Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - AlaskanSnowman

Pages: [1]

Tech Clinic / PCIe slot go bad?

« on: December 28, 2015, 05:41:54 PM »

I have updated my drivers and as far as I can tell all drivers are up to date. if the slot is bad is there a way to test it to find out? if it is determined that its bad is the only remedy
replacing the MOBO and any idea why plugging my TV into the video card created the issue? I have plugged it in many times before that... I don\'t have an issue replacing the MOBO just looking for a direction before throwing money at something that\'s not the issue. regardless of your answer thank you Guestolo for your help as always.

Tech Clinic / PCIe slot go bad?

« on: December 27, 2015, 05:36:40 PM »

ok.. after my Bios update I tried placing my GeForce GTX 550Ti back into the primary PCIe slot and the original problem still exists, on boot up my PC gives me 1 long beep and 3 short beeps and my monitor is black, I can hear Windows start through the speakers but no picture. I placed my video card back in the secondary PCIe slot and I have a picture on my monitor but my system as a whole seems a lot less stable with not responding pop-ups and monitor going black and restarting.

Tech Clinic / PCIe slot go bad?

« on: December 27, 2015, 05:14:04 PM »

ok.... I did manage to update my Bios ill keep you posted on the effects.

Tech Clinic / PCIe slot go bad?

« on: December 24, 2015, 09:46:35 PM »

ok.. my Bios is American Megatrends v0702 which I tried to update and I cant seem to find an update for it. installed the ASUS update utility with no luck, when I try the option of \"install update from the internet\" all it says is looking for server. The ASUS website is not much help either.

I do have the manual for my motherboard but any manual overclocking or changing setting,( like the speed of my RAM it crashes) and gives me the red light on the motherboard.
I realize tomorrow is Christmas so have a great Christmas Guestolo and I look forward to continuing this thread after the holidays.

Tech Clinic / PCIe slot go bad?

« on: December 23, 2015, 09:53:44 PM »

sorry for not including this info in my original post..
motherboard ASUS P8P67-M LGA 1155 socket for Intel second gen i7
Bios 32Mb Flash ROM, EFI AMI bios which has not been updated.
also not to further complicate things but I noticed when I was in the Bios setup that only 8Gs of my RAM is shown @ 1333GHZ when its rated for 2133GHZ... not sure if that matters.
please let me know if there is any other info you may need.

Tech Clinic / PCIe slot go bad?

« on: December 22, 2015, 07:42:34 PM »

I would\'ve posted this in the hardware section but it looks like it hasn\'t had an issue since 2011. I recently tried to hook my plasma screen TV to my desktop PC through the DVI/HDMI cable, leaving the other cable still hooked to my PC monitor, everything seemed fine till I clicked on the IE icon and my TV went black, after turning my monitor back on and unplugging the TV my PC wont boot up it gives me I long beep and 3 short beeps, after doing some research I found that its either a RAM problem or a video card issue. I recently purchased 16G of Gskill Ram to upgrade my memory(it is on my QVL list)so after going through the steps to make sure my RAM is seated correctly I determined it was the video card. I currently have a GeForce GTX 550 Ti and after pulling it to try to see if my older GeForce GTX 460 might remedy the issue to help figure out if it was indeed the card it still did the same thing. My PC will boot with the same 1 long beep and 3 short beeps but the monitor is still black and I can hear the Windows theme play just no picture. On a whim I plugged my 550 into the PCIe slot for running SLI and it worked,.. I have a picture on my monitor now but my question is can a PCIe slot go bad?...or burn up somehow and if so how can I test to make certain it is. what are my options for regaining that slot.

Tech Clinic / PC running slow

« on: December 05, 2015, 02:57:41 PM »

my PC seems much faster so far with regards to surfing the web, thank you for your help.

Tech Clinic / PC running slow

« on: December 01, 2015, 11:10:48 PM »

ok... I ran the FarBar tool with the Fixlist like you asked and for some reason I cant post the log here. I then tried turning the proxy server settings off manually as you asked and it was already disabled with the only check box marked \"automatically detect settings\" checked. I have found its running very smooth after the fix.

