Users\Jamie\Downloads\MakeRwys.zip
2015-04-09 19:32 - 2015-04-10 14:08 - 00008876 _____ () C:\Users\Jamie\Desktop\LFMNEGLL.pln
2015-04-09 18:31 - 2015-04-10 17:35 - 00000000 ____D () C:\ProgramData\firebird'
2015-04-09 18:15 - 2015-04-09 18:19 - 236842241 _____ () C:\Users\Jamie\Downloads\Pointsoft-Pro-ATC-X.v1.2.3.8.zip
2015-04-08 22:05 - 2015-04-08 22:05 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSX Anti Crash Patch by W4rn1ng1
2015-04-08 22:02 - 2015-04-08 22:02 - 02251753 _____ () C:\Users\Jamie\Downloads\FSX Anti Crash Patch by W4rn1ng1.zip
2015-04-08 15:59 - 2015-04-08 15:59 - 00000000 ____D () C:\Users\Jamie\AppData\Local\GMap.NET
2015-04-08 15:59 - 2015-04-08 15:59 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Froom
2015-04-08 15:56 - 2015-04-08 15:56 - 00000921 _____ () C:\Users\Public\Desktop\EFASS - Electronic Flight Assistant.lnk
2015-04-08 15:56 - 2015-04-08 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EFASS - Electronic Flight Assistant
2015-04-08 15:55 - 2015-04-08 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Faro X
2015-04-08 15:54 - 2015-04-08 15:55 - 48502996 _____ () C:\Users\Jamie\Downloads\EFASS_1.0.2336.8240.zip
2015-04-08 15:52 - 2015-04-10 14:08 - 00049152 ___SH () C:\Users\Jamie\Desktop\Thumbs.db
2015-04-08 15:39 - 2015-04-08 15:46 - 118658195 _____ (Aerosoft - Faro X ) C:\Users\Jamie\Downloads\AS_FARO-X_FSX_V101.exe
2015-04-08 15:24 - 2015-04-08 15:24 - 00001024 _____ () C:\.rnd
2015-04-08 15:24 - 2015-04-08 15:24 - 00000000 ____D () C:\ProgramData\Paessler
2015-04-08 15:23 - 2015-04-08 15:32 - 00000000 ____D () C:\Program Files (x86)\PRTG Network Monitor
2015-04-08 15:20 - 2015-04-08 15:22 - 161148503 _____ () C:\Users\Jamie\Downloads\prtg.zip
2015-04-08 15:10 - 2015-04-08 15:12 - 223636297 _____ () C:\Users\Jamie\Downloads\ASNext_FSX_B5570.zip
2015-04-08 15:07 - 2015-04-08 15:07 - 00122558 _____ () C:\Users\Jamie\Downloads\KeyResetASN.zip
2015-04-08 14:24 - 2015-04-08 14:24 - 00001019 _____ () C:\Users\Jamie\Desktop\TOPCAT - Take-Off and Landing Performance Calculation Tool.lnk
2015-04-08 14:24 - 2015-04-08 14:24 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TOPCAT
2015-04-07 21:12 - 2015-04-08 14:09 - 00000000 ____D () C:\Users\Jamie\Documents\vPilot Files
2015-04-07 21:12 - 2015-04-07 21:12 - 01838565 _____ () C:\Users\Jamie\Downloads\vPilot-Setup-1.1.5556.33545.exe
2015-04-07 21:12 - 2015-04-07 21:12 - 00001960 _____ () C:\Users\Jamie\Desktop\vPilot.lnk
2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vPilot
2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\Users\Jamie\AppData\Local\vPilot
2015-04-07 21:10 - 2015-04-08 16:40 - 00000000 ____D () C:\Program Files (x86)\SquawkBox
2015-04-07 21:08 - 2015-04-07 21:09 - 27766733 _____ () C:\Users\Jamie\Downloads\sb4setup.zip
2015-04-05 16:40 - 2014-07-29 14:00 - 00294400 ____N (Tools & Components) C:\Windows\SysWOW64\sevEin20.ocx
2015-04-05 16:40 - 2014-07-29 14:00 - 00233472 ____N (Tools & Components) C:\Windows\SysWOW64\sevXPCtl.ocx
2015-04-05 16:40 - 2014-07-29 14:00 - 00205848 ____N (Sheridan Software Systems, Inc.) C:\Windows\SysWOW64\threed32.ocx
2015-04-05 16:40 - 2014-07-29 14:00 - 00190464 ____N (Tools & Components) C:\Windows\SysWOW64\sevImLib.dll
2015-04-05 16:40 - 2014-07-29 14:00 - 00141824 ____N (Tools & Components) C:\Windows\SysWOW64\sevCmd3.ocx
2015-04-05 16:40 - 2014-07-29 14:00 - 00115712 ____N (Tools & Components) C:\Windows\SysWOW64\sevClb20.ocx
2015-04-05 16:40 - 2014-07-29 14:00 - 00102912 ____N () C:\Windows\SysWOW64\threed32.oca
2015-04-05 16:40 - 2014-07-29 14:00 - 00094744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\GRID32.OCX
2015-04-05 16:40 - 2014-07-29 14:00 - 00093696 ____N () C:\Windows\SysWOW64\sevCmd3.oca
2015-04-05 16:40 - 2014-07-29 14:00 - 00057880 ____N (Outrider Systems, Inc.) C:\Windows\SysWOW64\SPIN32.OCX
2015-04-05 16:40 - 2014-07-29 14:00 - 00022528 ____N (Microsoft Corporation) C:\Windows\SysWOW64\TABCTDE.DLL
2015-04-05 16:40 - 2014-07-29 14:00 - 00014336 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMDE.DLL
2015-04-05 16:40 - 2014-07-29 14:00 - 00006656 ____N (Microsoft Corporation) C:\Windows\SysWOW64\STDFTDE.DLL
2015-04-05 16:40 - 2014-07-29 14:00 - 00000552 ____N () C:\Windows\SysWOW64\sevClb20.dep
