Computer running slower than normal when using CPU intensive programs [Archive]

arhunt

2015-09-02, 23:25

Hello, I've been having issues with the speed of my computer. It is mostly apparent when I use programs that use a lot of computer power such as photoshop, indesign, and CAD programs. Many times I will get a "not responding" message at the top and will have to wait for the program to respond again to do anything. I would appreciate any help that is available.

Here is my FRST scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Adam (administrator) on ADAMSPC (02-09-2015 15:48:46)
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & Administrator (Available Profiles: Adam & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Genie9) C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe
() C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv52.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Genie9) C:\Program Files\Genie9\Genie Timeline\GenieTimeLineAgent.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
(Spotify Ltd) C:\Users\Adam\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CC 2014\InDesign.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-10-31] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LaCie Desktop Manager Launcher] => "C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2014-01-05] (NCSOFT Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-26] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Adam\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Google Update] => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-27] (Google Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIEE.EXE [283232 2012-09-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Spotify Web Helper] => C:\Users\Adam\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-31] (Spotify Ltd)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Dropbox Update] => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-09-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-09-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-09-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-04-17]
ShortcutTarget: Download.lnk -> C:\ProgramData\{e226f045-0ae7-9727-e226-6f0450aec114}\Download.exe (No File)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-06-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 128.101.101.101 134.84.84.84
Tcpip\..\Interfaces\{94757D7B-B77B-4F3D-9926-E5C4586EFACF}: [DhcpNameServer] 128.101.101.101 134.84.84.84
Tcpip\..\Interfaces\{A1751B12-4D9D-4E9C-BADD-7F00C39923B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{A9B0C7B0-17A6-4344-8D90-419623D0E56D}: [DhcpNameServer] 128.101.101.101 134.84.84.84

