Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow browser, video skips, and other strange behaviors


  • This topic is locked This topic is locked
107 replies to this topic

#1 shley

shley

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 17 August 2015 - 09:45 PM

FRST.txt  (Addition.txt below)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by A (administrator) on PC-VAW (17-08-2015 22:42:10)
Running from C:\Users\A\Desktop
Loaded Profiles: A (Available Profiles: A & Administrator & Guest & DefaultAppPool)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO10\MSSQL\Binn\sqlservr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: c:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Run: [Google Update] => C:\Users\A\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-21] (Google Inc.)
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Run: [Xmarks] => C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe [1178680 2014-11-06] (Xmarks.com)
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-10-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} =>  No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1086739700-287699761-4168395197-1002 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1086739700-287699761-4168395197-1002 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1412751000665
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {CB927D12-4FF7-4A9E-A169-56E4B8A75598} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP13EP4-10138/event/ieatgpc1.cab
DPF: HKLM-x32 {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} hxxp://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{6A658B40-BA78-400C-83C8-9502BC087C64}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{8E936E8C-AD29-4DEA-A95A-CCED123DBACE}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{9EE9B475-F826-4681-906E-0E0BC75977D4}: [DhcpNameServer] 192.168.200.1

FireFox:
========
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\m57vifv2.default-1430554255015
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-06-07] ( HP)
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance29\npglance.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1086739700-287699761-4168395197-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1086739700-287699761-4168395197-1002: @talk.google.com/O1DPlugin -> C:\Users\A\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1086739700-287699761-4168395197-1002: @tools.google.com/Google Update;version=3 -> C:\Users\A\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1086739700-287699761-4168395197-1002: @tools.google.com/Google Update;version=9 -> C:\Users\A\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1086739700-287699761-4168395197-1002: hp.com/HPDetect -> C:\Users\A\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll [2012-08-30] (HP)
FF Plugin ProgramFiles/Appdata: C:\Users\A\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\A\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2015-08-03]
FF HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files (x86)\WordWeb\WCaptureMoz [2015-05-30]

Chrome:
=======
CHR Profile: C:\Users\A\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Google Docs) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-21]
CHR Extension: (Kaspersky Protection) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-12-21]
CHR Extension: (YouTube) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-21]
CHR Extension: (Google Search) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-21]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-12-21]
CHR Extension: (Google Sheets) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (Google Wallet) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-21]
CHR Extension: (Kaspersky Password Manager plugin) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopoafngjcbddhhbepebefngiioncigi [2014-12-21]
CHR Extension: (Gmail) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-21]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lgomjifbpjfhpodjhihemafahhmegbek] - C:\Program Files (x86)\QSR\NCapture\Chrome\QSR.NCapture.Chrome.crx [2013-09-18]