2015-04-05 16:40 - 2014-07-29 14:00 - 00000549 ____N () C:\Windows\SysWOW64\sevCmd3.dep
2015-04-05 16:40 - 2014-07-29 14:00 - 00000282 ____N () C:\Windows\SysWOW64\sevXPCtl.dep
2015-04-05 16:40 - 2014-07-29 14:00 - 00000282 ____N () C:\Windows\SysWOW64\sevEin20.dep
2015-04-05 16:37 - 2015-04-05 16:37 - 00000519 _____ () C:\Users\Public\Desktop\FSC 9.lnk
2015-04-05 16:37 - 2015-04-05 16:37 - 00000000 ____D () C:\Aerosoft
2015-04-05 16:36 - 2014-07-29 14:00 - 00042496 ____N (Microsoft Corporation) C:\Windows\SysWOW64\FLXGDDE.DLL
2015-04-05 16:36 - 2014-07-29 14:00 - 00033792 ____N () C:\Windows\SysWOW64\grid32.oca
2015-04-05 16:36 - 2014-07-29 14:00 - 00016384 ____N (Microsoft Corporation) C:\Windows\SysWOW64\INETDE.DLL
2015-04-05 16:35 - 2014-07-29 14:00 - 00112640 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CMCTLDE.DLL
2015-04-05 16:35 - 2014-07-29 14:00 - 00033792 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGDE.DLL
2015-04-05 16:35 - 2014-07-29 14:00 - 00026000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.dll
2015-04-05 16:35 - 2014-07-29 14:00 - 00024576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CMCT2DE.DLL
2015-04-05 16:31 - 2015-04-05 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOPCAT
2015-04-05 16:30 - 2015-04-08 14:24 - 00000000 ____D () C:\Program Files (x86)\TOPCAT
2015-04-04 23:55 - 2015-04-04 23:55 - 00001188 _____ () C:\Users\Public\Desktop\Install Microsoft Mouse and Keyboard Center.lnk
2015-04-04 19:34 - 2015-04-04 20:07 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 19:34 - 2015-04-04 19:34 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 18:06 - 2015-04-04 18:06 - 00002540 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MJC Virtual Cockpit Selector.lnk
2015-04-04 18:06 - 2015-04-04 18:06 - 00002528 _____ () C:\Users\Public\Desktop\MJC Virtual Cockpit Selector.lnk
2015-04-04 18:06 - 2015-04-04 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Majestic Dash8 Q400
2015-04-04 17:11 - 2015-04-04 17:11 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons
2015-04-04 17:11 - 2015-04-04 17:11 - 00000000 ____D () C:\ProgramData\InstallMate
2015-04-04 17:06 - 2015-04-04 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC MSFS Gauge
2015-04-04 16:59 - 2015-04-04 17:01 - 28359191 _____ (VAS Project <contact@vas-project.org> ) C:\Users\Jamie\Downloads\vasfmc-msfs-gauge-setup-2.1.exe
2015-04-04 16:59 - 2015-04-04 17:01 - 22000267 _____ (VAS Project <contact@vas-project.org> ) C:\Users\Jamie\Downloads\vasfmc-standalone-setup-2.1.exe
2015-04-04 16:55 - 2015-04-04 16:56 - 17883718 _____ () C:\Users\Jamie\Downloads\3rdparty.rar
2015-04-04 16:54 - 2015-04-04 17:04 - 46647506 _____ () C:\Users\Jamie\Downloads\airbus_a380-800_vc_air_france_fsx_p3d.zip
2015-04-02 17:25 - 2015-04-04 18:04 - 00000000 ____D () C:\Program Files\Tower Simulator v1
2015-04-02 16:52 - 2015-04-02 16:54 - 00000000 ____D () C:\Program Files (x86)\Global ATC Simulator
2015-04-02 16:52 - 2015-04-02 16:52 - 00000878 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global ATC Simulator.lnk
2015-04-02 16:52 - 2015-04-02 16:52 - 00000866 _____ () C:\Users\Public\Desktop\Global ATC Simulator.lnk
2015-04-02 16:43 - 2015-04-02 16:50 - 512346222 _____ () C:\Users\Jamie\Downloads\Global ATC Simulator.rar
2015-04-02 15:21 - 2015-04-02 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QualityWings
2015-04-02 14:57 - 2015-04-02 15:01 - 00002474 _____ () C:\Users\Public\Desktop\PMDG 747-400 FSX Load Manager.lnk
2015-03-31 21:01 - 2015-03-31 21:01 - 00001849 _____ () C:\Users\Jamie\Desktop\LaunchGTAIV - Shortcut.lnk
2015-03-31 21:00 - 2015-03-31 21:02 - 00001791 _____ () C:\Users\Jamie\Desktop\GTAIV - Shortcut.lnk
2015-03-31 20:47 - 2015-03-31 20:47 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Rockstar Games
2015-03-31 17:12 - 2015-03-31 20:26 - 1515187421 _____ () C:\Users\Jamie\Downloads\Grand Theft Auto IV.rar
2015-03-31 17:02 - 2015-04-14 13:52 - 00000000 ____D () C:\WarThunder
2015-03-31 17:02 - 2015-03-31 17:02 - 00001464 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2015-03-31 17:02 - 2015-03-31 17:02 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2015-03-31 16:46 - 2015-03-31 16:46 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Blender Foundation
2015-03-31 16:45 - 2015-03-31 16:45 - 00001915 _____ () C:\Users\Public\Desktop\Blender.lnk