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={07C43358-0585-466B-A48E-4751AB5C71FD}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-28 21:14:38&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {D6456964-ED0E-45F5-8C66-B43E0A2CF678} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D6456964-ED0E-45F5-8C66-B43E0A2CF678} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={07C43358-0585-466B-A48E-4751AB5C71FD}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-28 21:14:38&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {D6456964-ED0E-45F5-8C66-B43E0A2CF678} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
Toolbar: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-06-07] ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @my.com/Games -> C:\Users\Adam\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-20] (My.com, Inc)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @talk.google.com/O1DPlugin -> C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-10-29] (Google)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-03-15] ()
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-10-29] (Google)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://searchou.com/?id=82b8f7f5000000000000b8763f88d3fa","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=7891EB9A35DAD211D16AFF51F1793A24","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=85E4FFFCA44D3CF9EAD16E524125EDF7","hxxp://mysearch.avg.com?cid={861F012C-367A-401E-937A-5F994EECC036}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 13:18:09&v=18.1.0.443&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={861F012C-367A-401E-937A-5F994EECC036}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 13:18:09&v=18.1.7.598&pid=safeguard&sg=&sap=hp","https://mysearch.avg.com?cid={861F012C-367A-401E-937A-5F994EECC036}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 13:18:09&v=18.1.9.786&pid=safeguard&sg=&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-08]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-08]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-08]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-08]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-08]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-08]
CHR Extension: (AdBlock) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-08]
CHR Extension: (Website Logon) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanflfepiobnpjbljmngfgegijhdpljm [2015-01-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-08]
CHR Extension: (My Chrome Theme) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-01-08]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-08]
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-03]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Website Logon) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kanflfepiobnpjbljmngfgegijhdpljm [2015-02-03]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-03]
CHR Extension: (Lavasoft NewTab) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-03]
CHR HKLM-x32\...\Chrome\Extension: [kanflfepiobnpjbljmngfgegijhdpljm] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-08-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)
R2 GenieTimelineService; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [662104 2012-09-16] (Genie9)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [1379840 2012-10-10] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MatLocalLicenceServer50; C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe [36864 2010-03-16] () [File not signed]
R2 MatLocalLicenceServer52; C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv52.exe [475136 2010-03-16] () [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-13] (Robert McNeel & Associates)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2010-11-15] (Pharos Systems International) [File not signed]
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-10-31] (IDT, Inc.) [File not signed]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-08] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-26] (AVG Secure Search)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-26] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [287208 2015-05-27] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-26] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-24] (GFI Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-03-20] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-31] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-09-01] ()
U3 aswVmm; C:\Users\Adam\AppData\Local\Temp\aswVmm.sys [224896 2015-09-02] ()
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
U3 aswMBR; \??\C:\Users\Adam\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 15:48 - 2015-09-02 15:49 - 05198336 _____ (AVAST Software) C:\Users\Adam\Downloads\aswMBR.exe
2015-09-02 15:48 - 2015-09-02 15:48 - 00045522 _____ C:\Users\Adam\Desktop\FRST.txt
2015-09-02 15:46 - 2015-09-02 15:46 - 00037454 _____ C:\Users\Adam\Downloads\FRST.txt
2015-09-02 15:45 - 2015-09-02 15:48 - 00000000 ____D C:\FRST
2015-09-02 15:44 - 2015-09-02 15:44 - 02188800 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2015-09-02 15:44 - 2015-09-02 15:44 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ADAMSPC-Windows-8.1-(64-bit).dat
2015-09-02 15:43 - 2015-09-02 15:43 - 00002258 _____ C:\Users\Adam\Desktop\Tweaking.com - Registry Backup.lnk
2015-09-02 15:43 - 2015-09-02 15:43 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-09-02 15:43 - 2015-09-02 15:43 - 00000000 ____D C:\RegBackup
2015-09-02 15:43 - 2015-09-02 15:43 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-09-02 15:41 - 2015-09-02 15:41 - 04687184 _____ (Tweaking.com) C:\Users\Adam\Downloads\tweaking.com_registry_backup_setup.exe
2015-09-02 11:16 - 2015-09-02 11:16 - 00001522 _____ C:\Users\Adam\Desktop\Projects (w2k07) - Shortcut.lnk
2015-09-02 11:04 - 2015-09-02 11:04 - 00002695 _____ C:\Users\Adam\Desktop\PSF's for active projects - Shortcut.lnk
2015-09-01 19:21 - 2015-09-01 19:21 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 13:55 - 2015-09-01 13:55 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-08-28 08:38 - 2015-08-28 09:58 - 00000000 ____D C:\Users\Adam\Documents\GNC Work
2015-08-23 21:00 - 2015-08-23 21:01 - 02907968 _____ (Cisco Systems, Inc.) C:\Users\Adam\Downloads\anyconnect-win-3.1.00495-web-deploy-k9 (1).exe
2015-08-23 19:51 - 2015-08-23 19:51 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Sun
2015-08-23 19:51 - 2015-08-23 19:51 - 00000000 ____D C:\Users\Adam\.oracle_jre_usage
2015-08-23 19:49 - 2015-08-23 19:49 - 00584288 _____ (Oracle Corporation) C:\Users\Adam\Downloads\chromeinstall-8u60.exe
2015-08-23 19:44 - 2015-08-23 19:46 - 00001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Cisco AnyConnect Secure Mobility Client.lnk
2015-08-23 19:44 - 2015-08-23 19:44 - 00000000 ____D C:\Users\Adam\AppData\Local\Cisco
2015-08-23 19:44 - 2015-08-23 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-23 19:44 - 2015-08-23 19:44 - 00000000 ____D C:\ProgramData\Cisco
2015-08-23 19:44 - 2012-08-03 14:38 - 00107432 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2015-08-23 19:42 - 2015-08-23 19:42 - 02907968 _____ (Cisco Systems, Inc.) C:\Users\Adam\Downloads\anyconnect-win-3.1.00495-web-deploy-k9.exe
2015-08-23 19:02 - 2015-08-23 19:02 - 00001436 _____ C:\Users\Adam\Downloads\launch (1).ica
2015-08-23 19:00 - 2015-08-23 19:00 - 00001436 _____ C:\Users\Adam\Downloads\launch.ica
2015-08-23 18:53 - 2015-08-23 18:53 - 46664016 _____ (Citrix Systems, Inc.) C:\Users\Adam\Downloads\CitrixReceiver (1).exe
2015-08-23 18:51 - 2015-08-23 18:52 - 05464104 _____ (TeamViewer) C:\Users\Adam\Downloads\TeamViewerQS_en-idchpk6uhd.exe
2015-08-21 20:19 - 2015-08-21 20:21 - 159609586 _____ C:\Users\Adam\Downloads\CMK Sort 0815.zip
2015-08-20 08:53 - 2015-08-20 08:53 - 28024201 _____ C:\Users\Adam\Desktop\DSC_6097.psd
2015-08-19 09:09 - 2015-08-28 11:09 - 00000000 ____D C:\Users\Adam\Desktop\Large Decor Tree
2015-08-18 20:38 - 2015-08-10 20:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-18 20:38 - 2015-08-10 19:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-14 21:22 - 2015-08-14 15:21 - 18884698 _____ C:\Users\Adam\Desktop\DSC_0587.NEF
2015-08-13 20:06 - 2015-07-30 09:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 20:06 - 2015-07-30 08:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:50 - 2015-07-18 20:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 21:50 - 2015-07-18 13:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 21:50 - 2015-07-18 13:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 21:50 - 2015-07-18 13:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 21:50 - 2015-07-18 13:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 21:50 - 2015-07-18 13:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 21:50 - 2015-07-18 13:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 21:50 - 2015-07-18 13:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 21:50 - 2015-07-18 13:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 21:50 - 2015-07-18 13:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 21:50 - 2015-07-18 13:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 21:50 - 2015-07-18 13:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 21:50 - 2015-06-09 13:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 21:49 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 21:49 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 21:49 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 21:49 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 21:49 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 21:49 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 21:49 - 2015-07-16 14:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 21:49 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 21:49 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 21:49 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 21:49 - 2015-07-16 14:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 21:49 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 21:49 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 21:49 - 2015-07-16 14:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 21:49 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 21:49 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 21:49 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 21:49 - 2015-07-16 14:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 21:49 - 2015-07-16 14:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 21:49 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 21:49 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 21:49 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 21:49 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 21:49 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 21:49 - 2015-07-16 13:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 21:49 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 21:49 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 21:49 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 21:49 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 21:47 - 2015-07-15 19:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 21:47 - 2015-07-15 19:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 21:47 - 2015-07-15 19:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 21:47 - 2015-07-15 19:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 21:47 - 2015-07-10 12:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 21:46 - 2015-08-16 22:24 - 00000000 ____D C:\Users\Adam\Desktop\Temp Raw
2015-08-11 21:46 - 2015-07-28 18:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 21:46 - 2015-07-28 09:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 21:46 - 2015-07-07 04:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 21:46 - 2015-07-07 04:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 21:46 - 2015-07-07 04:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 21:46 - 2015-07-01 17:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 21:46 - 2015-07-01 17:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 21:46 - 2015-07-01 16:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 21:46 - 2015-07-01 16:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 21:46 - 2015-06-12 12:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 21:46 - 2015-06-12 11:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 21:42 - 2015-07-13 14:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 21:42 - 2015-07-13 14:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 21:41 - 2015-07-29 09:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 21:41 - 2015-07-29 09:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 21:41 - 2015-07-29 09:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 21:41 - 2015-07-24 13:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 21:41 - 2015-07-24 13:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 21:41 - 2015-07-24 13:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 21:41 - 2015-07-24 12:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 21:41 - 2015-07-24 12:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 21:41 - 2015-07-14 16:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 21:41 - 2015-07-14 16:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 21:41 - 2015-07-14 16:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 21:41 - 2015-07-13 22:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 21:41 - 2015-07-13 22:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 21:41 - 2015-07-10 13:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 21:41 - 2015-07-10 12:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 21:41 - 2015-07-10 12:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 21:41 - 2015-07-10 12:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 21:41 - 2015-07-10 11:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 21:41 - 2015-07-10 11:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 21:41 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 21:41 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 21:41 - 2015-07-09 11:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 21:41 - 2015-06-11 15:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 21:41 - 2015-06-11 15:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 21:41 - 2015-05-11 19:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-09 14:17 - 2015-08-09 14:17 - 00000000 _____ C:\Users\Adam\Desktop\RhinoCrashDump.dmp
2015-08-09 11:54 - 2015-08-09 11:54 - 00000000 ____D C:\Users\Adam\Desktop\Temp LIghtroom FOlder
2015-08-09 10:41 - 2015-08-09 10:41 - 00293160 _____ C:\WINDOWS\Minidump\080915-80125-01.dmp
2015-08-09 10:38 - 2015-08-09 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-09 10:38 - 2015-08-09 10:38 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 17:41 - 2015-08-03 17:41 - 00000000 ____D C:\Users\Adam\AppData\Local\CEF
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-08-03 11:01 - 2015-08-03 11:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\GWX
2015-08-03 09:03 - 2015-08-03 09:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple
2015-08-03 08:36 - 2015-08-03 08:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 15:49 - 2013-07-01 11:15 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968669950-148750945-1168380495-1003
2015-09-02 15:48 - 2013-10-30 00:52 - 01135450 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-02 15:37 - 2014-03-03 22:48 - 00000000 ___RD C:\Users\Adam\Dropbox
2015-09-02 15:37 - 2014-03-03 22:41 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Dropbox
2015-09-02 15:26 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-02 13:14 - 2015-06-26 20:02 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job
2015-09-02 13:04 - 2014-01-27 15:14 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job
2015-09-02 12:07 - 2013-11-08 10:33 - 00000000 ____D C:\Users\Adam\AppData\Local\E2E1B42E-7A12-428C-B05C-ABF1D7DC2B86.aplzod
2015-09-02 10:49 - 2014-08-26 22:23 - 00000000 ____D C:\Users\Adam\Documents\Youcam
2015-09-02 10:27 - 2014-05-23 11:43 - 00000000 ____D C:\ProgramData\MFAData
2015-09-02 10:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-01 23:19 - 2013-07-01 10:54 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14320D0E-7DF9-4C2F-88FD-822B4338E7D1}
2015-09-01 22:56 - 2015-07-17 21:52 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Curse Client
2015-09-01 22:04 - 2014-01-27 15:14 - 00000868 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job
2015-09-01 14:48 - 2013-09-29 23:04 - 00958356 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 14:44 - 2015-07-27 22:54 - 00000269 _____ C:\WINDOWS\system32\deviceAppeared.txt
2015-09-01 14:44 - 2015-07-27 22:54 - 00000002 _____ C:\WINDOWS\system32\devicelist.txt
2015-09-01 14:44 - 2015-07-27 22:54 - 00000002 _____ C:\WINDOWS\system32\devicealertlist.txt
2015-09-01 13:55 - 2015-03-10 14:25 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-09-01 13:55 - 2015-02-06 20:42 - 00000000 ____D C:\Users\Adam\AppData\Local\LogMeIn Hamachi
2015-09-01 13:54 - 2013-08-22 09:46 - 00403605 _____ C:\WINDOWS\setupact.log
2015-09-01 13:53 - 2013-09-29 22:55 - 00785340 _____ C:\WINDOWS\PFRO.log
2015-09-01 13:53 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-01 13:52 - 2013-08-22 08:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-09-01 01:00 - 2013-10-07 18:22 - 00000000 ____D C:\Users\Adam\AppData\Local\Spotify
2015-08-31 23:18 - 2013-10-07 18:21 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Spotify
2015-08-28 14:08 - 2013-08-28 10:42 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 14:08 - 2013-08-28 10:42 - 00003658 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 14:08 - 2013-08-28 10:42 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 14:08 - 2013-08-28 10:42 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 11:05 - 2014-10-31 00:28 - 00000033 _____ C:\Users\Adam\AppData\Roaming\AdobeWLCMCache.dat
2015-08-28 10:13 - 2015-06-26 20:02 - 00000878 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job
2015-08-28 08:38 - 2013-08-28 06:19 - 00000000 ____D C:\Users\Adam\AppData\Local\Adobe
2015-08-26 21:58 - 2015-02-28 22:14 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-08-26 21:58 - 2015-02-28 22:13 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-26 19:48 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-24 12:09 - 2015-06-21 21:31 - 00000000 ____D C:\Users\Adam\AppData\Roaming\ICAClient
2015-08-23 21:26 - 2013-09-24 00:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Ad-Aware Antivirus
2015-08-23 21:07 - 2014-11-23 13:07 - 00000000 __SHD C:\Users\Adam\AppData\Local\EmieBrowserModeList
2015-08-23 21:07 - 2014-10-21 00:17 - 00000000 __SHD C:\Users\Adam\AppData\Local\EmieUserList
2015-08-23 21:07 - 2014-10-21 00:17 - 00000000 __SHD C:\Users\Adam\AppData\Local\EmieSiteList
2015-08-23 19:52 - 2014-04-10 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-23 19:52 - 2014-04-10 22:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-23 19:51 - 2014-04-10 22:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-23 19:51 - 2013-10-30 00:57 - 00000000 ____D C:\Users\Adam
2015-08-23 19:44 - 2014-03-20 11:36 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-08-23 18:58 - 2015-06-21 21:31 - 00001688 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-08-23 18:58 - 2015-06-21 21:28 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-08-23 18:56 - 2015-06-21 21:30 - 00000000 ____D C:\ProgramData\Citrix
2015-08-23 12:00 - 2013-09-24 00:41 - 00001875 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-08-22 23:38 - 2014-04-01 10:21 - 00003156 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAdam
2015-08-22 23:38 - 2014-04-01 10:21 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAdam.job
2015-08-20 14:49 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-20 14:38 - 2013-09-12 18:11 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-16 13:50 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 07:53 - 2013-08-22 09:44 - 05123192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 07:50 - 2013-10-04 22:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 07:50 - 2013-10-04 22:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 20:09 - 2013-08-30 18:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 20:05 - 2013-10-04 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 20:01 - 2013-08-28 23:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 19:43 - 2013-08-28 23:47 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 19:35 - 2014-12-10 23:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 19:35 - 2014-07-09 21:03 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-13 19:29 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 19:29 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 18:37 - 2015-07-20 19:00 - 00000000 ____D C:\Users\Adam\AppData\Local\MyComGames
2015-08-10 20:49 - 2015-03-07 17:58 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-08-09 10:52 - 2014-05-23 11:47 - 00000988 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2015-08-09 10:41 - 2013-12-01 16:40 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-09 10:40 - 2013-09-04 19:34 - 592483420 _____ C:\WINDOWS\MEMORY.DMP
2015-08-09 10:38 - 2015-02-06 20:41 - 00000945 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-08 10:54 - 2013-07-01 10:53 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
2015-08-08 08:55 - 2015-07-16 18:14 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 08:55 - 2015-07-16 18:14 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-03 19:30 - 2015-07-30 13:02 - 00012603 _____ C:\WINDOWS\SysWOW64\debug.log
2015-08-03 11:09 - 2013-10-30 03:49 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-03 11:05 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-03 09:40 - 2013-06-29 08:04 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968669950-148750945-1168380495-500
2015-08-03 07:56 - 2015-07-30 12:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-08-03 07:14 - 2015-07-30 13:02 - 00000351 _____ C:\prefs.js