Tech Clinic / PC running slow

« on: November 30, 2015, 11:14:51 PM »

it seems to be running pretty good, defiantly better than before I contacted you. I`m not sure about the whole proxy thing or what effect on my system it might have if we changed it.

Tech Clinic / PC running slow

« on: November 25, 2015, 03:16:50 AM »

Well it does seem quite a bit faster and no blank pages or blank pictures.

Tech Clinic / PC running slow

« on: November 22, 2015, 08:54:06 PM »

Im not sure I notice a difference now although it does seem much faster, its hard to tell but here are the logs you asked for.

# AdwCleaner v5.022 - Logfile created 22/11/2015 at 16:47:46
# Updated 22/11/2015 by Xplode
# Database : 2015-11-22.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Dirtbag - DIRTBAG-PC
# Running from : C:\\Users\\Dirtbag\\Desktop\\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum\'>http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\\Program Files\\WebBar
[-] Folder Deleted : C:\\Program Files (x86)\\DriverTuner

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 7 Professional x64
Ran by Dirtbag (Administrator) on Sun 11/22/2015 at 16:54:26.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 1

Successfully deleted: C:\\Users\\Dirtbag\\AppData\\Local\\crashrpt (Folder)

Registry: 2

Successfully deleted: HKLM\\SYSTEM\\CurrentControlSet\\services\\DrvAgent64 (Registry Key)
Successfully deleted: HKLM\\Software\\Microsoft\\Internet Explorer\\Search\\\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/22/2015 at 16:57:04.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchSignup

***** [ Registry ] *****

[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKCU\\Software\\APN PIP
[-] Key Deleted : HKCU\\Software\\Define Ext
[-] Key Deleted : HKLM\\SOFTWARE\\Define Ext
[-] Key Deleted : HKLM\\SOFTWARE\\DriverTuner_Init
[-] Key Deleted : HKLM\\SOFTWARE\\DriverTuner
[-] Key Deleted : HKLM\\SOFTWARE\\W3I
[-] Key Deleted : [x64] HKLM\\SOFTWARE\\WebBar
[-] Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\LowRegistry\\DOMStorage\\plarium.com
[-] Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\LowRegistry\\DOMStorage\\shopathome.com

***** [ Web browsers ] *****

[-] [C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Data] [Search Provider] Deleted : Email Removed
[-] [C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Data] [Search Provider] Deleted : ask.com

*************************

:: \"Tracing\" keys removed
:: Winsock settings cleared

########## EOF - C:\\AdwCleaner\\AdwCleaner[C1].txt - [3817 bytes] ##########

Getting user folders.

Stopping running processes.

Emptying Temp folders.

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313336 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dirtbag
->Temp folder emptied: 121607210 bytes
->Temporary Internet Files folder emptied: 1707755903 bytes
->Java cache emptied: 31329 bytes
->Google Chrome cache emptied: 423168542 bytes
->Flash cache emptied: 203273 bytes

User: Public
->Temp folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: UpdatusUser.Dirtbag-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1524669 bytes
%systemroot%\\System32 .tmp files removed: 0 bytes
%systemroot%\\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\\System32\\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 326479796 bytes
%systemroot%\\system32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\\system32\\config\\systemprofile\\AppData\\LocalLow\\Sun\\Java\\Deployment folder emptied: 755 bytes
%systemroot%\\sysnative\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files folder emptied: 128 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes
Process complete!