2015-03-31 16:45 - 2015-03-31 16:45 - 00000000 ____D () C:\Users\Jamie\.thumbnails
2015-03-31 16:45 - 2015-03-31 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
2015-03-31 16:44 - 2015-03-31 16:44 - 00000000 ____D () C:\Program Files\Blender Foundation
2015-03-30 09:40 - 2015-03-30 09:40 - 00032021 _____ () C:\Users\Jamie\Documents\com_asch09_2_nir_webdatafiles.zip
2015-03-30 09:40 - 2015-03-30 09:40 - 00000000 ____D () C:\Users\Jamie\Documents\com_asch09_2_nir_webdatafiles
2015-03-29 15:32 - 2015-03-16 17:36 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-03-29 15:32 - 2015-03-16 17:35 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-03-29 13:56 - 2015-03-29 14:09 - 00000000 ____D () C:\Users\Jamie\Documents\WOS4 - New York
2015-03-29 13:56 - 2015-03-29 13:56 - 00000000 ____D () C:\Users\Jamie\AppData\Local\WOS4 - New York
2015-03-29 13:55 - 2015-03-29 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Subways 4 New York Line 7
2015-03-29 13:53 - 2015-03-29 13:55 - 00000000 ____D () C:\Program Files (x86)\World of Subways 4 New York Line 7
2015-03-29 13:26 - 2015-03-29 13:26 - 00000000 ____D () C:\Users\Jamie\Documents\Logistik-Simulator
2015-03-29 13:26 - 2015-03-29 13:26 - 00000000 ____D () C:\ProgramData\Steam
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-26 14:41 - 2015-02-13 15:07 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\uTorrent
2015-04-26 14:20 - 2014-10-28 13:57 - 01962860 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 14:11 - 2015-02-13 13:06 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-26 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-26 13:57 - 2015-03-24 19:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-26 13:42 - 2015-02-12 23:09 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1485790007-1687985068-345982264-1001
2015-04-26 13:38 - 2015-02-13 13:59 - 00000000 ___RD () C:\Users\Jamie\Dropbox
2015-04-26 13:38 - 2015-02-13 13:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Dropbox
2015-04-26 13:37 - 2015-02-12 23:04 - 00000000 ___DO () C:\Users\Jamie\OneDrive
2015-04-26 13:37 - 2015-02-12 23:01 - 00000073 _____ () C:\Users\Jamie\AppData\Roaming\sp_data.sys
2015-04-26 13:36 - 2015-02-13 13:06 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d047857816b68d.job
2015-04-26 13:35 - 2014-03-18 09:16 - 00026230 _____ () C:\Windows\PFRO.log
2015-04-26 13:35 - 2013-08-22 15:46 - 00043692 _____ () C:\Windows\setupact.log
2015-04-26 13:35 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 13:35 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-26 12:47 - 2015-02-12 23:30 - 00000000 ____D () C:\Users\Jamie\AppData\Local\CrashDumps
2015-04-26 12:06 - 2015-02-12 22:59 - 00000000 ____D () C:\Users\Jamie
2015-04-26 12:01 - 2015-02-12 23:11 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{27185168-E7C3-45DB-B05C-79A779262262}
2015-04-25 18:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-25 15:28 - 2015-02-22 13:42 - 00000000 ____D () C:\Users\Jamie\AppData\Local\JDownloader v2.0
2015-04-25 13:43 - 2015-02-12 23:00 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Packages
2015-04-25 13:29 - 2015-02-13 13:56 - 00001075 _____ () C:\Users\Jamie\Desktop\Dropbox.lnk
2015-04-25 13:29 - 2015-02-13 13:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-24 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-24 18:18 - 2015-02-13 20:19 - 00000000 ____D () C:\Users\Jamie\Documents\Euro Truck Simulator 2
2015-04-24 18:18 - 2015-02-13 13:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-24 17:16 - 2015-02-14 16:07 - 00395598 _____ () C:\Windows\DirectX.log
2015-04-23 20:15 - 2015-03-23 20:46 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-23 11:57 - 2015-03-24 19:47 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-22 09:03 - 2015-03-02 12:55 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Mozilla
2015-04-22 09:03 - 2015-02-12 23:12 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Google
2015-04-20 09:45 - 2015-02-13 19:10 - 00000000 ____D () C:\Python34
2015-04-19 13:17 - 2015-02-13 15:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-19 00:48 - 2015-03-18 22:26 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Downloaded Installations