Opera:
=======
OPR Extension: (FVD Video Downloader) - C:\Users\A\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2015-03-08]
OPR Extension: (YouTube HTML5 unblocker) - C:\Users\A\AppData\Roaming\Opera Software\Opera Stable\Extensions\pjpioapfcjkbnhhjbflofjjannilaneb [2015-03-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-08-03] (Kaspersky Lab ZAO)
S4 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-01-16] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S4 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-06-17] (SurfRight B.V.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S4 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [317640 2015-03-30] (Intel Corporation)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MSSQL$QSRNVIVO10; c:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO10\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 SQLAgent$QSRNVIVO10; c:\Program Files\Microsoft SQL Server\MSSQL10_50.QSRNVIVO10\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
S4 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\A\AppData\Local\Temp\7zS6151\hpslpsvc64.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\bin\a2ddax64.sys [26176 2015-05-09] (Emsisoft GmbH)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-05-09] (Emsisoft GmbH)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98504 2013-09-25] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67784 2013-09-25] (Infowatch)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows ® Win 7 DDK provider)
R1 glancedrv; C:\Windows\system32\DRIVERS\glancedrv.sys [36384 2009-05-13] (Glance Networks, Inc)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3349984 2014-04-26] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 TrufosAlt; C:\Windows\System32\DRIVERS\TrufosAlt.sys [390776 2015-05-09] (BitDefender S.R.L.)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows ® Win 7 DDK provider)
U3 utezoday; C:\WINDOWS\SysWOW64\Drivers\utezoday.sys [7168 2015-08-17] () [File not signed]
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog64.sys [X]
S3 cpuz136; \??\C:\Users\A\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 22:42 - 2015-08-17 22:42 - 00030806 _____ C:\Users\A\Desktop\FRST.txt
2015-08-17 22:38 - 2015-08-17 22:42 - 00000000 ____D C:\FRST
2015-08-17 22:38 - 2015-08-17 22:38 - 02173440 _____ (Farbar) C:\Users\A\Desktop\FRST64.exe
2015-08-17 19:01 - 2015-08-17 19:01 - 07847254 _____ C:\Users\A\Desktop\GetSystemInfo_PC-VAW_A_08_17_2015_18_58_35.zip
2015-08-17 18:59 - 2015-08-17 18:59 - 00007168 _____ C:\WINDOWS\SysWOW64\Drivers\utezoday.sys
2015-08-17 18:55 - 2015-08-17 18:55 - 00000000 ____D C:\Users\A\Downloads\GetSystemInfo6.0
2015-08-17 18:52 - 2015-08-17 18:53 - 12180536 _____ C:\Users\A\Downloads\GetSystemInfo6.0.zip
2015-08-17 16:07 - 2015-08-17 16:07 - 00000769 _____ C:\AdwCleaner[S4].txt
2015-08-17 16:06 - 2015-08-17 16:06 - 00001040 _____ C:\Users\A\Desktop\JRT.txt
2015-08-17 16:01 - 2015-08-17 16:01 - 01791580 _____ (Malwarebytes Corporation) C:\Users\A\Downloads\JRT.exe
2015-08-17 16:01 - 2015-08-17 16:01 - 01563648 _____ C:\Users\A\Downloads\AdwCleaner.exe
2015-08-17 02:42 - 2015-08-17 02:42 - 00000000 ____D C:\ProgramData\Sophos
2015-08-17 02:41 - 2015-08-17 02:41 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-08-17 02:41 - 2015-08-17 02:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-08-17 02:41 - 2015-08-17 02:41 - 00000000 ____D C:\Program Files (x86)\Sophos
2015-08-17 02:39 - 2015-08-17 02:39 - 00001240 _____ C:\Users\A\Desktop\FixExec.txt
2015-08-17 02:29 - 2015-08-17 02:33 - 00000000 ____D C:\Users\A\Downloads\backups
2015-08-17 02:20 - 2015-08-17 02:30 - 00013394 _____ C:\Users\A\Downloads\hijackthis.log
2015-08-17 02:15 - 2015-08-17 02:15 - 00457632 _____ (Bleeping Computer, LLC) C:\Users\A\Downloads\FixExec.exe
2015-08-17 02:07 - 2015-08-17 02:19 - 128322608 _____ (Sophos Limited) C:\Users\A\Downloads\Sophos Virus Removal Tool.exe
2015-08-17 02:00 - 2015-08-17 02:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\A\Downloads\HijackThis.exe
2015-08-17 01:37 - 2015-08-17 01:38 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\A\Downloads\iexplore.exe
2015-08-16 19:34 - 2015-08-16 19:34 - 05634818 _____ (Swearware) C:\Users\A\Downloads\ComboFix.exe
2015-08-16 19:08 - 2015-08-16 19:08 - 00000843 _____ C:\AdwCleaner[C3].txt
2015-08-16 19:07 - 2015-08-16 19:08 - 00000690 _____ C:\AdwCleaner[S3].txt
2015-08-16 06:47 - 2015-08-16 06:47 - 00000000 ____D C:\Users\A\Desktop\Super Control Panel.{ED7BA470-8E54-465E-825C-99712043E01C}
2015-08-15 19:18 - 2015-08-17 18:27 - 00003151 _____ C:\WINDOWS\setupact.log
2015-08-15 19:18 - 2015-08-15 19:18 - 00000408 _____ C:\WINDOWS\PFRO.log
2015-08-15 19:18 - 2015-08-15 19:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-15 13:09 - 2015-08-15 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-14 09:03 - 2015-08-14 09:05 - 25351200 _____ (Tweaking.com) C:\Users\Administrator\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-08-14 09:02 - 2015-08-14 09:08 - 00000574 _____ C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job
2015-08-14 09:02 - 2015-08-14 09:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-08-13 19:43 - 2015-08-13 19:43 - 00000703 _____ C:\Users\A\Desktop\Work Links.txt
2015-08-13 12:07 - 2015-08-13 12:07 - 00001188 _____ C:\Users\A\Desktop\Jobs - schools.txt
2015-08-13 12:01 - 2015-08-13 12:01 - 00000663 _____ C:\Users\A\Desktop\Madeira.txt
2015-08-11 15:02 - 2015-07-30 10:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 15:02 - 2015-07-30 09:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 14:47 - 2015-07-16 17:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 14:47 - 2015-07-16 16:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 14:46 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 14:46 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 14:46 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 14:46 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 14:46 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 14:46 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 14:46 - 2015-07-16 15:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 14:46 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 14:46 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 14:46 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 14:46 - 2015-07-16 15:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 14:46 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 14:46 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 14:46 - 2015-07-16 15:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 14:46 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 14:46 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 14:46 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 14:46 - 2015-07-16 15:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 14:46 - 2015-07-16 15:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 14:46 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 14:46 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 14:46 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 14:46 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 14:46 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 14:46 - 2015-07-16 14:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 14:46 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 14:46 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 14:46 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 14:46 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 14:38 - 2015-07-15 20:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 14:38 - 2015-07-15 20:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 14:38 - 2015-07-15 20:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 14:38 - 2015-07-15 20:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 14:38 - 2015-07-10 13:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 14:38 - 2015-07-07 05:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 14:38 - 2015-07-07 05:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 14:38 - 2015-07-07 05:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 14:37 - 2015-07-29 10:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 14:37 - 2015-07-29 10:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 14:37 - 2015-07-29 10:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 14:37 - 2015-07-24 14:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 14:37 - 2015-07-24 14:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 14:37 - 2015-07-24 14:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 14:37 - 2015-07-24 13:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 14:37 - 2015-07-24 13:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 14:37 - 2015-07-13 23:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 14:37 - 2015-07-13 23:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 14:37 - 2015-07-13 15:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 14:37 - 2015-07-13 15:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 14:37 - 2015-07-10 14:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 14:37 - 2015-07-10 13:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 14:37 - 2015-07-10 13:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 14:37 - 2015-07-10 13:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 14:37 - 2015-07-10 12:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 14:37 - 2015-07-10 12:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 14:37 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 14:37 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 14:37 - 2015-07-09 12:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 14:37 - 2015-07-01 18:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 14:37 - 2015-07-01 18:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 14:37 - 2015-07-01 17:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 14:37 - 2015-07-01 17:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-10 23:54 - 2015-08-10 23:54 - 00252832 _____ C:\WINDOWS\patchw32.dll
2015-08-10 21:16 - 2015-08-10 21:17 - 00000000 ____D C:\Users\A\Desktop\CHESS
2015-08-07 16:58 - 2015-08-07 16:58 - 05156460 _____ C:\SetOwners.txt
2015-08-07 16:25 - 2015-08-07 16:25 - 00002586 _____ C:\Users\Administrator\Documents\Windows-Repair_reparse points errors.txt
2015-08-07 16:24 - 2015-08-07 16:24 - 00001158 _____ C:\Users\Administrator\Desktop\Notepad.lnk
2015-08-07 15:45 - 2015-08-14 09:08 - 00002176 _____ C:\Users\Administrator\Desktop\Tweaking.com - Windows Repair.lnk
2015-08-07 15:45 - 2015-08-07 15:45 - 00003666 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2015-08-07 15:38 - 2015-08-07 15:38 - 00002384 _____ C:\Users\Administrator\Desktop\Safe Money.lnk
2015-08-07 08:17 - 2015-08-17 16:54 - 01879529 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-05 13:03 - 2015-07-28 19:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-05 13:03 - 2015-07-28 10:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-05 13:03 - 2015-07-28 10:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-05 13:03 - 2015-07-28 10:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-05 13:03 - 2015-07-28 10:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-05 13:03 - 2015-07-28 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-05 13:03 - 2015-07-28 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-05 13:03 - 2015-07-18 21:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-05 13:03 - 2015-07-18 14:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-05 13:03 - 2015-07-18 14:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-05 13:03 - 2015-07-18 14:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-05 13:03 - 2015-07-18 14:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-05 13:03 - 2015-07-18 14:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-05 13:03 - 2015-07-18 14:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-05 13:03 - 2015-07-18 14:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-05 13:03 - 2015-07-18 14:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-05 13:03 - 2015-07-18 14:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-05 13:03 - 2015-07-18 14:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-05 13:03 - 2015-07-18 14:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-04 13:23 - 2015-08-04 13:23 - 00001394 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-08-04 13:19 - 2015-08-04 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-04 13:19 - 2015-06-17 05:10 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-04 13:19 - 2015-06-17 05:10 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-04 13:19 - 2015-06-17 05:10 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-04 13:19 - 2015-06-17 05:10 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 06873232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 03492168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 01059472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-04 13:18 - 2015-06-17 02:48 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-04 13:18 - 2015-06-17 02:48 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-04 13:18 - 2015-06-02 10:11 - 04421614 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-04 13:16 - 2015-06-17 05:10 - 42729104 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 30481552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 22947144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 17724600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 16145200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 15866992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 15224784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 14497520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 13263056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 12855416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 11831856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 11011216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-04 13:16 - 2015-06-17 05:10 - 03395648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 02997544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 02599752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435330.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435330.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 01060168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 01050768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00975176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00061616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00057520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-04 13:16 - 2015-06-17 05:10 - 00046768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-04 13:16 - 2015-06-17 05:10 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-08-03 22:34 - 2015-08-04 13:14 - 00000000 ____D C:\Users\A\Desktop\Drugs & Behavior