==================== Files in the root of some directories =======

2013-11-02 00:06 - 2014-03-30 14:00 - 0000132 _____ () C:\Users\Adam\AppData\Roaming\Adobe GIF Format CC Prefs
2014-03-30 14:00 - 2014-05-11 19:15 - 0000132 _____ () C:\Users\Adam\AppData\Roaming\Adobe PNG Format CC Prefs
2014-10-31 00:28 - 2015-08-28 11:05 - 0000033 _____ () C:\Users\Adam\AppData\Roaming\AdobeWLCMCache.dat
2014-09-21 17:30 - 2014-09-21 17:30 - 0000112 _____ () C:\Users\Adam\AppData\Roaming\JP2K CS6 Prefs
2015-02-15 23:07 - 2015-02-15 23:07 - 0000028 _____ () C:\Users\Adam\AppData\Roaming\kulerdata.json
2014-04-08 20:26 - 2014-04-08 20:26 - 0000054 _____ () C:\ProgramData\.bf45c81f8dc8abfeecf09.dat
2013-08-29 22:48 - 2013-08-29 22:48 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\ProgramData\.bf45c81f8dc8abfeecf09.dat

Some files in TEMP:
====================
C:\Users\Adam\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll
C:\Users\Adam\AppData\Local\Temp\Extract.exe
C:\Users\Adam\AppData\Local\Temp\ICReinstall_JavaPlatformSESetup-23591503.exe
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-50-g402ee87-b2959jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Spigot-1642.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1046-gfee8f92-b1152jnks.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1067-g6301507-b1185jnks.dll
C:\Users\Adam\AppData\Local\Temp\riftuninstall.exe
C:\Users\Adam\AppData\Local\Temp\sp64126.exe
C:\Users\Adam\AppData\Local\Temp\SP65168.exe
C:\Users\Adam\AppData\Local\Temp\SP65755.exe
C:\Users\Adam\AppData\Local\Temp\SP65782.exe
C:\Users\Adam\AppData\Local\Temp\SP65792.exe
C:\Users\Adam\AppData\Local\Temp\SP65793.exe
C:\Users\Adam\AppData\Local\Temp\SP66941.exe
C:\Users\Adam\AppData\Local\Temp\SP68376.exe
C:\Users\Adam\AppData\Local\Temp\SP69886.exe
C:\Users\Adam\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Adam\AppData\Local\Temp\UninstallHPSA.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD.