2015-04-18 23:54 - 2015-02-13 13:45 - 00000000 ____D () C:\Program Files\Java
2015-04-18 23:54 - 2015-02-12 23:55 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-18 23:52 - 2015-02-13 13:47 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-17 19:27 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-17 19:26 - 2015-02-13 00:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-17 19:26 - 2015-02-13 00:12 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 15:28 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-04-16 17:12 - 2015-02-13 13:08 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-16 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-04-16 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-04-14 16:09 - 2014-03-18 16:26 - 00886902 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 14:32 - 2015-03-18 01:17 - 00000000 ____D () C:\Users\Jamie\Downloads\android
2015-04-14 00:24 - 2013-08-22 16:38 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 00:24 - 2013-08-22 16:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 20:23 - 2015-02-13 14:21 - 00000000 ____D () C:\Windows\Minidump
2015-04-13 20:23 - 2015-02-12 22:54 - 00298861 ____N () C:\Windows\Minidump\041315-35203-01.dmp
2015-04-13 17:44 - 2014-10-28 14:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-13 17:44 - 2014-10-28 14:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-10 15:05 - 2015-03-15 19:48 - 00000000 ____D () C:\Users\Jamie\Documents\Flight Simulator X Files
2015-04-09 19:07 - 2015-03-21 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2015-04-09 19:07 - 2014-10-28 14:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-09 01:58 - 2014-10-28 14:07 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 01:58 - 2014-10-28 14:07 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 22:30 - 2014-10-28 14:08 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 22:30 - 2014-10-28 14:08 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 22:30 - 2014-10-28 14:08 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 22:30 - 2014-10-28 14:08 - 01047696 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-04-08 22:30 - 2014-10-28 14:08 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 22:30 - 2014-10-28 14:08 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 22:30 - 2014-10-28 14:08 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-04-08 22:30 - 2014-10-28 14:08 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 20:11 - 2015-02-12 23:12 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-08 18:52 - 2014-10-28 14:08 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-08 16:47 - 2015-03-02 12:49 - 00003838 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1425296989
2015-04-08 16:47 - 2015-03-02 12:49 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-08 16:47 - 2015-03-02 12:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-08 16:40 - 2013-08-22 15:44 - 00487784 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-08 15:32 - 2015-03-21 20:09 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-08 15:24 - 2015-03-21 20:09 - 00000000 ____D () C:\ProgramData\Licenses
2015-04-07 14:12 - 2015-03-04 19:36 - 00000000 ____D () C:\Users\Jamie\Documents\My Games
2015-04-05 16:31 - 2014-10-28 14:23 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-04 17:31 - 2015-02-13 20:07 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\vlc
2015-04-02 16:54 - 2015-03-21 19:21 - 00000000 ____D () C:\Users\Jamie\Documents\Aerosoft
2015-04-02 15:22 - 2015-03-21 20:03 - 00000000 ____D () C:\ProgramData\Esellerate
2015-04-02 14:57 - 2015-03-16 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2015-04-02 13:21 - 2015-02-13 13:24 - 00001395 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-29 15:27 - 2015-03-13 20:29 - 00000000 ____D () C:\Users\Jamie\.VirtualBox
2015-03-29 15:20 - 2015-02-27 10:30 - 00000000 ____D () C:\Users\Jamie\Desktop\Games
2015-03-29 15:20 - 2015-02-14 19:42 - 00000000 ____D () C:\Games
2015-03-28 04:44 - 2015-02-13 13:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 04:44 - 2015-02-13 13:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 04:43 - 2015-02-13 13:22 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 04:43 - 2015-02-13 13:22 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
 