Total Files Cleaned = 2,462.00 mb

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:22-11-2015
Ran by Dirtbag (administrator) on DIRTBAG-PC (22-11-2015 17:05:36)
Running from C:\\Users\\Dirtbag\\Desktop
Loaded Profiles: Dirtbag (Available Profiles: Dirtbag & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/\'>http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe
(Adobe Systems Incorporated) C:\\Program Files (x86)\\Adobe\\Elements Organizer 8.0\\PhotoshopElementsFileAgent.exe
() C:\\Program Files\\DAZ 3D\\Content Management Service\\ContentManagementServer.exe
(Fitbit, Inc.) C:\\Program Files (x86)\\Fitbit Connect\\FitbitConnectService.exe
() C:\\Windows\\SysWOW64\\PnkBstrA.exe
() C:\\Program Files (x86)\\Real\\UpdateService\\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\\Program Files (x86)\\Real\\RealPlayer\\RPDS\\Bin\\rpdsvc.exe
(Microsoft Corp.) C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\SeaPort\\SeaPort.exe
(AVAST Software) C:\\Program Files\\AVAST Software\\Avast\\avastui.exe
(Microsoft Corporation) C:\\Windows\\System32\\dllhost.exe
(Adobe Systems Incorporated) C:\\Windows\\System32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe
(Microsoft Corporation) C:\\Windows\\System32\\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\\Program Files\\Internet Explorer\\iexplore.exe
(Microsoft Corporation) C:\\Windows\\System32\\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\\...\\Run: [RtHDVCpl] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\\...\\Run: [NvBackend] => C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\\...\\Run: [JMB36X IDE Setup] => C:\\Windows\\RaidTool\\xInsIDE.exe
HKLM-x32\\...\\Run: [Adobe Reader Speed Launcher] => C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\\...\\Run: [Adobe ARM] => C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\\...\\Run: [DivXMediaServer] => C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe [448856 2014-08-18] (DivX, LLC)
HKLM-x32\\...\\Run: [DivXUpdate] => C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\\...\\Run: [AvastUI.exe] => C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe [6133520 2015-11-14] (AVAST Software)
HKLM-x32\\...\\Run: [Fitbit Connect] => C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
HKLM-x32\\...\\Run: [TkBellExe] => c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe [286784 2015-09-08] (RealNetworks, Inc.)
HKLM-x32\\...\\Run: [RealDownloader] => C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe [614464 2015-07-27] ()
HKLM-x32\\...\\Run: [QuickTime Task] => C:\\Program Files (x86)\\QuickTime\\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\\...\\Run: [SunJavaUpdateSched] => C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\\Users\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Local\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\*\\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\\*\\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Local\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\\*\\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\\*\\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\\Users\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Local\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Local\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\Appdata\\Roaming\\Microsoft\\Windows\\IEUpdate\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\\Users\\*.exe <====== ATTENTION
HKLM\\...\\Policies\\Explorer: [RestrictRun] 0
HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\Run: [Web Companion] => C:\\Program Files (x86)\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize
HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\Run: [Fitbit Connect] => C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\Run: [NETGEARGenie] => C:\\Program Files (x86)\\NETGEAR Genie\\bin\\NETGEARGenie.exe [603392 2015-08-26] (NETGEAR Inc.)
HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\Policies\\Explorer: [RestrictRun] 0
HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\Control Panel\\Desktop\\\\SCRNSAVE.EXE -> C:\\Windows\\system32\\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\\Program Files\\AVAST Software\\Avast\\ashShA64.dll [2015-09-20] (AVAST Software)
Startup: C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\RealTimes.lnk [2015-09-08]
ShortcutTarget: RealTimes.lnk -> C:\\Program Files (x86)\\Real\\RealPlayer\\RPDS\\Bin\\rpsystray.exe (RealNetworks, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52765;https=127.0.0.1:52765
Tcpip\\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\\..\\Interfaces\\{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\\..\\Interfaces\\{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer: Restriction <======= ATTENTION
HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer: Restriction <======= ATTENTION

HKLM\\Software\\Wow6432Node\\Microsoft\\Internet Explorer\\Main,Default_Search_URL =