LastRegBack: 2015-09-01 21:10

==================== End of FRST.txt ============================

Here is the Addition scan:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Adam (2015-09-02 15:52:48)
Running from C:\Users\Adam\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Adam (S-1-5-21-3968669950-148750945-1168380495-1003 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-3968669950-148750945-1168380495-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3968669950-148750945-1168380495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3968669950-148750945-1168380495-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Lavasoft Ad-Aware (Disabled - Out of date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Disabled - Out of date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM-x32\...\{944167EA-7F89-4705-8DCD-1D63B53141B0}) (Version: 10.5.3.4405 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.4.0.1 - Lavasoft)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.1.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.1.0.070 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Akamai) (Version: - Akamai Technologies, Inc)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AutoCAD Architecture 2014 - English (Version: 7.5.17.0 - Autodesk) Hidden
AutoCAD Architecture 2014 Language Pack - English (Version: 7.5.17.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD Architecture 2014 - English (HKLM\...\AutoCAD Architecture 2014 - English) (Version: 7.5.17.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit 2014 (HKLM\...\Autodesk Revit 2014) (Version: 13.07.22211 - Autodesk)
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4830 - AVG Technologies)
AVG 2014 (Version: 14.0.4365 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4830 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.6.294 - AVG Technologies)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
calibre (HKLM-x32\...\{4A7785E7-924F-4938-98C6-B08F2DAA0961}) (Version: 2.16.0 - Kovid Goyal)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.3.0.5014 - Citrix Systems, Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3603 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Dropbox (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Flamingo nXt (HKLM\...\{030BC8B6-1880-4129-911A-51DA3B60A16A}) (Version: 3.1.2012.0928 - Robert McNeel & Associates)
Flamingo nXt en-us Language Pack (HKLM-x32\...\{BC09FE5C-A554-4102-9501-C352D6A3BE36}) (Version: 3.1.2012.0928 - Robert McNeel & Associates)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 3.0 - Genie9)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Horizon v2.7.6.7 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.7 - Daring Development Inc.)
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{7F265322-43A2-4C06-925B-F32F938B102C}) (Version: 1.3.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
LaCie Desktop Manager 1.5.5 (HKLM\...\{3845209F-142E-4F48-B61A-AA34D2DB54BB}_is1) (Version: 1.5.5 - LaCie)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LightUp v3.2c DEMO (HKLM-x32\...\{D8039534-AD4D-4806-A36C-14EF5CA18AC7}) (Version: 3.2.2 - Billyard Enterprises)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOK) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My.com Game Center (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\MyComGames) (Version: 3.138 - My.com B.V.)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.3.0.5014 - Citrix Systems, Inc.) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pharos (HKLM-x32\...\Pharos) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revit 2014 (Version: 13.07.22211 - Autodesk) Hidden
Revit 2014 Language Pack - English (Version: 13.07.22211 - Autodesk) Hidden
Rhinoceros 5 (64-bit) (HKLM\...\{257F3E7F-464C-4117-A498-D4DACACD066F}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{26F01D2A-ED37-481D-AF6C-E673B07C6B9D}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{27558713-19E6-44D7-ACC7-D4D721CCBE94}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (en-US) (HKLM-x32\...\{DEA335DF-85A0-4079-A3C8-4E49920E1B9D}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Sculptris Alpha 6 (HKLM-x32\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
Sculptris Alpha 6 (x32 Version: 0.6 - Pixologic) Hidden
Self-service Plug-in (x32 Version: 4.3.0.8352 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.1 - PcWinTech.com)
SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
SketchyPhysics3.1 (HKLM-x32\...\SketchyPhysics3.1_is1) (Version: - )
skyforge_mycom (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\skyforge_mycom) (Version: 1.28 - My.com B.V.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.2.0 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
VELUX Daylight Visualizer 2.8 (HKLM-x32\...\VELUX Daylight Visualizer) (Version: 2.8 - VELUX)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

13-08-2015 19:21:50 Windows Update
18-08-2015 20:37:24 Windows Update
23-08-2015 19:43:07 Installed Cisco AnyConnect Secure Mobility Client