==================== Files in the root of some directories =======
 
2015-04-20 22:13 - 2015-04-20 22:13 - 14283832 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-02-12 23:01 - 2015-04-26 13:37 - 0000073 _____ () C:\Users\Jamie\AppData\Roaming\sp_data.sys
2015-02-13 00:18 - 2015-02-13 00:18 - 0007610 _____ () C:\Users\Jamie\AppData\Local\Resmon.ResmonCfg
2015-03-20 17:22 - 2015-03-20 18:48 - 0000080 _____ () C:\Users\Jamie\AppData\Local\X-Plane Installer.prf
2015-03-20 17:28 - 2015-03-23 19:40 - 0000073 _____ () C:\Users\Jamie\AppData\Local\X-Plane_drm.prf
2015-03-20 16:50 - 2015-03-20 16:50 - 0000030 _____ () C:\Users\Jamie\AppData\Local\x-plane_install_10.txt
2014-10-28 14:11 - 2014-10-28 14:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\Jamie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbhrkmx.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-20 19:41
 
==================== End Of Log ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015
Ran by Jamie at 2015-04-26 14:42:11
Running from C:\Users\Jamie\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1485790007-1687985068-345982264-500 - Administrator - Disabled)
Guest (S-1-5-21-1485790007-1687985068-345982264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1485790007-1687985068-345982264-1003 - Limited - Enabled)
Jamie (S-1-5-21-1485790007-1687985068-345982264-1001 - Administrator - Enabled) => C:\Users\Jamie
John (S-1-5-21-1485790007-1687985068-345982264-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 3.0.11 (HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\AceStream) (Version: 3.0.11 - Ace Stream Media) <==== ATTENTION!
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.95 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aerosoft - Faro X V 1.01 (HKLM-x32\...\{19447237-EDFD-445A-92B3-8067ECFF7436}_is1) (Version: 1.01 - Aerosoft - Faro X)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.21 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.21 - Aerosoft)
aerosoft's - FlightSim Commander 9 (HKLM-x32\...\{F941AABE-E868-42D9-9F38-884250F7898A}) (Version: E: - aerosoft)
aerosoft's - Nice Cote dAzur X (HKLM-x32\...\{90447E05-DE8E-470D-8D3E-C871D2AE74AF}) (Version: 1.10 - aerosoft)
Airbus A380-800 VC Air France FSX & P3D (HKLM\...\{ADCF6D06-CB5F-46B9-9B58-40E1EBA1809B}) (Version: 2 - Project Airbus, repack & Panel 2D by Rikoooo)
Airport Simulator 2013 Version 1.0 (HKLM-x32\...\{67F30877-CBBB-425C-9511-93181EFB8F08}_is1) (Version: 1.0 - rondomedia)
Asus FaceID (HKLM-x32\...\{C4071085-DDF0-403F-90F9-27582FC22C9B}) (Version: 7.6.9.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.33 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Blender (HKLM\...\Blender) (Version: 2.60-release - Blender Foundation)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Dragon Assistant Installer (HKLM-x32\...\{A48069B4-3189-4DC2-AD03-645A16949F2F}) (Version: 1.0.1 - ASUS)
Dragon Assistant version 1.5.22 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Dropbox (HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
EFASS - Electronic Flight Assistant version 1.0.2336.8240 (HKLM-x32\...\{6B1F09C0-85C2-4C7B-90F0-D02D32A739A1}_is1) (Version: 1.0.2336.8240 - Froom)
Enforcer - Police Crime Action v1.0.2.3 (HKLM-x32\...\Enforcer - Police Crime Action v1.0.2.31.0.2.3) (Version: 1.0.2.3 - Friends in War)
ESET Smart Security (HKLM\...\{C082CDB9-D173-4740-AE0E-C685E6F44850}) (Version: 8.0.304.0 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies)
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version:  - )
Football Manager 2015 version v.15.1.3 (HKLM-x32\...\{A91E817B-E800-43BD-B88F-FFADBD30AC0C}_is1) (Version: v.15.1.3 - Sports Interactive)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
FSX Anti Crash Patch by W4rn1ng1 (HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\FSX Anti Crash Patch by W4rn1ng1) (Version:  - )
Global ATC Simulator (HKLM-x32\...\R2xvYmFsQVRDU2ltdWxhdG9y_is1) (Version: 1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hotline Miami (HKLM-x32\...\GOGPACKHOTLINEMIAMI_is1) (Version: 2.0.0.4 - GOG.com)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.2.0.3 - GOG.com)
I am an Air Traffic Controller3 (HKLM-x32\...\I am an Air Traffic Controller3) (Version:  - )
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains PyCharm Community Edition 4.0.4 (HKLM-x32\...\PyCharm Community Edition 4.0.4) (Version: 139.1001 - JetBrains s.r.o.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Majestic Dash8 Q400 (HKLM-x32\...\Majestic Dash8 Q400v1.013) (Version: v1.013 - Majestic Software)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.4.2000 - Maxthon International Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mozilla Firefox 36.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 en-US)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
Nuance Speech Component DA-A en-US version 1.5.22 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-C version 1.1.22 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-L en-US version 1.1.5 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.5 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Opera Stable 28.0.1750.51 (HKLM-x32\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PMDG 737 6700 NGX RTM (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.00.3219 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.00.3219 - PMDG Simulations, LLC.)
PMDG 747-400/400F for FSX (HKLM-x32\...\{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}) (Version: 2.10.0040 - Precision Manuals Development Group)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.9 - Portforward, LLC)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PRO-ATC/X version 1.2.2.6 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.2.2.6 - )
Python 3.4.2 (64-bit) (HKLM\...\{cd723946-09c1-38d3-8542-732ba931e9ef}) (Version: 3.4.2150 - Python Software Foundation)
QualityWings Ultimate 757 Collection FSX 1.2.2 (HKLM-x32\...\QualityWings Ultimate 757 Collection FSX_is1) (Version:  - )
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Remove UK2000 Stansted Xtreme files (HKLM-x32\...\UK2000 Stansted Xtreme) (Version:  - )
SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Spotify (HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TOPCAT 2.73 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.73 - FlightSimSoft.com Inh. Christian Grill)
Train Simulator 2015 (HKLM-x32\...\Train Simulator 2015_is1) (Version:  - )
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
UK2000 Gatwick Xtreme FSX  (HKLM-x32\...\UK2000 Gatwick Xtreme FSX) (Version: 3.00 - UK2000 Scenery)
UK2000 Heathrow Xtreme FSX  (HKLM-x32\...\UK2000 Heathrow Xtreme FSX) (Version: 3.02 - UK2000 Scenery)
UK2000 London City Xtreme FSX  (HKLM-x32\...\UK2000 London City Xtreme FSX) (Version: 1.00 - UK2000 Scenery)
UK2000 Luton Xtreme FSX  (HKLM-x32\...\UK2000 Luton Xtreme FSX) (Version: 1.03 - UK2000 Scenery)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
vasFMC 2.1 (HKLM-x32\...\vasFMC MSFS Gauge_is1) (Version:  - VAS Project <contact@vas-project.org>)
Virtual Norwegian Pilot Client (HKLM-x32\...\{33A2DAEA-8E19-43A1-8DF3-24E15209060B}_is1) (Version: 1.2.0 - Virtual Norwegian)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