2015-08-03 20:54 - 2012-09-24 14:13 - 00056832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-03 20:54 - 2012-09-24 14:13 - 00056320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-03 20:50 - 2015-08-03 20:50 - 00000000 ____D C:\SP59742
2015-08-03 20:33 - 2015-08-03 20:50 - 143061256 _____ (Hewlett-Packard ) C:\Users\A\Downloads\sp59742.exe
2015-08-03 08:50 - 2015-08-03 08:50 - 00002244 _____ C:\Users\A\Desktop\HP Support Assistant.lnk
2015-08-03 08:48 - 2015-08-03 08:48 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-03 07:32 - 2015-08-15 08:10 - 00003136 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForA
2015-08-03 07:32 - 2015-08-15 08:10 - 00000330 _____ C:\WINDOWS\Tasks\HPCeeScheduleForA.job
2015-08-03 06:49 - 2015-08-03 06:49 - 00002384 _____ C:\Users\A\Desktop\Safe Money.lnk
2015-08-03 06:46 - 2015-08-03 06:46 - 00002128 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-08-03 06:46 - 2015-08-03 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-08-03 06:45 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2015-08-03 06:44 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2015-08-03 06:44 - 2015-06-30 01:05 - 00937656 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-08-03 06:44 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-08-03 06:17 - 2015-08-03 06:35 - 173954160 _____ (Kaspersky Lab) C:\Users\A\Downloads\kts16.0.0.614en_8243.exe
2015-08-02 21:43 - 2015-08-17 18:46 - 00000420 _____ C:\Users\A\Desktop\Kaspersky Issues.txt
2015-08-02 06:36 - 2015-08-02 06:37 - 00003658 _____ C:\Users\A\Desktop\General Revelation and Special Revelation.txt
2015-08-01 12:06 - 2015-08-02 20:54 - 00004981 _____ C:\Users\A\Desktop\WORK.txt
2015-08-01 09:56 - 2015-08-04 13:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-01 09:55 - 2015-08-04 13:19 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-31 18:45 - 2015-07-31 18:45 - 00000000 ____D C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2015-07-31 18:07 - 2015-07-31 18:14 - 00000000 ____D C:\Users\A\Downloads\Display Driver
2015-07-31 18:04 - 2015-07-10 13:22 - 00000000 ____D C:\Users\A\Downloads\settings
2015-07-30 03:09 - 2015-07-14 17:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-07-30 03:09 - 2015-07-14 17:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-07-30 03:09 - 2015-07-14 17:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-07-30 01:24 - 2015-08-03 06:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-07-30 00:05 - 2015-07-30 00:05 - 00364640 _____ (Kaspersky Lab) C:\Users\A\Downloads\kss12.0.1.808_6398_6399.exe
2015-07-29 15:48 - 2015-07-29 22:59 - 00000628 _____ C:\Users\A\Desktop\Kasp setting.txt
2015-07-29 01:13 - 2015-07-29 01:13 - 00000000 ____D C:\Users\A\AppData\Local\Kaspersky Lab
2015-07-23 09:26 - 2013-09-25 12:51 - 00098504 _____ (Infowatch) C:\WINDOWS\system32\Drivers\CSCrySec.sys
2015-07-23 09:26 - 2013-09-25 12:51 - 00067784 _____ (Infowatch) C:\WINDOWS\system32\Drivers\CSVirtualDiskDrv.sys
2015-07-23 09:15 - 2015-07-23 09:15 - 00000000 ___SD C:\Users\Administrator\Documents\Passwords Database
2015-07-23 03:25 - 2015-07-23 03:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\GWX
2015-07-23 03:20 - 2015-07-23 03:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\Zemana
2015-07-23 02:11 - 2015-07-23 02:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\VS Revo Group
2015-07-21 20:55 - 2015-06-12 13:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-07-21 20:55 - 2015-06-12 12:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-07-21 20:55 - 2015-06-11 16:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-07-21 20:55 - 2015-06-11 16:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-07-21 20:55 - 2015-06-09 18:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-07-21 20:55 - 2015-06-09 18:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-07-21 20:55 - 2015-06-09 18:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-07-21 20:55 - 2015-06-09 14:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-21 15:05 - 2015-07-21 20:21 - 00002754 _____ C:\Users\A\Documents\Instructions HD Scan.txt
2015-07-21 02:31 - 2015-07-21 02:32 - 00000000 ____D C:\Users\A\Pavark
2015-07-21 02:27 - 2015-07-21 02:27 - 00000000 ____D C:\Users\A\AppData\Local\Zemana
2015-07-21 02:27 - 2014-12-30 13:31 - 07039960 _____ (Zemana Ltd.) C:\WINDOWS\SysWOW64\ZALSDKCore.dll
2015-07-21 02:01 - 2015-07-21 02:01 - 00000000 ____D C:\Users\A\AppData\Local\AntiLogger Free
2015-07-21 00:59 - 2015-07-21 00:59 - 00001051 _____ C:\Users\A\Desktop\Folder Size.lnk
2015-07-21 00:59 - 2015-07-21 00:59 - 00000000 ____D C:\ProgramData\MindGems
2015-07-21 00:59 - 2015-07-21 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2015-07-21 00:59 - 2015-07-21 00:59 - 00000000 ____D C:\Program Files (x86)\Folder Size
2015-07-20 00:41 - 2015-07-20 02:04 - 00004244 _____ C:\Users\A\Documents\Battle of Kings trip.txt
2015-07-19 02:07 - 2015-07-19 02:07 - 00001443 _____ C:\Users\A\Desktop\Internet Explorer.lnk
2015-07-19 02:05 - 2015-07-19 02:05 - 00001443 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-18 23:35 - 2015-07-18 23:35 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-PC-VAW-Microsoft-Windows-8.1-(64-bit).dat
2015-07-18 23:33 - 2015-07-18 23:33 - 00000000 ____D C:\RegBackup
2015-07-18 00:55 - 2015-07-18 00:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 22:32 - 2014-08-20 20:04 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B4EE1499-A8B1-4A95-95CA-C8F8FBB1ACE8}
2015-08-17 22:04 - 2015-03-08 08:57 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-17 22:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-17 21:59 - 2015-05-04 19:29 - 00006937 _____ C:\Users\A\Desktop\Appointments.txt
2015-08-17 21:56 - 2014-12-21 13:35 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1086739700-287699761-4168395197-1002UA.job
2015-08-17 21:28 - 2014-08-25 18:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-17 20:30 - 2014-06-16 03:46 - 00000000 ____D C:\Users\A\AppData\Roaming\ClassicShell
2015-08-17 19:56 - 2014-12-21 13:35 - 00000854 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1086739700-287699761-4168395197-1002Core.job
2015-08-17 19:17 - 2014-07-15 22:43 - 00000000 ____D C:\Users\A\AppData\Local\CrashDumps
2015-08-17 18:32 - 2014-03-18 06:03 - 00983756 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-17 18:27 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-17 18:03 - 2015-05-09 03:07 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1086739700-287699761-4168395197-1002
2015-08-17 11:21 - 2015-06-29 10:49 - 00000000 ____D C:\Users\A\Desktop\0_Exceptionalities
2015-08-17 02:35 - 2013-08-22 09:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-08-17 01:48 - 2014-12-29 16:39 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-17 01:48 - 2014-06-16 03:24 - 00179161 ____N C:\WINDOWS\Minidump\081715-25062-01.dmp
2015-08-16 19:06 - 2015-07-07 02:10 - 01779038 _____ C:\Users\A\Documents\EndNoteLib XU 618-Saved-Saved.enl
2015-08-16 17:46 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-16 13:01 - 2015-04-04 01:10 - 00000000 ____D C:\Users\A\Desktop\Terrace Park
2015-08-15 23:44 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-15 20:38 - 2015-05-15 11:50 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-15 19:24 - 2014-06-16 01:56 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-15 07:16 - 2015-05-15 11:50 - 00003844 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-08-15 07:16 - 2015-04-27 20:38 - 00000000 ____D C:\Users\A\Desktop\NOTES
2015-08-15 07:16 - 2015-03-08 08:57 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-15 01:23 - 2014-10-27 08:30 - 00000000 ____D C:\Users\A\AppData\Roaming\Skype
2015-08-15 01:21 - 2014-09-06 21:22 - 00000000 ____D C:\Users\A\Documents\Family Tree Maker
2015-08-14 14:22 - 2015-02-25 00:06 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-14 12:16 - 2014-08-20 17:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ClassicShell
2015-08-14 12:14 - 2015-07-12 15:35 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1086739700-287699761-4168395197-500
2015-08-14 12:06 - 2013-08-22 10:44 - 00581760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 12:02 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-14 11:32 - 2012-07-26 01:26 - 00000238 _____ C:\WINDOWS\win.ini
2015-08-14 11:23 - 2014-07-25 11:42 - 00983820 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-14 10:18 - 2014-06-16 02:06 - 00018778 _____ C:\WINDOWS\system32\results.xml
2015-08-14 09:39 - 2015-04-10 09:40 - 00000258 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2015-08-14 09:09 - 2014-06-16 01:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-13 23:19 - 2014-07-25 11:52 - 00000000 ____D C:\Users\A
2015-08-13 03:57 - 2015-06-18 02:27 - 00030544 _____ (HP) C:\WINDOWS\system32\Drivers\WirelessButtonDriver64.sys
2015-08-12 18:21 - 2014-06-16 03:24 - 00181177 _____ C:\WINDOWS\Minidump\081215-22953-01.dmp
2015-08-12 09:49 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-11 16:40 - 2014-12-29 12:58 - 00000000 ____D C:\Users\Public\Documents\EndNote
2015-08-11 16:40 - 2014-12-29 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2015-08-11 16:40 - 2014-12-29 12:56 - 00000000 ____D C:\Program Files (x86)\EndNote X7
2015-08-11 16:40 - 2014-06-16 22:07 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2015-08-11 15:34 - 2014-06-17 23:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-11 15:34 - 2014-06-17 23:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-11 15:30 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 15:30 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 15:30 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-11 15:30 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-11 15:02 - 2014-06-17 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-11 15:01 - 2014-06-16 02:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-11 14:57 - 2014-06-16 02:37 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 14:56 - 2014-06-17 16:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-11 14:54 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 14:54 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 23:54 - 2014-06-26 22:16 - 00000000 ____D C:\Program Files\Family Tree Maker 2014
2015-08-10 16:41 - 2015-05-02 04:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 16:58 - 2014-09-27 16:10 - 00000000 ____D C:\Users\A\Desktop\Weech_A_A
2015-08-08 09:55 - 2013-08-22 11:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 09:55 - 2013-08-22 11:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 17:07 - 2013-08-22 09:25 - 00000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_416
2015-08-07 15:45 - 2015-04-13 06:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-08-07 15:45 - 2015-04-13 06:00 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-08-07 08:22 - 2015-03-08 08:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-07 02:26 - 2014-06-16 00:56 - 00000000 ____D C:\Users\A\AppData\Local\Packages
2015-08-06 03:14 - 2015-03-08 08:52 - 00003826 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1425819169
2015-08-06 03:13 - 2015-07-14 13:41 - 00001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-06 00:15 - 2014-10-23 14:21 - 00007600 _____ C:\Users\A\AppData\Local\resmon.resmoncfg
2015-08-05 13:03 - 2015-04-11 06:09 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-05 13:03 - 2014-11-19 08:31 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-04 13:19 - 2014-07-25 11:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-04 13:18 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\Help
2015-08-04 13:16 - 2015-07-14 01:45 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-03 20:55 - 2014-06-16 01:53 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-03 18:51 - 2014-06-16 00:59 - 00000000 ____D C:\Users\A\AppData\Local\Hewlett-Packard
2015-08-03 18:46 - 2014-06-16 22:59 - 00000000 ____D C:\Users\A\AppData\Roaming\HpUpdate
2015-08-03 13:53 - 2015-05-10 06:58 - 00000000 ____D C:\Users\A\Desktop\0_Principles & Ethics
2015-08-03 13:40 - 2012-10-09 13:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-08-03 13:40 - 2012-10-09 13:48 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-03 08:50 - 2012-10-09 13:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-03 08:49 - 2012-10-09 13:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-03 08:49 - 2012-10-09 13:33 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-03 06:46 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-03 06:45 - 2014-08-25 18:41 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-08-03 06:45 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-08-03 00:54 - 2015-05-30 21:41 - 00000000 ____D C:\Users\A\Documents\Anki
2015-08-02 05:58 - 2015-05-11 00:03 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2015-08-01 21:42 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 19:55 - 2014-07-25 15:32 - 00000000 ___DC C:\WINDOWS\Panther
2015-07-31 18:48 - 2014-06-16 01:12 - 00000000 ____D C:\Users\A\AppData\Roaming\Hewlett-Packard
2015-07-31 18:44 - 2012-08-03 20:02 - 00000000 ____D C:\SWSetup
2015-07-30 19:44 - 2015-07-17 09:06 - 00000000 ____D C:\AdwCleaner
2015-07-30 04:07 - 2013-08-22 09:25 - 00000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_960
2015-07-30 02:43 - 2014-10-26 12:07 - 00000000 ____D C:\Users\A\Desktop\Liberty
2015-07-29 23:13 - 2014-08-20 09:39 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-07-29 23:12 - 2014-08-20 09:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2015-07-25 15:35 - 2015-04-05 05:27 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-25 15:19 - 2014-08-20 09:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-07-23 19:58 - 2014-11-09 00:19 - 00000000 ____D C:\Program Files\CCleaner
2015-07-22 20:47 - 2013-08-22 09:25 - 00000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_844
2015-07-21 01:48 - 2014-12-09 18:47 - 00000000 ____D C:\Users\A\Documents\AVS4YOU
2015-07-21 00:07 - 2015-07-12 19:40 - 00002921 _____ C:\Users\A\Documents\Thesis_WIP_20150712.txt
2015-07-20 18:28 - 2014-12-09 18:17 - 00000000 ____D C:\Users\A\AppData\Roaming\AVS4YOU
2015-07-20 18:27 - 2014-12-09 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-07-20 18:27 - 2014-12-09 18:15 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2015-07-20 18:25 - 2014-06-22 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-07-19 01:49 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-07-19 01:49 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-07-18 23:33 - 2015-04-13 06:00 - 00002299 _____ C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk

==================== Files in the root of some directories =======

2015-03-28 23:40 - 2015-04-04 13:18 - 0000154 _____ () C:\Users\A\AppData\Roaming\Rim.Desktop.Exception.log
2015-03-28 23:39 - 2015-04-04 13:35 - 0002173 _____ () C:\Users\A\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-03-28 23:40 - 2015-04-04 13:18 - 0000154 _____ () C:\Users\A\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-04-23 14:01 - 2015-04-23 14:01 - 15831040 _____ () C:\Users\A\AppData\Local\14F9FDC5_stp.EXE
2015-04-23 14:01 - 2015-04-23 14:01 - 0000570 _____ () C:\Users\A\AppData\Local\14F9FDC5_stp.EXE.part
2015-04-23 14:01 - 2015-04-23 14:01 - 0204291 _____ () C:\Users\A\AppData\Local\2B763BC1_stp.CIS
2015-04-23 14:01 - 2015-04-23 14:01 - 0000290 _____ () C:\Users\A\AppData\Local\2B763BC1_stp.CIS.part
2015-04-23 14:00 - 2015-04-23 14:00 - 0385602 _____ () C:\Users\A\AppData\Local\5D515C96_stp.CIS
2015-04-23 14:00 - 2015-04-23 14:00 - 0000220 _____ () C:\Users\A\AppData\Local\5D515C96_stp.CIS.part
2014-09-06 22:10 - 2015-05-14 00:18 - 0004608 _____ () C:\Users\A\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-20 21:16 - 2014-11-20 21:16 - 0000868 _____ () C:\Users\A\AppData\Local\recently-used.xbel
2014-10-23 14:21 - 2015-08-06 00:15 - 0007600 _____ () C:\Users\A\AppData\Local\resmon.resmoncfg
2014-06-18 22:22 - 2014-06-18 22:24 - 0036823 _____ () C:\Users\A\AppData\Local\WiDiSetupLog.20140618.222240.wdl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-17 19:49

==================== End of log ============================

 

 

Addition.txt
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by A (2015-08-17 22:42:58)
Running from C:\Users\A\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

A (S-1-5-21-1086739700-287699761-4168395197-1002 - Administrator - Enabled) => C:\Users\A
Administrator (S-1-5-21-1086739700-287699761-4168395197-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1086739700-287699761-4168395197-501 - Limited - Disabled) => C:\Users\Guest