SearchScopes: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\BrowserPlugins\\IE\\rndlbrowserrecordplugin64.dll [2015-07-27] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\\Program Files (x86)\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\BrowserPlugins\\IE\\rndlbrowserrecordplugin.dll [2015-07-27] (RealDownloader)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\\Program Files (x86)\\Java\\jre1.8.0_66\\bin\\ssv.dll [2015-11-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\\Program Files (x86)\\Java\\jre1.8.0_66\\bin\\jp2ssv.dll [2015-11-18] (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\\Program Files (x86)\\Windows Live\\Toolbar\\wltcore.dll [2010-04-16] (Microsoft Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\\Program Files (x86)\\Windows Live\\Messenger\\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\\Program Files (x86)\\Windows Live\\Messenger\\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_18_0_0_232.dll [2015-09-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\\Program Files\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_18_0_0_232.dll [2015-09-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\\Program Files (x86)\\DivX\\DivX OVS Helper\\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\\Program Files (x86)\\DivX\\DivX Web Player\\npdivx32.dll [2014-08-12] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_66\\bin\\dtplugin\\npDeployJava1.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_66\\bin\\plugin2\\npjp2.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=18.0.2.59 -> c:\\program files (x86)\\real\\realplayer\\Netscape6\\nppl3260.dll [2015-09-08] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.2.59 -> c:\\program files (x86)\\real\\realplayer\\Netscape6\\nprpplugin.dll [2015-09-08] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\\Program Files (x86)\\Google\\Update\\1.3.28.15\\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\\Program Files (x86)\\Google\\Update\\1.3.28.15\\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\AIR\\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001: ubisoft.com/uplaypc -> C:\\Program Files (x86)\\Ubisoft\\Ubisoft Game Launcher\\npuplaypc.dll [2014-11-19] ()
FF HKLM-x32\\...\\Firefox\\Extensions: [[email protected]] - C:\\Program Files\\AVAST Software\\Avast\\WebRep\\FF
FF Extension: Avast Online Security - C:\\Program Files\\AVAST Software\\Avast\\WebRep\\FF [2015-09-20] [not signed]
FF HKLM-x32\\...\\Firefox\\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\Firefox\\Ext => not found