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {196D98C0-51AB-418D-9F12-B3D568D7AEA7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {1F20CA3E-531E-47ED-B6A9-5C7B24A396EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1FFCF4A1-CFF8-4D38-9BD6-9BE1E3DE7DED} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {2914B2AD-070C-4CDE-ADFB-6C0DAF06A965} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {41137394-57E5-4D34-BDC5-95BB5D5A1A2F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {4F49D5ED-B9FB-47CD-B734-9A48ACB2D9E5} - System32\Tasks\AdobeAAMUpdater-1.0-AdamsPC-Adam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {5145B77B-BDB4-4D14-9CBA-D0C9D2C8A0A1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2013-12-03] (CyberLink Corp.)
Task: {55102A7A-70DC-4DB8-9054-1B9E7A182CDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {57240613-017B-4DD9-9DA2-0B3048F4980D} - System32\Tasks\{F1628CC6-9C5D-4106-952A-E724CB6ED158} => pcalua.exe -a "C:\Users\Adam\Downloads\sp58587 (1).exe" -d C:\Users\Adam\Downloads
Task: {5C9B141E-FBB9-43A6-9B53-87AFFCCD05A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {606FCAB8-693C-4D30-8FAA-17DBACCCDA27} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {62CBCFDD-DE13-4DA5-80F8-D2754B08703D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN19H343PN => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {7881874D-D432-442D-A179-97E711943B39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C08E103-3013-4472-91B3-952BCAEAE286} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {86275380-5FCC-4E20-8688-03F83DA8D3DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {916E9E45-15AC-42DB-8DB3-7C74F650FF6B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {925A9448-CB12-4810-BAB3-6DD3F280AB39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-13] (Microsoft Corporation)
Task: {95082FFD-423C-4DF7-8E10-925400C9902D} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-06-13] (Lavasoft Limited)
Task: {9AB5BE69-B3B1-428A-9593-3547EA27E462} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-31] (Synaptics Incorporated)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {AC113A5E-F319-415E-B55B-587D9C8A8827} - System32\Tasks\HPCeeScheduleForAdam => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C1AEDF45-C860-477E-AAF0-209FF6640FAA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN29D4RHXJ => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {C2B79EC9-67AD-4F85-9959-262D3D9E6653} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {C631D143-87A0-44A5-8961-11DC46BB488C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {D3C75F3F-5BB8-4C07-9704-BE809ECF7CFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {E458D842-2ED9-484C-8BFC-A1F977D454C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {F02897D7-56CB-4E4C-9686-722632BFBB29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN266C21MR05RB => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {F0E17D94-8C66-4BA3-9920-D77354EDFE00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {F17DEF2D-A83C-4143-92C5-798B7B38B2EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {F1EB4546-E3AA-47DA-8F99-EC0A86554556} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {F6581D36-DA03-49AF-AF12-0CB1D3D41E16} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAdam.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2015-02-28 22:13 - 2015-08-26 21:58 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2012-09-10 09:29 - 2012-09-10 09:29 - 00332800 _____ () C:\Program Files\Genie9\Genie Timeline\OnlineHandler.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00045568 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogging.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00488960 _____ () C:\Program Files\Genie9\Genie Timeline\GSIndexDB.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00087040 _____ () C:\Program Files\Genie9\Genie Timeline\QueueManager.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00708608 _____ () C:\Program Files\Genie9\Genie Timeline\GSBackupManager.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00205824 _____ () C:\Program Files\Genie9\Genie Timeline\Settings.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00343552 _____ () C:\Program Files\Genie9\Genie Timeline\GSWatcher4.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00058368 _____ () C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.dll
2012-02-02 04:16 - 2012-02-02 04:16 - 00740864 _____ () C:\Program Files\Genie9\Genie Timeline\sqlite3.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00011264 _____ () C:\Program Files\Genie9\Genie Timeline\RWLock.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00054784 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogManager.dll
2012-02-02 04:16 - 2012-02-02 04:16 - 00010752 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00089600 _____ () C:\Program Files\Genie9\Genie Timeline\GSEncryption.dll
2012-02-02 04:16 - 2012-02-02 04:16 - 00031232 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_W2K3.dll
2013-02-13 12:35 - 2013-02-13 12:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 12:35 - 2013-02-13 12:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-07-27 22:53 - 2012-10-10 16:50 - 01379840 _____ () C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
2010-03-16 10:22 - 2010-03-16 10:22 - 00036864 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe
2010-03-16 10:22 - 2010-03-16 10:22 - 00475136 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv52.exe
2013-03-19 16:21 - 2013-03-19 16:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-08-26 21:58 - 2015-08-26 21:58 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
2013-09-05 02:36 - 2014-09-13 18:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-06-29 06:23 - 2014-09-13 16:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00063488 _____ () C:\Program Files\Genie9\Genie Timeline\XBalloonMsgDll.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00093696 _____ () C:\Program Files\Genie9\Genie Timeline\GSCurl.dll
2013-09-02 11:53 - 2014-08-19 14:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-06-07 05:16 - 2013-06-07 05:16 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00266432 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASKLib.dll
2014-05-02 13:12 - 2014-09-26 17:42 - 00095424 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASLSupport.dll
2014-05-02 13:12 - 2014-09-26 17:42 - 00263360 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\AdamLib.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00073408 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\unihan.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-02-28 22:14 - 2015-08-26 21:58 - 03175312 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2014-09-03 12:55 - 2014-09-03 12:55 - 00815104 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
2012-08-03 14:53 - 2012-08-03 14:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-16 10:17 - 2010-03-16 10:17 - 00339968 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\MatBase.14.00.dll
2010-03-16 10:13 - 2010-03-16 10:13 - 00061440 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\_MatDll.14.00.dll
2010-03-16 10:17 - 2010-03-16 10:17 - 00319488 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\MatSAX.14.00.dll
2010-03-16 10:15 - 2010-03-16 10:15 - 00102400 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\MatResString.14.01.dll
2015-08-26 21:58 - 2015-08-26 21:58 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\log4cplusU.dll
2013-11-18 18:30 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-11-18 18:30 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-11-18 18:30 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-11-18 18:30 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-11-18 18:30 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-24 00:45 - 2014-03-07 10:57 - 00190752 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2013-09-24 00:45 - 2014-03-07 10:57 - 00178464 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2013-06-29 06:24 - 2013-01-14 13:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-02-28 22:14 - 2015-08-26 21:58 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
2015-08-20 20:08 - 2015-08-18 00:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-20 20:08 - 2015-08-18 00:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2014-07-30 01:00 - 2014-09-13 18:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-16 17:35 - 2013-08-05 02:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-08-20 20:08 - 2015-08-18 00:23 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
2015-09-02 15:36 - 2015-09-02 15:36 - 00071168 _____ () c:\users\adam\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll
2015-07-24 22:18 - 2015-08-05 00:26 - 00012800 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-24 22:18 - 2015-08-05 00:26 - 00779776 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 08:22 - 2015-08-05 00:26 - 00056320 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-24 22:18 - 2015-08-05 00:26 - 00012288 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 128.101.101.101 - 134.84.84.84
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Antivirus"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Browsing Protection"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "BambooCore"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "NCUpdateHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C9DAB3D4-B2BF-419D-B12E-941B182E52F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{881F5F24-22CE-4D9F-8C95-EA5B1DD4A534}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [UDP Query User{5B732F55-21A0-470F-9F2E-7C61AA0C448A}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1653E80F-ADC2-4966-A76E-81709FB8837B}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E052FE34-CC6F-46F2-88CC-913B9B7E253B}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [{8824DD18-48E3-4A20-B0D7-14C70CF2C568}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [UDP Query User{A751B0B9-6559-4EE7-8D8D-F73147230E5D}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{9A861570-4950-4F82-A1AC-2E1E75761EFC}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D1D9F781-7231-4809-A05B-98AC1C9ABBC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{BE5FA6AC-5E76-4634-863C-64602F2568B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{284D02D5-B8D4-462A-8E89-B0C89422641E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12FAF684-D16F-4E5F-8FB2-3271D1E7BE84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{2B06E800-9233-454C-ABE4-F5F305C7B884}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{C0D74687-FC51-40F3-A5C6-224CA82B2095}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A51ADFF1-A840-4EA2-9444-D21DC85BD591}] => (Allow) LPort=50248
FirewallRules: [{3242AE26-6293-4746-82C8-29F286F05D5D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{273CA2C2-F782-4B28-A68F-862F05F02E0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7711178-8887-4E26-A83F-D36107E8B336}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE74666C-0B46-4DD8-8911-6ADD0F5E55A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{11854B73-7C87-4B5A-A116-2DFEE3AAEF7A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7AB1DB7B-DFBF-4440-A549-966F132FD738}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3994FD5D-6540-4322-AA7D-6D0125F54A27}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{3BB4D7F6-1395-47F9-9E90-B68808D79510}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{37CF8AC5-D375-485B-B43E-B2E27540C940}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{BB6E8656-BA52-4617-93E5-5D60CE3528A5}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{5E651CF8-EA26-410C-BDD8-CFCC01E7E5F1}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{6B41DBA4-04B9-442E-8DB6-6BCD307D30B1}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{2686689A-8730-41D3-B302-66E4FBF94D16}] => (Allow) LPort=1900
FirewallRules: [{9DF35F11-666B-4078-AFD5-6BAA5E325CFD}] => (Allow) LPort=2869
FirewallRules: [{BE33DA41-C9B7-4839-857A-8906E463A592}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AA4A8F42-B364-406E-BEF2-7249735923D8}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{5F5434B0-436B-4617-AAD9-EE5E0CBCAFC2}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{933F3D3F-F438-4234-A243-5213EB1A93C2}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D4E79755-455B-46D5-8004-0E0A60775841}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{6EDAEE58-0E46-49B2-9DD1-85C447CEA26B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{24974FDE-93AC-4C46-80CF-3A5FA36088A6}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{28B1614C-3A35-4F80-9A42-232942E3AEB2}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{1A7FB150-E16C-4CE2-B73E-BF91872A69AC}] => (Allow) LPort=25565
FirewallRules: [{E6080BEA-7812-42FF-8F92-65E63DCF98EB}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{7051F02C-74EF-4B70-BB42-AB266F2044B3}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{584FF4BA-484E-45A7-B06C-F578A6BBAFA7}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{510732F0-ACAA-4FE4-88A7-C0FB65D0033D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{973AA044-0C98-4315-A472-99E08410C8C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{017EE512-4433-4806-AA6E-3E06D381B3BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{B3792719-A45A-4BF7-9603-A9B36AEE7926}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{3D704208-345A-44CB-9F66-59506BDC0F6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CAF0D213-0FF9-48A5-8466-23A8971CBF61}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A8297D09-15E6-4199-BCDC-1472BCAE05B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{ECC781EB-203F-4C62-8D84-1468503EA4E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{39548B58-6DE6-4467-AC6C-767097ED98C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{A0B4B87A-53DE-4434-B277-03FE4EBFCF00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [TCP Query User{C825423E-2B48-4F83-9AE6-E9AFFE600EA1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E0341F54-3223-4493-A5CB-9FE2618D50FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{C937D517-D138-4488-89A7-334A49CF22A0}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{4516D8F1-0B1E-4B76-8903-D7CB1C377B5B}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{2608F217-BD5C-4BE8-85FD-12F67BB11BAD}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Block) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{5FE5A847-D250-4448-8B7B-DC3D40DE208B}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Block) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{FA41D1A0-6CD5-4506-9EAF-24F7F8EDD2C8}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{511946BC-DD15-4BAA-84BC-3C502209A7D4}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{5BBEEFAA-47E3-43DD-A272-4F66C0C5B60C}] => (Allow) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EF11F6B8-A586-4994-9418-8223BCEEFA10}] => (Allow) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{985F41F5-D8B3-4639-97B6-C8C5E6C96F4F}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2CCB11BE-7C3B-4420-9219-5F7D269ED54D}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{59B9544E-2956-4372-B950-5314883B6FC8}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{2E0ABAE0-61C1-4945-BB42-E8E3D5A7E174}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{CB2D958A-9B8A-4DA9-9A44-57D4978C3E1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{31EB9B02-AABF-43D4-8D4B-0A7C7F3B17B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C36BCED9-FE42-4165-932E-3674DDB7F8E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{6299DB54-9EEC-4904-84FB-09D3D91AC795}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E853578C-E65D-4721-B6D5-2853D790CBC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{AFDCFAD3-750E-45E7-9EC5-243960401653}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2306D6AE-838B-4000-A637-19A524DC4FA5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CD6169CA-CD2B-4E4B-806C-79E02E16DBF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{455EC789-6EA7-4D21-B769-C4122960D05D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{73B4F947-88C7-4D79-A78B-345F8C38D07B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E59FE85A-E0EA-4EE8-84AA-8BA555A47B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{86323601-7463-4C92-AAD7-2284F010F86A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{F7863B8D-75D8-4E9A-A00B-010C89114BD5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{DE6FEB4E-A187-4FBB-80A7-3EF7480FF4D3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8768DEC5-1EC9-4740-8392-50607797D2B8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{9FE82F8F-6184-4F8E-9C9A-3A16046DD520}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{BB08D48A-3096-4F21-B96F-EE9AE375C9D3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E843B504-BE84-468D-A66C-06685C9A858F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{788D63B1-369D-4027-9E19-058C815D595F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{C5D155EA-3AFB-4512-8E52-23A62F913973}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A2A8899E-227C-4AC4-82F5-21256785633C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{AF5F1A8F-18AA-455B-BD8F-D421EFA839BC}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E25AC37A-1EB6-45F3-A2D4-52CCBB4A019E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{2A4DD080-A600-433D-9179-9F5932DF6924}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9881F4EC-5353-4671-8D76-A36C60846BF4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{659D39B0-5CFC-4E03-8EBF-5B3124AC646C}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{DED1452F-9A44-4F59-9386-61626E2D70E1}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{CD69EDBE-49A8-48BD-AA37-39E31206EC15}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{9F4AE983-526D-44DD-B9C2-4C4B6B80AD79}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{5DBA6808-F18C-4C16-9C84-7CFEA5744582}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{9AC715C0-A172-486F-A5AD-1B99399822B8}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{F95849F6-726E-480F-A000-39A3CC300962}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{5F398F04-ABE2-4417-9237-7C1E3F427322}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D5D8AD5F-3530-4AEA-9A0B-27D5DD009631}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8509E218-159D-4970-A36D-A486DB543A6E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{100E22D3-DD9D-442B-96F6-CC8A44D35375}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{17EEB77F-1A30-4AF4-B08C-6ECBC9F57117}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{2EDAC0EC-82F7-4684-9503-42449662F516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{35A7648B-6926-4029-8B9A-9EC908C47719}C:\users\adam\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{A3461CD5-AA22-4A13-9001-1BE686E7CEDB}C:\users\adam\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{F1BF2C03-51DB-484B-BE68-37FE906A342B}] => (Block) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{235B4959-5D28-4C2A-8A02-D9EFF4509C16}] => (Block) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{98AD9EDF-254B-429A-835A-6DDF6917BDA3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6ADF1136-5BEC-4957-824F-C9E81BEC0502}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{01797646-8DC3-43C2-86AD-763BC6418DE7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{35BC2D4B-7400-4A2B-BB11-9ABBDE5E3FC8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{00ED52CA-CA71-441A-A7BF-D189D091F388}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{25B3F3FA-0C9F-41B6-8D7D-C59DFD9765C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{B87494E4-CE40-4E7E-8534-95AA63178302}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{FC27F0DB-1156-4532-8412-38C95733AA42}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{517A1F1C-7FA4-4521-9E9A-FD6A7BE29DAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6BE99C1F-4CFE-4A34-A084-0C39B5419B12}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2015 01:25:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/02/2015 01:22:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6f4