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Kaspersky Total Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 6357680.1637756.4759644.48 - Audible, Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AVS Audio Converter 7.3 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.3.1.535 - Online Media Technologies Ltd.)
AVS Image Converter 3.2.1.277 (HKLM-x32\...\AVS Image Converter_is1) (Version: 3.2.1.277 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.1.144 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.1.144 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.1.568 - Online Media Technologies Ltd.)
AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.3.2.166 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.3.2.166 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.4.0.8818 - Thomson Reuters)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
Free YouTube Download version 3.2.59.525 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.59.525 - DVDVideoSoft Ltd.)
GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
GraphCalc v4.0.1 (HKLM-x32\...\GraphCalc v4.0.1_is1) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.)
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{7DE5085A-3665-40BC-9595-A1A209699137}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Officejet J4500 Series 14.0 Rel. 6 (HKLM\...\{EACF146B-01D2-4185-B773-9604A0E5902A}) (Version: 14.0 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{2AFEFC93-F0C7-4390-BB51-F914EC546B30}) (Version: 2.1.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.7.1 - Hewlett-Packard Company)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{90621A56-901E-417D-A8CB-E8E3A6793C29}) (Version: 4.1.19.0 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{5AE8ACA2-420B-4196-A8E0-20E8EB274E0F}) (Version: 17.1.1512.0771 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
J4500 (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Marble (remove only) (HKLM-x32\...\Marble) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{C058FC5D-565F-4360-A562-0527A3D993DC}) (Version: 2.3.2211 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.4745.1001 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (HKLM-x32\...\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows 8 ESU (HKLM-x32\...\{E7E058CF-4638-49D4-936D-AC6DAE3B002E}) (Version: 1.1.1 - Hewlett-Packard)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Firefox 40.0.2 (x86 en-US) (HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1001 - Microsoft Corporation) Hidden
Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software)
ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
QSR NCapture for Chrome (HKLM-x32\...\{EB78E6E7-6E0B-4EEE-A485-9361C3500096}) (Version: 1.0.136.0 - QSR International Pty Ltd)
QSR NCapture for Internet Explorer (HKLM-x32\...\{B32CD9BC-7C16-4152-A579-2AA32730E24E}) (Version: 1.0.190.0 - QSR International Pty Ltd)
QSR NVivo 10 (HKLM\...\{49BFDB10-A9AC-4368-9BF1-236D569DD8F0}) (Version: 10.0.638.0 - QSR International Pty Ltd)
QSR NVivo Add-In for OneNote (HKLM-x32\...\{34403D44-0BA0-4CB3-9C7C-EFD30F2C3AA8}) (Version: 1.0.41.0 - QSR International Pty Ltd)
R for Windows 3.1.3 (HKLM\...\R for Windows 3.1.3_is1) (Version: 3.1.3 - R Core Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SIMFIT Version 7.0.8 (64-bit) (HKLM-x32\...\x64_SIMFIT_is1) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
SpeedCrunch 0.10 (HKLM-x32\...\SpeedCrunch_is1) (Version:  - SpeedCrunch)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.4.1 - Tweaking.com)
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
VitalSource Bookshelf (HKLM-x32\...\{f4449697-7673-4d11-b23b-67f894203dc3}) (Version: 6.06.0023 - Ingram Content Group)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WordWeb (HKLM-x32\...\WordWeb) (Version: 7 - WordWeb Software)
Xiphos (HKLM-x32\...\Xiphos) (Version:  - )
Xmarks for IE (HKLM-x32\...\{ABFA6EAE-C9C0-4B39-B722-02094EF6B889}) (Version: 127.0.177 - Xmarks)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\A\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\A\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1086739700-287699761-4168395197-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\A\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

07-08-2015 22:49:03 Revo Uninstaller Pro's restore point - Chemistry
07-08-2015 22:52:14 Revo Uninstaller Pro's restore point - Yenka
07-08-2015 22:53:49 Revo Uninstaller Pro's restore point - Hydrogen 0.9.6 preview release for windows
07-08-2015 22:55:11 Revo Uninstaller Pro's restore point - Celestia 1.6.1
07-08-2015 22:56:03 Revo Uninstaller Pro's restore point - Anki
11-08-2015 14:50:55 Windows Update
16-08-2015 06:51:24 RunningWell
17-08-2015 02:40:27 Installed Sophos Virus Removal Tool.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2015-08-14 11:32 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {028080DD-F885-4A0F-9238-A8242467A42F} - System32\Tasks\{32C86DD0-366A-462E-BF3F-656C30DF7704} => pcalua.exe -a "C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe" -c -datfile hpqbud05.dat -forcereboot
Task: {02A74EEC-ACB1-4E37-AF84-E29D8D5353C5} - System32\Tasks\BDRemovalTool => C:\Users\A\AppData\Local\Temp\BDRemovalTool\BDRemovalTool.exe <==== ATTENTION
Task: {11E89710-340B-485D-922A-25EFA2859297} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1086739700-287699761-4168395197-1002Core => C:\Users\A\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-21] (Google Inc.)
Task: {27449C35-5BF7-4631-9767-970EFA7530FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {2CCE2338-51CD-4984-A1D3-AA9D08C60DCF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {40208D71-9E10-4F22-91CC-F8F39F58B27A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
Task: {48C50A81-04F5-4A96-B0DD-E9243FC90F87} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {4F0CAFF9-553E-4341-8CB3-305D7753701E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {5012C4BF-9786-4BBD-AA35-88562E79B221} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {5FA184F8-BE27-4B50-9F53-D72729B4F22B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {601A54BC-30A4-4EDF-AC58-D80B46EEAC8C} - System32\Tasks\{1D28122A-7FE7-42D1-B619-E417526E2184} => pcalua.exe -a "C:\Program Files (x86)\MagicLAN\MagicUtility\USB(2300U)\Install.exe" -d "C:\Program Files (x86)\MagicLAN\MagicUtility\USB(2300U)"
Task: {62C13604-7A99-4703-A727-945AF6F58FE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {63E8EC99-9850-45AB-850B-E1872945E722} - System32\Tasks\Opera scheduled Autoupdate 1425819169 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software)
Task: {67855A53-7045-42A3-B3A3-AAD7DD8B73CE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {6CC1F7C6-DD1F-43C7-AA68-FFC3C1F0F795} - System32\Tasks\{380C36B7-2F4C-465B-86FA-0A9510CF4E5A} => Iexplore.exe http://ui.skype.com/ui/0/7.2.59.103/vi/abandoninstall?page=tsMain
Task: {747400FB-9D1C-4A83-B134-0606AA415328} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {7B782D00-9030-485D-91CF-0A0D9F41AEB7} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {81C7519A-4663-4F40-A223-6470AC064DB9} - System32\Tasks\HPCeeScheduleForA => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {85645E94-846A-44AE-94C5-D7A4AC6049CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {98D438F5-B15A-4B42-9787-3FF769827E7A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {A97526D9-2B55-4132-9436-D04F44CA800A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {B6B89EC6-A748-4106-8879-6442FD4470E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {BBFAAB95-E009-4D4B-AC79-15C48BC59640} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {BD218C70-27D7-4234-9E60-DFACCB2252C7} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {C4D98166-F855-4030-B7D9-1666E0B48D82} - System32\Tasks\{DD7AEDDE-A1D0-4AE4-ABE9-A9E48697101B} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
Task: {C5ED5E7E-6CA0-491B-B02E-474C10A8EDE2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-11] (Microsoft Corporation)
Task: {C9B55B05-5C10-4635-9F15-FFEB71948800} - System32\Tasks\{730665D5-1DA9-420B-9EFD-0C3DB10FCF4B} => pcalua.exe -a C:\Users\A\Downloads\sp64031.exe -d C:\Users\A\Desktop
Task: {CA76223C-C1F2-4406-B3E4-FFD594FF170B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1086739700-287699761-4168395197-1002UA => C:\Users\A\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-21] (Google Inc.)
Task: {DF9B4D81-0B57-477A-AA1A-E47130914A7D} - System32\Tasks\{CC9BD620-D453-45F9-9843-03757ED40990} => pcalua.exe -a C:\Users\A\Downloads\sp59654.exe -d C:\Users\A\Desktop
Task: {F4F3B7E5-6F46-4368-925A-25223A410B4E} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1086739700-287699761-4168395197-1002Core.job => C:\Users\A\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1086739700-287699761-4168395197-1002UA.job => C:\Users\A\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForA.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com