vPilot (HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\vPilot) (Version: 1.1.5556.33545 - Ross Carlson)
War Thunder Launcher 1.0.1.513 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Windows Driver Package - ASUS (ATP) Mouse  (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
World of Subways 4 New York Line 7 (HKLM-x32\...\World of Subways 4 New York Line 7_is1) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485790007-1687985068-345982264-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
09-04-2015 19:07:11 Installed Nice Cote dAzur X
13-04-2015 17:44:17 Removed NVIDIA PhysX
17-04-2015 19:25:56 Windows Update
24-04-2015 17:15:13 Installed DirectX
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2015-02-27 12:48 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05B26A35-AC84-449E-AA8A-BB740549770F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21] (Realtek Semiconductor)
Task: {0C5DE837-DD58-466F-8281-499B65D2A5C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {0DB3BFEE-C2E6-40AE-B22A-9E4519F980AE} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-04-22] ()
Task: {0EA224C7-D4BB-49FF-BF11-826D45CE33BC} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-04-22] ()
Task: {1DB2C46F-5988-4F9E-AFD8-D082216DD10F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-23] (Adobe Systems Incorporated)
Task: {30FA72C0-B9C0-4523-BFAB-FE30AA6064BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {36F9E575-3EC3-474F-812A-7D1AE757BA73} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-02-11] (Maxthon International ltd.)
Task: {39A0EFAC-C349-4F72-8015-93322A2BF4B0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {3B0131D7-194D-4D04-B4CC-A3E5EE785E8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {3D61F152-B96C-456B-B797-14431843106C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1485790007-1687985068-345982264-1001Core1d056063e118e23 => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-04] (Google Inc.)
Task: {4693BA10-644A-4C78-ACB5-577593C3E629} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {4D439EDC-2529-4475-91B0-2EEF2A28A12A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {68AFADC5-C436-4A5D-9AA3-ADFD828EC734} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {73562B3B-5450-4A18-8608-5378E1A9F5D1} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {7B69F895-B721-4759-8D25-26C4C50B557C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {7DF296C8-31F8-4C61-B79B-227FCFAFE2E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-12] (Microsoft Corporation)
Task: {810E9BB0-CB07-4CB4-ABDD-FA7AECB51915} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {8C4945C5-C327-4E0B-90A0-A50AD4B93D72} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2014-02-04] (ASUSTek Computer Inc.)
Task: {9B1BA1DF-DBB6-45C0-8449-F1D7458A4A26} - System32\Tasks\GoogleUpdateTaskMachineCore1d047857816b68d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.)
Task: {9DF0599F-1E9E-40B0-9103-AA17B9F5B6BF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A002A077-8E02-4311-A1A4-737BD41C819E} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {A96F744B-4FC3-4F98-88CA-116557962C48} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BE89B272-C6EE-4516-ACC7-E835BC7A7536} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.)
Task: {C73E89F4-4749-40FC-B085-F4D8F8E2E724} - System32\Tasks\Opera scheduled Autoupdate 1425296989 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {C8619F2F-9139-4168-B91D-0FDAF4EC104E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {CAD35A2D-BBF8-4A87-8A60-D6F64C5D6F26} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {CB323381-4F4A-4652-9B5D-FF367CE5F6F6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1485790007-1687985068-345982264-1001Core => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-04] (Google Inc.)
Task: {CD54F1EB-6A7A-43B0-8315-6D7BA6BB242C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.)
Task: {D4FD98EF-C845-4702-AD35-42227072F64E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {DB2F2E2D-8D18-4B51-890C-F722D0D8001C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {EDA3D4C9-D50E-4070-800D-A18731272D32} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-04-26] (Enigma Software Group USA, LLC.)
Task: {F4F52091-5850-4E7F-AC70-CFD262FB5E1C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {F559C9B8-749D-4F09-BC13-814FA1E2EDD7} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-20] (Realtek Semiconductor)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d047857816b68d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1485790007-1687985068-345982264-1001Core.job => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1485790007-1687985068-345982264-1001Core1d056063e118e23.job => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-10-28 14:08 - 2015-04-08 22:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-28 14:39 - 2013-08-26 17:29 - 00755728 _____ () C:\Windows\SYSTEM32\sqlite3.dll
2015-02-13 18:02 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-07 18:12 - 2013-11-07 18:12 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-11-07 18:12 - 2013-11-07 18:12 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-07 18:12 - 2013-11-07 18:12 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-02-11 18:08 - 2014-02-11 18:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 18:08 - 2014-02-11 18:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2014-05-23 04:56 - 2014-03-18 04:10 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2015-03-17 18:49 - 2015-01-27 16:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-10-01 17:37 - 2014-10-01 17:37 - 00022824 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\ace_update.exe
2015-02-28 02:23 - 2015-02-28 02:23 - 00022824 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
2015-04-24 17:02 - 2015-04-24 17:02 - 02448384 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2015-04-16 17:12 - 2015-04-13 22:48 - 01633608 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-16 17:12 - 2015-04-13 22:48 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-16 17:12 - 2015-04-13 22:48 - 26783560 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll
2015-02-26 18:24 - 2014-03-24 15:44 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2015-02-26 18:24 - 2014-03-24 15:44 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2015-02-26 18:24 - 2014-03-24 15:44 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2015-02-26 18:24 - 2014-03-24 15:44 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2015-02-26 18:24 - 2014-03-24 15:44 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2015-02-26 18:24 - 2014-03-24 15:44 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-04-02 13:21 - 2015-03-28 04:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\Jamie\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\_ssl.pyd
2014-01-23 12:37 - 2014-01-23 12:37 - 00036352 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\_psutil_mswindows.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\pythoncom27.dll
2012-02-07 17:42 - 2012-02-07 17:42 - 00266240 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\win32com.shell.shell.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\_hashlib.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00106496 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\_ctypes.pyd