Chrome:
=======

CHR DefaultSearchKeyword: Default -> yahoo.com

CHR Profile: C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default
CHR Extension: (Google Slides) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-03]
CHR Extension: (Google Docs) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aohghmighlieiainnegkcijnfilokake [2015-08-03]
CHR Extension: (Google Drive) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf [2015-08-03]
CHR Extension: (YouTube) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-03]
CHR Extension: (Google Search) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-03]
CHR Extension: (Google Sheets) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\felcaaldnbdncclmgdcncolpebgiejap [2015-08-03]
CHR Extension: (Google Docs Offline) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Avast Online Security) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\gomekmidlodglbbmalcneegieacbdmki [2015-08-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lccekmodgklaepjeofjdjpbminllajkg [2015-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (Gmail) - C:\\Users\\Dirtbag\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-03]
CHR HKLM-x32\\...\\Chrome\\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\\Program Files\\AVAST Software\\Avast\\WebRep\\Chrome\\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe [146600 2015-09-20] (AVAST Software)
R2 DAZContentManagementService; C:\\Program Files\\DAZ 3D\\Content Management Service\\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
R2 Fitbit Connect; C:\\Program Files (x86)\\Fitbit Connect\\FitbitConnectService.exe [5738528 2014-11-07] (Fitbit, Inc.) [File not signed]
S3 NETGEARGenieDaemon; C:\\Program Files (x86)\\NETGEAR Genie\\bin\\NETGEARGenieDaemon64.exe [232192 2015-08-26] (NETGEAR)
R2 PnkBstrA; C:\\Windows\\SysWOW64\\PnkBstrA.exe [76888 2014-11-16] ()
R2 RealPlayerUpdateSvc; C:\\Program Files (x86)\\Real\\UpdateService\\RealPlayerUpdateSvc.exe [32880 2015-07-27] ()
R2 RealTimes Desktop Service; c:\\program files (x86)\\real\\realplayer\\RPDS\\Bin\\rpdsvc.exe [1115736 2015-09-08] (RealNetworks, Inc.)
S3 WinDefend; C:\\Program Files\\Windows Defender\\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\\Windows\\system32\\drivers\\aswHwid.sys [28656 2015-09-20] (AVAST Software)
R2 aswMonFlt; C:\\Windows\\system32\\drivers\\aswMonFlt.sys [90968 2015-09-20] (AVAST Software)
R1 aswRdr; C:\\Windows\\system32\\drivers\\aswRdr2.sys [93528 2015-09-20] (AVAST Software)
R0 aswRvrt; C:\\Windows\\System32\\Drivers\\aswRvrt.sys [65224 2015-09-20] (AVAST Software)
R1 aswSnx; C:\\Windows\\system32\\drivers\\aswSnx.sys [1059656 2015-11-14] (AVAST Software)
R1 aswSP; C:\\Windows\\system32\\drivers\\aswSP.sys [449992 2015-11-14] (AVAST Software)
R2 aswStm; C:\\Windows\\system32\\drivers\\aswStm.sys [153744 2015-09-20] (AVAST Software)
R0 aswVmm; C:\\Windows\\System32\\Drivers\\aswVmm.sys [274808 2015-09-20] (AVAST Software)
S3 busenum; C:\\Windows\\System32\\DRIVERS\\SteelBus64.sys [145408 2014-01-08] (SteelSeries Corporation) [File not signed]
S3 ebdrv; C:\\Windows\\system32\\drivers\\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hitmanpro37; C:\\Windows\\system32\\drivers\\hitmanpro37.sys [43664 2014-11-02] ()
R2 NPF; C:\\Windows\\system32\\drivers\\npf.sys [35344 2015-11-16] (CACE Technologies, Inc.)
R3 RTCore64; C:\\Program Files (x86)\\EVGA Precision\\RTCore64.sys [14440 2011-08-12] ()
S3 SAlphamHid; C:\\Windows\\System32\\DRIVERS\\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) [File not signed]
U5 VWiFiFlt; C:\\Windows\\System32\\Drivers\\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 slb; \\??\\C:\\AeriaGames\\ScarletBlade\\avital\\scarlb64.sys [X]
S3 sxuptp; system32\\DRIVERS\\sxuptp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 17:05 - 2015-11-22 17:05 - 00031250 _____ C:\\Users\\Dirtbag\\Desktop\\FRST.txt
2015-11-22 17:05 - 2015-11-22 17:05 - 00000000 ____D C:\\Users\\Dirtbag\\Desktop\\FRST-OlderVersion
2015-11-22 16:59 - 2015-11-22 16:59 - 00448512 _____ (OldTimer Tools) C:\\Users\\Dirtbag\\Desktop\\TFC.exe
2015-11-22 16:59 - 2015-11-22 16:59 - 00000000 _____ C:\\Users\\Dirtbag\\Desktop\\TFC.exe.bdxch21.partial
2015-11-22 16:57 - 2015-11-22 16:57 - 00000833 _____ C:\\Users\\Dirtbag\\Desktop\\JRT.txt
2015-11-22 16:52 - 2015-11-22 16:52 - 01599080 _____ (Malwarebytes) C:\\Users\\Dirtbag\\Desktop\\JRT.exe