==================== Loaded Modules (Whitelisted) ==============

2015-02-25 00:06 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-18 11:07 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-06-16 01:54 - 2012-07-27 20:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\kpcengine.2.3.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\sqlite.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\A\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24875689.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26831434.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24875689.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\26831434.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1086739700-287699761-4168395197-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.200.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: becldr3Service => 3
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrcmSetSecurity => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CSObjectsSrv => 2
MSCONFIG\Services: FPLService => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ibtsiva => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® ME Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: iumsvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TrueService => 3
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "AntiLogger"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7BF1FD95D04C53B8010C6271BFF3AA5D"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "Xmarks"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "ReadCube"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "CCleaner"
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\...\StartupApproved\Run: => "WordWeb"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DE350909-83BB-452E-A144-062202187F03}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{BF1C290A-2775-4199-A5C4-781BD70F4C27}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A3266500-5881-4838-8467-50102D176BBA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{004F7630-4EEB-43E1-86F2-A8C2CED61E83}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{FCED0F42-5830-479C-B354-7174CD917114}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{23FE04F6-A9E4-4336-BA9A-7A38CE52DECB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{70DF6611-9245-4FE2-B4CD-5F5CB6493290}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{BCDFDF78-DE6A-4A13-9CDE-804D24EF91D5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7D6810F2-2BE1-40D0-A50D-AF6C263F6877}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{E0D86322-0254-415B-B9BA-E8985A53BEFA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{FA97ECDA-F8B9-441C-ACBB-EE92DCDD1412}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{0DCB8599-C500-45AA-88F4-C4424835C5DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0D693EEB-0640-4CF9-91D3-C2098C74C784}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [TCP Query User{8DA3CF8E-BFBF-4F41-AB55-BF3219F5F179}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4FA3359E-D133-4FB2-912B-8AFCEE006FA8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F77A58A1-7216-45BD-A28F-CA9FEF268ECE}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9F88B928-17D5-4827-8630-4CC46293F8C6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FDD524BD-8782-4A3C-97F3-638C8B31088E}] => (Allow) C:\Users\A\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DE832D8B-4F9C-4316-8D3F-98C0ADC354DC}] => (Allow) C:\Users\A\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{15E4E1FD-512D-4CA0-8F0D-C97259190AB8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1FBEBC8-4A90-4E22-8F01-16E314E964B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FCCC3342-9B18-4E85-AD8B-B5F5DC5E601D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2501E1EA-4BA7-4136-B6F9-A734441A270D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2A972B48-E6C5-4CFE-8CBC-C4346C3D2039}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{355218A9-12DE-4811-A595-AB2A49FE15B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{958D29C3-CC78-41C9-A811-01974AD3AB2D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{FD258874-9D03-4045-BA1F-38D3FA356FDF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3ED48F7D-31B5-4335-A2AB-A0C1919C6EDB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9302D374-D606-4096-B3EF-D90F57D1CB85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{46EEC703-086D-41D0-9E38-3B9E57A8871A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BCB4BC98-2656-43E1-9A90-F8E2E4426F97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{96AABB0C-DA56-4E16-97C2-D55D46392282}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============

Name: NVIDIA GeForce GT 630M 
Description: NVIDIA GeForce GT 630M 
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2015 07:17:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GSI.exe, version: 6.0.5.10, time stamp: 0x54c8767f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0xe0434352
Fault offset: 0x00014598
Faulting process id: 0x166c
Faulting application start time: 0xGSI.exe0
Faulting application path: GSI.exe1
Faulting module path: GSI.exe2
Report Id: GSI.exe3
Faulting package full name: GSI.exe4
Faulting package-relative application ID: GSI.exe5

Error: (08/17/2015 07:17:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GSI.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.IO.Directory.DeleteHelper(System.String, System.String, Boolean, Boolean)
   at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
   at System.IO.Directory.Delete(System.String, Boolean)
   at KasperskySystemInspector.Model.MGsiEnvironment.<RollBackTempEnvironment>b__6(System.String)
   at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].ForEach(System.Action`1<System.__Canon>)
   at KasperskySystemInspector.Model.MGsiEnvironment.RollBackTempEnvironment()
   at KasperskySystemInspector.Model.MGsiApplication.Finalize()

Error: (08/17/2015 03:41:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1d14

Start Time: 01d0d8bf6c87a618

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 613c5bb8-44b3-11e5-80c5-aeb78fd26051

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (08/17/2015 03:34:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (08/17/2015 01:29:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17924, time stamp: 0x55959290
Faulting module name: ntdll.dll, version: 6.3.9600.17936, time stamp: 0x55a68e0c
Exception code: 0xc0000005
Fault offset: 0x000000000003d86e
Faulting process id: 0xe40
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
Faulting package full name: GWXUX.exe4
Faulting package-relative application ID: GWXUX.exe5

Error: (08/16/2015 07:34:48 PM) (Source: HP Active Health) (EventID: 1002) (User: )
Description: Error iterating on DiskLogical. Fetched 0 records. Exception is: System.Management.ManagementException: Invalid namespace
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementObjectSearcher.Initialize()
   at System.Management.ManagementObjectSearcher.Get()
   at HP.ActiveHealth.Commons.Objects.AgentDataQuery.ManagementProperties..ctor(String query, String scope)
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetEncryptedVolumes()
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetNewDataClasses(FileInfo agentStateFile)

Error: (08/16/2015 07:16:28 PM) (Source: HP Active Health) (EventID: 1002) (User: )
Description: Error iterating on DiskLogical. Fetched 0 records. Exception is: System.Management.ManagementException: Invalid namespace
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementObjectSearcher.Initialize()
   at System.Management.ManagementObjectSearcher.Get()
   at HP.ActiveHealth.Commons.Objects.AgentDataQuery.ManagementProperties..ctor(String query, String scope)
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetEncryptedVolumes()
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetNewDataClasses(FileInfo agentStateFile)

Error: (08/16/2015 12:44:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17840, time stamp: 0x555fe1bb
Faulting module name: coreclr.dll, version: 5.1.40728.0, time stamp: 0x55b727fd
Exception code: 0xc0000005
Fault offset: 0x00091fe6
Faulting process id: 0x16d4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (08/16/2015 12:44:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17840, time stamp: 0x555fe1bb
Faulting module name: coreclr.dll, version: 5.1.40728.0, time stamp: 0x55b727fd
Exception code: 0xc0000005
Fault offset: 0x00091fe6
Faulting process id: 0x19ec
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (08/15/2015 01:41:04 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

System errors:
=============
Error: (08/17/2015 06:59:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\Drivers\utezoday.sys

Error: (08/17/2015 06:31:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (08/17/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (08/17/2015 06:27:46 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Msmq Listener Adapter service depends on the following service: msmq. This service might not be installed.