2010-10-10 23:23 - 2010-10-10 23:23 - 00723968 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\apsw.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\select.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\pyexpat.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\Jamie\AppData\Roaming\AceWebExtension\updater\lib\unicodedata.pyd
2015-04-26 13:37 - 2015-04-26 13:37 - 00043008 _____ () c:\users\jamie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbhrkmx.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00750080 _____ () C:\Users\Jamie\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00047616 _____ () C:\Users\Jamie\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00865280 _____ () C:\Users\Jamie\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00200704 _____ () C:\Users\Jamie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-10-28 14:06 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:00934A10
AlternateDataStreams: C:\ProgramData\TEMP:74603393
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\Jamie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Jamie\Downloads\Information re Work Experience Week.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1485790007-1687985068-345982264-1001\...\StartupApproved\Run: => "CMD"
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{B86DD2E5-31DF-46BD-B95F-859C865F7C88}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7B55F8F9-E766-42F7-9D68-7E0DF114571F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FB510273-499E-4EB9-80F7-76DFFF58A745}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{37DF2F4C-D536-47F2-A825-24C25388948F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{61E645F1-5D44-4F42-967C-8D34DD4013FE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BCCAE8A5-1355-453E-94BF-8C930A92DD8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9983D9E7-92A9-4E04-B09D-9F3465505B47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C02707E2-E5C2-4B37-86F1-9C2BD03E616F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{65BE6A96-83B9-412C-A1E0-21384DAB709C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{710253B7-5599-4EFE-9E96-E7451D77A799}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE1C6583-6F93-440E-BFC0-90DEF010D71D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E555E79-18C8-4269-B6A6-4F2BAAEB1BD6}] => (Allow) C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FB247E62-373C-4568-A036-03FA2645883D}] => (Allow) C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AC3271B3-60CA-4105-AEB7-E404502C7415}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3832E1B8-8BC8-42FC-B568-E274FA9042EA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{75E2DE55-39B9-43B6-8956-B01CCA77BF84}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C0624839-DF8D-4DDD-B008-88CF1602C2EA}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15386AE1-51E3-47EA-B002-C625B5DBD639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{D42B72C3-CA4C-4661-BDA4-4302F6B43573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [TCP Query User{D9C6801D-83D8-4853-A118-FCDA79580EE3}C:\users\jamie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jamie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6F81B9A7-1EE2-43B9-ADBE-4F11EB4CF995}C:\users\jamie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jamie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{FF352126-EB9C-4310-8FCA-CE7588287C07}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B222DDB8-40D4-4A6F-89FE-BD68F0301939}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{1E44A2B6-B1E1-4F56-B959-37FC985172C4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{48259AA4-2946-4E34-B806-44ED4474BAE3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{3809116A-DAD1-4890-9FE8-885CE0E17624}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{15D3BFA3-4B54-4176-8032-1AF161BBB738}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3FB98904-8CFB-4E54-9877-0F83AFF66895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{51D1A553-3321-4246-828F-DA394382AED0}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{B91B2C4E-B277-4CD8-B7FF-9AB3C56D0A79}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{7EC81DC4-D6D0-4A5D-9489-E1629407274F}] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{C3D908B9-4025-4869-A61E-B29770F9D888}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A0AEE197-9544-4412-93B1-BC255F086228}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{336C7CDE-3B63-4C5B-87D2-C5D3E39533DE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{9E670168-525C-4061-855E-B1B2B4626EF6}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{924E9962-A5A5-43C8-93C6-D5C0B6E88424}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{2D31D75C-41BE-47DA-AFAD-CFB2D1E52300}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{F3ABA490-5E17-4343-BAA1-4FFE423556A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{72F4AAAD-8D6D-41EA-81A6-B189AC5861EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D3611851-6C7E-49D7-B656-468D1072B3F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9B8906EE-ED66-4FD3-9C46-D259EFB9BDFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3CF41387-1D26-40A5-9CD0-474627C55186}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{AD07A996-C620-45B5-9200-02F1DBA65D99}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{B8E321BF-3C32-4A98-B95F-75470D74D29F}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{CCE2BD57-BD61-4691-8CE7-48316040593D}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{6AED4B06-3215-4A35-B99A-FF7678B78A15}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
FirewallRules: [{35213621-B5CB-42D6-9490-173CAA0D8886}] => (Allow) C:\Users\Jamie\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe
FirewallRules: [{A360B746-7630-4638-8482-296E767C32C1}] => (Allow) C:\Users\Jamie\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe
FirewallRules: [{F988A83E-2333-49CA-8477-C9176F8C5AE9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FA1ACE5B-BAAF-4074-A6C5-9B3471C5C321}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{572E8F90-0380-48F6-81A3-BFCE9162FC62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{36907C81-27A9-4E87-B726-E30919A532A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{8F9A08BC-0089-4B9B-9191-44F9E32A5D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{95B01CDB-C803-4DCD-BAAE-F34450B05910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{4C9FD6F0-8494-46A9-B662-DADD458C8F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{A5AE4FAC-D969-45A2-9541-1241F6343E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{35D56CE0-00A0-4CC1-B163-41A633965ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{ADA84A96-6257-4BA1-8544-AEE237870ECF}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{C3254692-7B16-4D5A-BFE4-A39AEA9612DE}] => (Allow) C:\Windows\system32\rundll32.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/26/2015 02:38:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (04/26/2015 01:33:45 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n
 