2015-11-22 16:45 - 2015-11-22 16:47 - 00000000 ____D C:\\AdwCleaner
2015-11-22 16:43 - 2015-11-22 16:43 - 01733632 _____ C:\\Users\\Dirtbag\\Desktop\\AdwCleaner.exe
2015-11-22 13:55 - 2015-11-22 13:56 - 00291728 _____ C:\\Windows\\Minidump\\112215-13353-01.dmp
2015-11-21 21:07 - 2015-11-22 17:05 - 02346496 _____ (Farbar) C:\\Users\\Dirtbag\\Desktop\\FRST64.exe
2015-11-21 21:07 - 2015-11-22 17:05 - 00000000 ____D C:\\FRST
2015-11-20 22:59 - 2015-11-20 22:59 - 00388608 _____ (Trend Micro Inc.) C:\\Users\\Dirtbag\\Desktop\\HijackThis.exe
2015-11-20 22:59 - 2015-11-20 22:59 - 00010444 _____ C:\\Users\\Dirtbag\\Desktop\\hijackthis.log
2015-11-17 20:46 - 2015-11-17 20:47 - 00000000 ____D C:\\Program Files\\Firestorm-Releasex64
2015-11-17 20:46 - 2015-11-17 20:46 - 00000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Firestorm
2015-11-17 20:42 - 2015-11-17 20:43 - 85407072 _____ (The Phoenix Firestorm Project, Inc.) C:\\Users\\Dirtbag\\Downloads\\Phoenix-FirestormOS-Releasex64-4-7-5-47975_Setup.exe
2015-11-16 21:00 - 2015-11-16 21:00 - 00281104 _____ (CACE Technologies, Inc.) C:\\Windows\\SysWOW64\\wpcap.dll
2015-11-16 21:00 - 2015-11-16 21:00 - 00096784 _____ (CACE Technologies, Inc.) C:\\Windows\\SysWOW64\\packet.dll
2015-11-16 21:00 - 2015-11-16 21:00 - 00035344 _____ (CACE Technologies, Inc.) C:\\Windows\\system32\\Drivers\\npf.sys
2015-11-15 16:52 - 2015-11-15 16:52 - 35648512 _____ C:\\Users\\Dirtbag\\Downloads\\PhysX-9.12.0613-SystemSoftware.msi
2015-11-15 13:40 - 2015-11-15 13:40 - 00000222 _____ C:\\Users\\Dirtbag\\Desktop\\Remember Me.url
2015-11-15 11:29 - 2015-11-15 11:31 - 00000000 ____D C:\\Users\\Dirtbag\\California trip 2015
2015-11-12 22:22 - 2015-11-03 13:10 - 00390344 _____ (Microsoft Corporation) C:\\Windows\\system32\\iedkcs32.dll
2015-11-12 22:22 - 2015-11-03 12:51 - 00342728 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iedkcs32.dll
2015-11-12 22:22 - 2015-11-03 08:55 - 03211264 _____ (Microsoft Corporation) C:\\Windows\\system32\\win32k.sys
2015-11-12 22:22 - 2015-10-30 14:46 - 25818624 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtml.dll
2015-11-12 22:22 - 2015-10-30 14:40 - 02724864 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtml.tlb
2015-11-12 22:22 - 2015-10-30 14:40 - 00004096 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwcollectorres.dll
2015-11-12 22:22 - 2015-10-30 14:25 - 02886656 _____ (Microsoft Corporation) C:\\Windows\\system32\\iertutil.dll
2015-11-12 22:22 - 2015-10-30 14:25 - 00417792 _____ (Microsoft Corporation) C:\\Windows\\system32\\html.iec
2015-11-12 22:22 - 2015-10-30 14:25 - 00066560 _____ (Microsoft Corporation) C:\\Windows\\system32\\iesetup.dll
2015-11-12 22:22 - 2015-10-30 14:25 - 00048640 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwproxystub.dll
2015-11-12 22:22 - 2015-10-30 14:24 - 00585728 _____ (Microsoft Corporation) C:\\Windows\\system32\\vbscript.dll
2015-11-12 22:22 - 2015-10-30 14:24 - 00088064 _____ (Microsoft Corporation) C:\\Windows\\system32\\MshtmlDac.dll
2015-11-12 22:22 - 2015-10-30 14:17 - 00054784 _____ (Microsoft Corporation) C:\\Windows\\system32\\jsproxy.dll
2015-11-12 22:22 - 2015-10-30 14:16 - 00034304 _____ (Microsoft Corporation) C:\\Windows\\system32\\iernonce.dll
2015-11-12 22:22 - 2015-10-30 14:13 - 00616960 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieui.dll
2015-11-12 22:22 - 2015-10-30 14:12 - 00144384 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieUnatt.exe
2015-11-12 22:22 - 2015-10-30 14:12 - 00114688 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwcollector.exe
2015-11-12 22:22 - 2015-10-30 14:11 - 05990912 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript9.dll
2015-11-12 22:22 - 2015-10-30 14:11 - 00817664 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript.dll
2015-11-12 22:22 - 2015-10-30 14:11 - 00814080 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript9diag.dll
2015-11-12 22:22 - 2015-10-30 14:04 - 00968704 _____ (Microsoft Corporation) C:\\Windows\\system32\\MsSpellCheckingFacility.exe
2015-11-12 22:22 - 2015-10-30 14:01 - 00489984 _____ (Microsoft Corporation) C:\\Windows\\system32\\dxtmsft.dll
2015-11-12 22:22 - 2015-10-30 13:58 - 02724864 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtml.tlb
2015-11-12 22:22 - 2015-10-30 13:53 - 00077824 _____ (Microsoft Corporation) C:\\Windows\\system32\\JavaScriptCollectionAgent.dll
2015-11-12 22:22 - 2015-10-30 13:52 - 20331520 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtml.dll