Error: (08/17/2015 06:27:34 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (08/17/2015 06:03:47 PM) (Source: DCOM) (EventID: 10010) (User: PC-VAW)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/17/2015 04:33:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (08/17/2015 04:29:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (08/17/2015 04:12:53 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Msmq Listener Adapter service depends on the following service: msmq. This service might not be installed.

Error: (08/17/2015 04:12:44 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Microsoft Office:
=========================
Error: (08/17/2015 07:17:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GSI.exe6.0.5.1054c8767fKERNELBASE.dll6.3.9600.1741554504adee043435200014598166c01d0d9403f472bd6C:\Users\A\AppData\Local\Temp\GSI_LAUCH\GSI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll2ab9c477-4536-11e5-80c7-c780481c817c

Error: (08/17/2015 07:17:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GSI.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.IO.Directory.DeleteHelper(System.String, System.String, Boolean, Boolean)
   at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
   at System.IO.Directory.Delete(System.String, Boolean)
   at KasperskySystemInspector.Model.MGsiEnvironment.<RollBackTempEnvironment>b__6(System.String)
   at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].ForEach(System.Action`1<System.__Canon>)
   at KasperskySystemInspector.Model.MGsiEnvironment.RollBackTempEnvironment()
   at KasperskySystemInspector.Model.MGsiApplication.Finalize()

Error: (08/17/2015 03:41:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174151d1401d0d8bf6c87a6184294967295C:\WINDOWS\syswow64\wwahost.exe613c5bb8-44b3-11e5-80c5-aeb78fd26051Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (08/17/2015 03:34:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (08/17/2015 01:29:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.1793655a68e0cc0000005000000000003d86ee4001d0d8ada36f7b41C:\WINDOWS\System32\GWX\GWXUX.exeC:\WINDOWS\SYSTEM32\ntdll.dlle1a18c6b-44a0-11e5-80c3-ef28661b388c

Error: (08/16/2015 07:34:48 PM) (Source: HP Active Health) (EventID: 1002) (User: )
Description: Error iterating on DiskLogical. Fetched 0 records. Exception is: System.Management.ManagementException: Invalid namespace
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementObjectSearcher.Initialize()
   at System.Management.ManagementObjectSearcher.Get()
   at HP.ActiveHealth.Commons.Objects.AgentDataQuery.ManagementProperties..ctor(String query, String scope)
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetEncryptedVolumes()
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetNewDataClasses(FileInfo agentStateFile)

Error: (08/16/2015 07:16:28 PM) (Source: HP Active Health) (EventID: 1002) (User: )
Description: Error iterating on DiskLogical. Fetched 0 records. Exception is: System.Management.ManagementException: Invalid namespace
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementObjectSearcher.Initialize()
   at System.Management.ManagementObjectSearcher.Get()
   at HP.ActiveHealth.Commons.Objects.AgentDataQuery.ManagementProperties..ctor(String query, String scope)
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetEncryptedVolumes()
   at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetNewDataClasses(FileInfo agentStateFile)

Error: (08/16/2015 12:44:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17840555fe1bbcoreclr.dll5.1.40728.055b727fdc000000500091fe616d401d0d7de48453939C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEc:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\coreclr.dll8920a132-43d1-11e5-80be-b07d9ec6f729

Error: (08/16/2015 12:44:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17840555fe1bbcoreclr.dll5.1.40728.055b727fdc000000500091fe619ec01d0d7de0671f811C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEc:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\coreclr.dll81dfc75f-43d1-11e5-80be-b07d9ec6f729

Error: (08/15/2015 01:41:04 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

CodeIntegrity:
===================================
  Date: 2015-08-17 18:28:32.854
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-17 16:29:24.216
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-17 02:37:01.085
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-17 01:49:43.466
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-16 19:30:24.965
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-16 19:24:31.168
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-16 19:11:52.035
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-16 17:33:37.366
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-16 14:50:34.525
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-15 19:19:02.177
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 37%
Total physical RAM: 8081.27 MB
Available physical RAM: 5062.01 MB
Total Virtual: 9361.27 MB
Available Virtual: 5738.42 MB

==================== Drives ================================

Drive c: (A) (Fixed) (Total:669.28 GB) (Free:518.91 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:28.14 GB) (Free:3.31 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2707FF1B)

Partition: GPT.

==================== End of log ============================


 



BC AdBot (Login to Remove)

 


m

#2 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 18 August 2015 - 10:50 AM

I probably should have mentioned more of the behaviors.  Internet page freezes so I can't scroll down anymore; Windows Security Service Center stops working intermittently.  Just strange behaviors. 



#3 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 18 August 2015 - 05:03 PM

Here's two other strange behaviors:
When I save a change to a notepad file, the curser jumps up 2-3 lines and moves to the right a few spaces.

When I log into password protected sites, sometimes it says I entered the wrong p/w and wants me to re-enter it when I know everything was correct.

Just strange.

I don't know if this has anything to do with it, but none of this was happening prior to the last Windows Update.



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 21 August 2015 - 10:27 PM

Greetings shley and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Looks like you have done quite a bit of work already.

Let's start with this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} =>  No File
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKU\S-1-5-21-1086739700-287699761-4168395197-1002 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance29\npglance.dll [No File]
S2 HPSLPSVC; C:\Users\A\AppData\Local\Temp\7zS6151\hpslpsvc64.dll [X]
U3 utezoday; C:\WINDOWS\SysWOW64\Drivers\utezoday.sys [7168 2015-08-17] () [File not signed]
C:\WINDOWS\SysWOW64\Drivers\utezoday.sys
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog64.sys [X]
S3 cpuz136; \??\C:\Users\A\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
Task: {02A74EEC-ACB1-4E37-AF84-E29D8D5353C5} - System32\Tasks\BDRemovalTool => C:\Users\A\AppData\Local\Temp\BDRemovalTool\BDRemovalTool.exe <==== ATTENTION
C:\Users\A\AppData\Local\Temp\BDRemovalTool
Task: {C9B55B05-5C10-4635-9F15-FFEB71948800} - System32\Tasks\{730665D5-1DA9-420B-9EFD-0C3DB10FCF4B} => pcalua.exe -a C:\Users\A\Downloads\sp64031.exe -d C:\Users\A\Desktop
Task: {DF9B4D81-0B57-477A-AA1A-E47130914A7D} - System32\Tasks\{CC9BD620-D453-45F9-9843-03757ED40990} => pcalua.exe -a C:\Users\A\Downloads\sp59654.exe -d C:\Users\A\Desktop
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary Information
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 22 August 2015 - 10:21 PM