Error: (04/26/2015 01:33:45 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n
 
Error: (04/26/2015 01:00:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (04/26/2015 00:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.17415, time stamp: 0x545042b7
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17415, time stamp: 0x54503c4d
Exception code: 0xc000027b
Fault offset: 0x0000000000063c1f
Faulting process ID: 0x1fec
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report ID: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
Error: (04/26/2015 00:12:26 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (04/26/2015 11:58:46 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (04/25/2015 11:41:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (04/25/2015 10:03:49 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (04/25/2015 09:47:14 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
 
System errors:
=============
Error: (04/26/2015 01:36:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The ESET Service service did not respond on starting.
 
Error: (04/26/2015 01:35:50 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee AP Service service depends on the following service: mfevtp. This service might not be installed.
 
Error: (04/26/2015 01:35:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (04/26/2015 01:35:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (04/26/2015 01:35:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (04/26/2015 01:33:52 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (04/26/2015 01:33:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (04/26/2015 01:33:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ExpressCache service terminated unexpectedly. It has done this 1 time(s).
 
Error: (04/26/2015 01:33:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (04/26/2015 01:33:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (04/26/2015 02:38:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (04/26/2015 01:33:45 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n
 
Error: (04/26/2015 01:33:45 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n
 
Error: (04/26/2015 01:00:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (04/26/2015 00:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415545042b7twinapi.appcore.dll6.3.9600.1741554503c4dc000027b0000000000063c1f1fec01d08016d27c4780C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll139899f5-ec0a-11e4-827c-8019341093e739976Virblue.MyStudyLife_4.0.3.0_x64__pa3njxwv09jymApp
 
Error: (04/26/2015 00:12:26 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
 
Error: (04/26/2015 11:58:46 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (04/25/2015 11:41:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (04/25/2015 10:03:49 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (04/25/2015 09:47:14 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 56%
Total physical RAM: 8075.05 MB
Available physical RAM: 3515.24 MB
Total Pagefile: 16267.05 MB
Available Pagefile: 11670.63 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:677.52 GB) (Free:471.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 543DAE44)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 6DF83904)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
 
Any help provided would be much appreciated.
 

 



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 01 May 2015 - 09:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/574451 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 06 May 2015 - 09:05 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users