Start Time: 01d0e5ab9aeaf8b1

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 8fa37704-519f-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (09/02/2015 01:16:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"1".
Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/02/2015 01:10:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 30c0

Start Time: 01d0e5a9e85c3e00

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: dc7b499a-519d-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 12199Asparion.AsparionClock_4.0.1.64_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

Error: (09/02/2015 12:52:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 34b8

Start Time: 01d0e5a76a065c71

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 5e0ba276-519b-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 12199Asparion.AsparionClock_4.0.1.64_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

Error: (09/02/2015 12:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1284

Start Time: 01d0e5a76a07bc28

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 5e0b7b66-519b-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 10631PaolosAdventures.GmailTouch_1.0.0.46_neutral__ntpp077zx3tm0

Faulting package-relative application ID: App

Error: (09/02/2015 12:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3148

Start Time: 01d0e5a76a083166

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 5e4d94a3-519b-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (09/02/2015 12:48:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version: 4.8.2.0, time stamp: 0x50d3fca7
Exception code: 0xc0000005
Fault offset: 0x00000000000265fe
Faulting process id: 0x2124
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (09/02/2015 10:35:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 30a0

Start Time: 01d0e5944fee60ee

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 4389b3e3-5188-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/02/2015 10:35:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 36d8

Start Time: 01d0e5944fddb041

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 437e94bf-5188-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 12199Asparion.AsparionClock_4.0.1.64_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

System errors:
=============
Error: (09/02/2015 03:26:01 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ANDREWSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A9B0C7B0-17A6-4344-8D90-419623D0E56D}.
The master browser is stopping or an election is being forced.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:37 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 12:07:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ANDREWSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A9B0C7B0-17A6-4344-8D90-419623D0E56D}.
The master browser is stopping or an election is being forced.

Microsoft Office:
=========================
Error: (08/30/2013 07:11:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1155 seconds with 240 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz
Percentage of memory in use: 51%
Total physical RAM: 8081.27 MB
Available physical RAM: 3924.92 MB
Total Virtual: 16273.27 MB
Available Virtual: 10732.87 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:671.64 GB) (Free:95.32 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.88 GB) (Free:2.57 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive z: () (Network) (Total:40960 GB) (Free:7278.54 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt ============================

Here is the aswMBR scan:

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-09-02 16:10:52
-----------------------------
16:10:52.893 OS Version: Windows x64 6.2.9200
16:10:52.893 Number of processors: 8 586 0x3A09
16:10:52.895 ComputerName: ADAMSPC UserName: Adam
16:10:54.916 Initialize success
16:10:54.919 VM: initialized successfully
16:10:54.921 VM: Intel CPU BiosDisabled
16:10:57.961 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003b
16:10:57.967 Disk 0 Vendor: HGST_HTS541075A9E680 JA2OA590 Size: 715404MB BusType: 11
16:10:58.134 Disk 0 MBR read successfully
16:10:58.138 Disk 0 MBR scan
16:10:58.142 Disk 0 unknown MBR code
16:10:58.146 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
16:10:58.306 Disk 0 scanning C:\WINDOWS\system32\drivers
16:11:32.487 Service scanning
16:12:26.505 Modules scanning
16:12:26.518 Disk 0 trace - called modules:
16:12:26.549 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys storport.sys hal.dll iaStorA.sys
16:12:26.557 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0018867c770]
16:12:26.897 3 CLASSPNP.SYS[fffff80177aea170] -> nt!IofCallDriver -> [0xffffe0018867c040]
16:12:26.906 5 hpdskflt.sys[fffff8017769142b] -> nt!IofCallDriver -> \Device\0000003b[0xffffe00186bf97f0]
16:12:26.914 Disk 0 statistics 126677/0/0 @ 1.83 MB/s
16:12:26.922 Scan finished successfully
16:13:43.074 Disk 0 MBR has been saved successfully to "C:\Users\Adam\Desktop\MBR.dat"
16:13:43.086 The log file has been saved successfully to "C:\Users\Adam\Desktop\aswMBR.txt"

Juliet

2015-09-04, 12:53

AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
AVG2014
[Ad-Aware Antivirus
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

Data displayed shows you have 2 antivirus running and active on the computer.
This causes multiple issues in performance. They will work against each other and also delay or stop the use of tools needed to remove malware.
Please make a decision which to keep and uninstall 1.

~~~~~~~~~~``

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShortcutTarget: Download.lnk -> C:\ProgramData\{e226f045-0ae7-9727-e226-6f0450aec114}\Download.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={07C43358-0585-466B-A48E-4751AB5C71FD}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-28 21:14:38&v=4.1.0.411&pid=wtu&sg=&sap=hp
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
Toolbar: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\ProgramData\.bf45c81f8dc8abfeecf09.dat
C:\Users\Adam\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll
C:\Users\Adam\AppData\Local\Temp\Extract.exe
C:\Users\Adam\AppData\Local\Temp\ICReinstall_JavaPlatformSESetup-23591503.exe
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-50-g402ee87-b2959jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Spigot-1642.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1046-gfee8f92-b1152jnks.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1067-g6301507-b1185jnks.dll
C:\Users\Adam\AppData\Local\Temp\riftuninstall.exe
C:\Users\Adam\AppData\Local\Temp\sp64126.exe
C:\Users\Adam\AppData\Local\Temp\SP65168.exe
C:\Users\Adam\AppData\Local\Temp\SP65755.exe
C:\Users\Adam\AppData\Local\Temp\SP65782.exe
C:\Users\Adam\AppData\Local\Temp\SP65792.exe
C:\Users\Adam\AppData\Local\Temp\SP65793.exe
C:\Users\Adam\AppData\Local\Temp\SP66941.exe
C:\Users\Adam\AppData\Local\Temp\SP68376.exe
C:\Users\Adam\AppData\Local\Temp\SP69886.exe
C:\Users\Adam\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Adam\AppData\Local\Temp\UninstallHPSA.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
https://forums.spybot.info/showthread.php?72711-Computer-running-slower-than-normal-when-using-CPU-intensive-programs
EmptyTemp:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~~`

http://i.imgur.com/BY4dvz9.png AdwCleaner

Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) and save the file to your Desktop.
Right-Click AdwCleaner.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[SX].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[SX].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

http://imageshack.us/a/img841/7292/thisisujrt.gif
Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/)
or from here http://downloads.malwarebytes.org/file/jrt
to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

~~~~~~~~~~~~~~`
please post
Fixlog.txt
AdwCleaner[CX].txt
JRT.txt

arhunt

2015-09-08, 06:50

Hello, thank you for the help,

Here is the Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:07-09-2015
Ran by Adam (2015-09-07 17:25:10) Run:1
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam (Available Profiles: Adam & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShortcutTarget: Download.lnk -> C:\ProgramData\{e226f045-0ae7-9727-e226-6f0450aec114}\Download.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={07C43358-0585-466B-A48E-4751AB5C71FD}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-28 21:14:38&v=4.1.0.411&pid=wtu&sg=&sap=hp
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
Toolbar: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\ProgramData\.bf45c81f8dc8abfeecf09.dat
C:\Users\Adam\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll
C:\Users\Adam\AppData\Local\Temp\Extract.exe
C:\Users\Adam\AppData\Local\Temp\ICReinstall_JavaPlatformSESetup-23591503.exe
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-50-g402ee87-b2959jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Spigot-1642.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1046-gfee8f92-b1152jnks.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1067-g6301507-b1185jnks.dll
C:\Users\Adam\AppData\Local\Temp\riftuninstall.exe
C:\Users\Adam\AppData\Local\Temp\sp64126.exe
C:\Users\Adam\AppData\Local\Temp\SP65168.exe
C:\Users\Adam\AppData\Local\Temp\SP65755.exe
C:\Users\Adam\AppData\Local\Temp\SP65782.exe
C:\Users\Adam\AppData\Local\Temp\SP65792.exe
C:\Users\Adam\AppData\Local\Temp\SP65793.exe
C:\Users\Adam\AppData\Local\Temp\SP66941.exe
C:\Users\Adam\AppData\Local\Temp\SP68376.exe
C:\Users\Adam\AppData\Local\Temp\SP69886.exe
C:\Users\Adam\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Adam\AppData\Local\Temp\UninstallHPSA.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
https://forums.spybot.info/showthrea...nsive-programs
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\ProgramData\{e226f045-0ae7-9727-e226-6f0450aec114}\Download.exe => not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} => value removed successfully
HKCR\Wow6432Node\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c} => key not found.
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
C:\ProgramData\.bf45c81f8dc8abfeecf09.dat => moved successfully
C:\Users\Adam\AppData\Local\Temp\Creative Cloud Helper.exe => moved successfully
"C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll" => File/Folder not found.
C:\Users\Adam\AppData\Local\Temp\Extract.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\ICReinstall_JavaPlatformSESetup-23591503.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-50-g402ee87-b2959jnks.dll => moved successfully
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll => moved successfully
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Spigot-1642.dll => moved successfully
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1046-gfee8f92-b1152jnks.dll => moved successfully
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1067-g6301507-b1185jnks.dll => moved successfully
C:\Users\Adam\AppData\Local\Temp\riftuninstall.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\sp64126.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP65168.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP65755.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP65782.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP65792.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP65793.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP66941.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP68376.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\SP69886.exe => moved successfully
C:\Users\Adam\AppData\Local\Temp\UNINSTALL.EXE => moved successfully
C:\Users\Adam\AppData\Local\Temp\UninstallHPSA.exe => moved successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
https://forums.spybot.info/showthrea...nsive-programs => Error: No automatic fix found for this entry.
EmptyTemp: => 45.4 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 17:35:52 ====

Here is the AdwClean[C1]:

# AdwCleaner v5.006 - Logfile created 07/09/2015 at 18:45:54
# Updated 06/09/2015 by Xplode
# Database : 2015-09-07.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Adam - ADAMSPC
# Running from : C:\Users\Adam\Downloads\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.1.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\unisaLees
[-] Folder Deleted : C:\Program Files (x86)\UnIsales
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\10607596086672619320
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1114tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1214tb
[-] Folder Deleted : C:\ProgramData\{e226f045-0ae7-9727-e226-6f0450aec114}
[-] Folder Deleted : C:\ProgramData\paoigfhahkipnencmdfmeokhkaabbafn
[-] Folder Deleted : C:\Users\Adam\AppData\Local\StormFall

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\AVG Security Toolbar
[!] Key Not Deleted : [x64] HKCU\Software\OCS
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[-] Key Deleted : [x64] HKLM\SOFTWARE\AVG Secure Search
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Web browsers ] *****

[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://searchou.com/?id=82b8f7f5000000000000b8763f88d3fa
[-] [C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : oejkcgajlodefenbbjdnaiahmbnnoole

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5742 bytes] ##########

The JRT did not seem to work properly. After starting it would crash quickly, saying that come commands were unknown. I did uninstall the Ad-ware antivirus and I believe I disabled the AVG but could have done it incorrectly.