Hi Gary
Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 03
Ran by A (2015-08-22 23:08:37) Run:1
Running from C:\Users\A\Desktop
Loaded Profiles: A (Available Profiles: A & Administrator & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} =>  No File
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKU\S-1-5-21-1086739700-287699761-4168395197-1002 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance29\npglance.dll [No File]
S2 HPSLPSVC; C:\Users\A\AppData\Local\Temp\7zS6151\hpslpsvc64.dll [X]
U3 utezoday; C:\WINDOWS\SysWOW64\Drivers\utezoday.sys [7168 2015-08-17] () [File not signed]
C:\WINDOWS\SysWOW64\Drivers\utezoday.sys
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog64.sys [X]
S3 cpuz136; \??\C:\Users\A\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
Task: {02A74EEC-ACB1-4E37-AF84-E29D8D5353C5} - System32\Tasks\BDRemovalTool => C:\Users\A\AppData\Local\Temp\BDRemovalTool\BDRemovalTool.exe <==== ATTENTION
C:\Users\A\AppData\Local\Temp\BDRemovalTool
Task: {C9B55B05-5C10-4635-9F15-FFEB71948800} - System32\Tasks\{730665D5-1DA9-420B-9EFD-0C3DB10FCF4B} => pcalua.exe -a C:\Users\A\Downloads\sp64031.exe -d C:\Users\A\Desktop
Task: {DF9B4D81-0B57-477A-AA1A-E47130914A7D} - System32\Tasks\{CC9BD620-D453-45F9-9843-03757ED40990} => pcalua.exe -a C:\Users\A\Downloads\sp59654.exe -d C:\Users\A\Desktop
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShareOverlay" => key removed successfully
HKCR\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516} => key not found.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully
HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.
HKU\S-1-5-21-1086739700-287699761-4168395197-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2E924F4F-67F0-4BD8-9560-49F468E843D2} => value removed successfully
HKCR\CLSID\{2E924F4F-67F0-4BD8-9560-49F468E843D2} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@glance.net/GlanceClient" => key removed successfully
HPSLPSVC => service removed successfully
utezoday => service removed successfully
C:\WINDOWS\SysWOW64\Drivers\utezoday.sys => moved successfully
AntiLog32 => service removed successfully
cpuz136 => service removed successfully
keycrypt => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{02A74EEC-ACB1-4E37-AF84-E29D8D5353C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02A74EEC-ACB1-4E37-AF84-E29D8D5353C5}" => key removed successfully
C:\WINDOWS\System32\Tasks\BDRemovalTool => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BDRemovalTool" => key removed successfully
"C:\Users\A\AppData\Local\Temp\BDRemovalTool" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9B55B05-5C10-4635-9F15-FFEB71948800}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9B55B05-5C10-4635-9F15-FFEB71948800}" => key removed successfully
C:\WINDOWS\System32\Tasks\{730665D5-1DA9-420B-9EFD-0C3DB10FCF4B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{730665D5-1DA9-420B-9EFD-0C3DB10FCF4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF9B4D81-0B57-477A-AA1A-E47130914A7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF9B4D81-0B57-477A-AA1A-E47130914A7D}" => key removed successfully
C:\WINDOWS\System32\Tasks\{CC9BD620-D453-45F9-9843-03757ED40990} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC9BD620-D453-45F9-9843-03757ED40990}" => key removed successfully

==== End of Fixlog 23:08:38 ====

 

Attached is the Summary--- NO IT IS NOT (I got an error stating "Error You aren't permitted to upload this kind of file") -PLEASE ADVISE!

Behavior update:

The "When I log into password protected sites, sometimes it says I entered the wrong p/w and wants me to re-enter it when I know everything was correct." has gone away since I removed Kaspersky (currently running only Windows Defender).  Also, the Windows Security Service Center issue went away upon removing Kaspersky, too.  I am no having problems reinstalling Kasp Total Security (even though I used the Remover Tool).  I have attached a snapshot here, too. 

All the other behaviors are pretty much the same.

Thanks, Gary.
 

Attached Files



#6 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 22 August 2015 - 10:23 PM

Never Mind - I see my error!  I zipped it here for you. Sorry about that.

Attached Files



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 22 August 2015 - 10:39 PM

Greetings,

I am ending for the evening and would like to review the System Summary before posting our next step. I will post in the morning.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 23 August 2015 - 03:36 PM

Thank you for your patience.
 

I am no having problems reinstalling Kasp Total Security (even though I used the Remover Tool).

Just so I am clear. You used the Removal Tool to uninstall Kaspersky then when you attempted to reinstall the program you received the error message?

Please do this.

===================================================

Uninstalling/Reinstalling a Device Driver

----------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Display Adapters section by clicking + sign
  • Right click on the NVIDIA GeForce GT 630M, select Uninstall, then OK
  • Reboot your computer and your video drivers will be reinstalled automatically
  • Check your computer performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Kaspersky
  • Did the driver uninstall/reinstall properly?
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 24 August 2015 - 01:33 AM

Hello Gary

I am not sure why that particular version of Kasp did not take.  The company had sent me a link to the UK (ver. 15) but the US version (16) DID install correctly.  So apparently, the remover did what it was supposed to do.  However, the program causes some web pages to freeze when I want to scroll down.  I then have to hit refresh and it displays the page as if I DID scroll down.

 

I have an error 43 on the NVIDIA GeForce GT 630M. I was told by a tech from NVIDIA that the version may not be compatible with a hybrid.  I could not understand the response I got from them as follows:
Thank you for the update and I appreciate your efforts in troubleshooting the issue.
As per the provided info, I see that the notebook supports the Hybrid technology and unfortunately our driver is not compatible with the Hybrid notebook. I request you to kindly contact the laptop manufacturer to get the supporting display driver. If issue persists, then you would need to get the laptop tested and replaced based upon the warranty.

 

But the main thing I don't understand is that driver came with the computer and it worked fine - even with some of the later updates - but now with this update, I guess it is incompatible (??)

 

Please let me know if you want me to do the Uninstall Driver tasks you specified.  I first wanted to give you this info on the NVIDIA issue.

 

Thank you!

 



#10 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 24 August 2015 - 01:35 AM

By the way, what is Glance Networks??  This is something new on my computer.. never seen it before.



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 24 August 2015 - 10:12 AM

Greetings,

Glance Networks is related to screen sharing. Did you permit Kaspersky or someone else to remote into your computer?
 

I have an error 43 on the NVIDIA GeForce GT 630M.

Did you get this error when trying to uninstall the drivers?

You have both NVIDIA and Intel video drivers on your computer. Do you know anything about why you have both?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 24 August 2015 - 03:36 PM

Hi Gary
I haven't had anyone Glance my screen by sharing it in a long time.  Can I remove this?

I believe the sequence with the NVIDIA issue was that I discovered the driver to have a problem.  I don't often go into the Device Mgr like I used to with XP.  I realized that a newer driver was available.  I tried three times to install it (it appeared to be installed and then on restart it reverts back to same issue).  I still have that driver in Downloads, too.

I believe - but am not sure - that the Intel driver was automatically installed when the NVIDIA was uninstalled.  There have been a couple of times (especially coming out of Hibernation) where the screen doesn't even come back and I have to restart everything and loose my work.  Is it possible to go back to an earlier version of NVIDIA and turn off notifications of updating driver?  I do not game on this computer so I never understood why I even have any NVIDIA on it except for HP put it on during manufacturing.  Can I use just the Intel?  Is this the correct Intel for this laptiop?

Another behavior:  my keyboard (not mouse) keeps locking up at random times.  I used to have the anti-Keylogger program that Bleeping suggested but had issues like that and removed it (I had the Pro version).  I have wondered if remnants are left over if this is just another strange behavior I am having to deal with.

Thanks Gary.  I will wait for you to instruct.
 



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 24 August 2015 - 03:44 PM

When did you receive the Error 43 message with NVIDIA?

That model computer can come with either NVIDIA or Intel video drivers. Are you certain you first had NVIDIA drivers? Do you recall when you first went into Device Manager whether or not Intel was listed? It sounds like it was not but I need to make sure.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 shley

shley
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Local time:05:20 PM

Posted 24 August 2015 - 03:59 PM

According to the HP site [ http://support.hp.com/us-en/product/HP-ENVY-dv7-7200-Notebook-PC-series/5296050/model/5318936/drivers?lang=en&cc=us ]

the HP Envy dv7 7259nr video driver set is enclosed, for your review.

 

My big thing is I don't even know really what these things do exactly.  So I am assuming you need both, not one or the other.

 

Not sure about the Intel driver being installed, etc.

 

Enclosed screen shot of driver set for laptop.
 

Attached Files



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:20 PM

Posted 24 August 2015 - 04:02 PM

Yes, I am aware of that download page. Those are options, not a requirement for all of them. In fact you should only have one.

I still need to know when you received the Error 43 message for NVIDIA.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users