Here is a screenshot if what happened.

12354

Juliet

2015-09-08, 12:34

Don't worry about JRT, we'll just continue.

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) TO YOUR DESKTOP

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

http://i24.photobucket.com/albums/c30/ken545/0841859c-1a35-4dbd-b41a-e720629e3e22_zpst0yckuua.png

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

~~~~~~~~~~~~~~~~~~~~~~``

http://i24.photobucket.com/albums/c30/ken545/MBAM%20Application_zps7zm0ftdm.png (http://s24.photobucket.com/user/ken545/media/MBAM%20Application_zps7zm0ftdm.png.html)

1. Open up Malwarebytes and you will be on the Dashboard
2. Click on the History Tab
3. Then click on Application Logs
4. Double click on the SCAN LOG (Not Protection Log ) you just ran
5. When it opens it will look like this

http://i24.photobucket.com/albums/c30/ken545/MBAM%20Export_zpsjbtttjun.jpg (http://s24.photobucket.com/user/ken545/media/MBAM%20Export_zpsjbtttjun.jpg.html)

6. Then click on Export
7. On the drop down list click on Copy to Clipboard
8. Then paste the log back into this thread

~~~~~~~~~~~~~~~~~~~~~~~~~~~

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.

Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

http://i.imgur.com/GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

Please download ESET Online Scan (http://download.eset.com/special/eos/esetsmartinstaller_enu.exe) and save the file to your Desktop.
Temporarily disable your anti-virus software. For instructions, please refer to the following link (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/).
Double-click esetsmartinstaller_enu.exe to run the programme.
Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
Agree to the Terms of Use once more and click Start. Allow components to download.
Place a checkmark next to Enable detection of potentially unwanted applications.
Click Advanced settings. Place a checkmark next to:

Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

Ensure Remove found threats is unchecked.
Click Start.
Wait for the scan to finish. Please be patient as this can take some time.
Upon completion, click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png. If no threats were found, skip the next two bullet points.
Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
Push the Back button.
Place a checkmark next to http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
Re-enable your anti-virus software.
Copy the contents of the log and paste in your next reply.

Please post these 2 logs when finished.

Any improvements with the computer?

Juliet

2015-09-10, 22:13

Still need help?

arhunt

2015-09-11, 16:33

Yes if there are more tests to run I'd appreciate the help.
I think my computer has been running slightly better but I'd like to make sure its as clean as possible.

Here is the Malwarebytes scan:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/8/2015
Scan Time: 5:50 PM
Logfile: Malwarebytes.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.09.08.07
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Adam

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450959
Time Elapsed: 1 hr, 4 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Here is the Malwarebytes History scan:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/8/2015
Scan Time: 5:50 PM
Logfile: Scan History.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.09.08.07
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Adam

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450959
Time Elapsed: 1 hr, 4 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Here is the ESETscan:

C:\FRST\Quarantine\C\Users\Adam\AppData\Local\Temp\ICReinstall_JavaPlatformSESetup-23591503.exe.xBAD a variant of Win32/InstallCore.VM potentially unwanted application
C:\Users\Adam\Downloads\JavaPlatformSESetup-23591503.exe a variant of Win32/InstallCore.VM potentially unwanted application

Juliet

2015-09-11, 20:05

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CloseProcesses:
C:\Users\Adam\Downloads\JavaPlatformSESetup-23591503.exe
EmptyTemp:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Let me know what problems remain and how the computer is at the moment.

Juliet

2015-09-14, 23:08

still need help?

arhunt

2015-09-17, 20:33

Here is the Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Adam (2015-09-17 12:46:08) Run:2
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & Administrator (Available Profiles: Adam & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
C:\Users\Adam\Downloads\JavaPlatformSESetup-23591503.exe
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\Adam\Downloads\JavaPlatformSESetup-23591503.exe => moved successfully
EmptyTemp: => 7.8 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 12:47:59 ====

My computer seems to be working better than before. I haven't noticed programs not responding quite as often as before.

Juliet

2015-09-17, 22:37

I think we got it.

Let's remove tools and quarantine folders.

http://i.imgur.com/AFZxnZc.jpg DelFix

Please download DelFix (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix) or from Here (http://www.bleepingcomputer.com/download/delfix/) and save the file to your Desktop.

Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:

Activate UAC
Remove disinfection tools

Click the Run button.
-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

~~~~~~~~~~~~~`

Answers to common security questions - Best Practices (http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/) by quietman7, MVP
How Malware Spreads - How did I get infected? (http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/) by quietman7, MVP
Simple and easy ways to keep your computer safe and secure on the Internet (http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/) by Lawrence Abrams, MVP
How to Prevent Malware (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) by miekiemoes, MVP
How to backup and restore your data using Cobian Backup (http://www.bleepingcomputer.com/tutorials/backup-and-restore-data-with-cobian-backup/) by YourHighness
Slow Computer/browser? It May Not Be Malware (http://www.bleepingcomputer.com/forums/t/87058/slow-computerbrowser-check-here-first;-it-may-not-be-malware/) by quietman7, MVP

The following programmes come highly recommended in the security community.

http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKsUqI5A.png.pagespeed.ic.vn1Hlvqi8h.jpgAdBlock (https://adblockplus.org/en/firefox) is a browser add-on that blocks annoying banners, pop-ups and video ads.
http://i.imgur.com/E8I37RF.pngCryptoPrevent (https://www.foolishit.com/) places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
http://i.imgur.com/EG85Vjt.png Malwarebytes Anti-Exploit (https://www.malwarebytes.org/antiexploit/) (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/x6YRrgUC.png.pagespeed.ic.HjgFxjvw2Z.jpgMalwarebytes Anti-Malware Premium (https://www.malwarebytes.org/) (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xjv4nhMJ.png.pagespeed.ic.A5YbWn1eDO.png NoScript (http://noscript.net/) is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
http://i.imgur.com/3O8r9Uq.png (http://www.sandboxie.com/) Sandboxie (http://www.sandboxie.com/) isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/DgW1XL2.png.pagespeed.ce.v1OlJl_ZAS.png Secuina PSI (http://secunia.com/vulnerability_scanning/personal/) will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xj1OLIec.png.pagespeed.ic.k6hhwopU0q.jpg SpywareBlaster (https://www.brightfort.com/spywareblaster.html) is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xJEP5iWI.png.pagespeed.ic.4tmM1lM7DQ.pngWeb of Trust (https://www.mywot.com/) (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

Want to help others? Join the ClassRoom (http://forums.whatthetech.com/What_the_Tech_Classroom_t80368.html) and learn how.

arhunt

2015-09-19, 03:47

Thank you for all your help!

Juliet

2015-09-19, 13:33

Glad we could help. :)http://i204.photobucket.com/albums/bb106/Juliet702/sparkle.gif

Since this issue appears resolved ... this Topic is closed.