2015-11-12 22:22 - 2015-10-30 13:49 - 00199680 _____ (Microsoft Corporation) C:\\Windows\\system32\\msrating.dll
2015-11-12 22:22 - 2015-10-30 13:49 - 00092160 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtmled.dll
2015-11-12 22:22 - 2015-10-30 13:47 - 00504832 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\vbscript.dll
2015-11-12 22:22 - 2015-10-30 13:46 - 00315392 _____ (Microsoft Corporation) C:\\Windows\\system32\\dxtrans.dll
2015-11-12 22:22 - 2015-10-30 13:46 - 00062464 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iesetup.dll
2015-11-12 22:22 - 2015-10-30 13:45 - 00341504 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\html.iec
2015-11-12 22:22 - 2015-10-30 13:45 - 00047616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieetwproxystub.dll
2015-11-12 22:22 - 2015-10-30 13:44 - 00152064 _____ (Microsoft Corporation) C:\\Windows\\system32\\occache.dll
2015-11-12 22:22 - 2015-10-30 13:44 - 00064000 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\MshtmlDac.dll
2015-11-12 22:22 - 2015-10-30 13:42 - 02279936 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iertutil.dll
2015-11-12 22:22 - 2015-10-30 13:39 - 00047104 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jsproxy.dll
2015-11-12 22:22 - 2015-10-30 13:39 - 00030720 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iernonce.dll
2015-11-12 22:22 - 2015-10-30 13:37 - 00480256 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieui.dll
2015-11-12 22:22 - 2015-10-30 13:36 - 00663552 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript.dll
2015-11-12 22:22 - 2015-10-30 13:36 - 00620032 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript9diag.dll
2015-11-12 22:22 - 2015-10-30 13:36 - 00115712 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieUnatt.exe
2015-11-12 22:22 - 2015-10-30 13:34 - 00262144 _____ (Microsoft Corporation) C:\\Windows\\system32\\webcheck.dll
2015-11-12 22:22 - 2015-10-30 13:32 - 00720896 _____ (Microsoft Corporation) C:\\Windows\\system32\\ie4uinit.exe
2015-11-12 22:22 - 2015-10-30 13:31 - 00801280 _____ (Microsoft Corporation) C:\\Windows\\system32\\msfeeds.dll
2015-11-12 22:22 - 2015-10-30 13:29 - 02126336 _____ (Microsoft Corporation) C:\\Windows\\system32\\inetcpl.cpl
2015-11-12 22:22 - 2015-10-30 13:29 - 01359360 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtmlmedia.dll
2015-11-12 22:22 - 2015-10-30 13:28 - 00416256 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\dxtmsft.dll
2015-11-12 22:22 - 2015-10-30 13:23 - 00060416 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\JavaScriptCollectionAgent.dll
2015-11-12 22:22 - 2015-10-30 13:22 - 14457856 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieframe.dll
2015-11-12 22:22 - 2015-10-30 13:21 - 00168960 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msrating.dll
2015-11-12 22:22 - 2015-10-30 13:19 - 00076288 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtmled.dll
2015-11-12 22:22 - 2015-10-30 13:18 - 00279040 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\dxtrans.dll
2015-11-12 22:22 - 2015-10-30 13:17 - 02487808 _____ (Microsoft Corporation) C:\\Windows\\system32\\wininet.dll
2015-11-12 22:22 - 2015-10-30 13:17 - 00130048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\occache.dll
2015-11-12 22:22 - 2015-10-30 13:16 - 04527616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript9.dll
2015-11-12 22:22 - 2015-10-30 13:11 - 00230400 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\webcheck.dll
2015-11-12 22:22 - 2015-10-30 13:10 - 00689152 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msfeeds.dll
2015-11-12 22:22 - 2015-10-30 13:09 - 12854272 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieframe.dll
2015-11-12 22:22 - 2015-10-30 13:09 - 02052608 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\inetcpl.cpl
2015-11-12 22:22 - 2015-10-30 13:09 - 01155072 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtmlmedia.dll
2015-11-12 22:22 - 2015-10-30 13:04 - 01547264 _____ (Microsoft Corporation) C:\\Windows\\system32\\urlmon.dll
2015-11-12 22:22 - 2015-10-30 12:53 - 00800768 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieapfltr.dll
2015-11-12 22:22 - 2015-10-30 12:51 - 02011136 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wininet.dll
2015-11-12 22:22 - 2015-10-30 12:48 - 01311744 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\urlmon.dll
2015-11-12 22:22 - 2015-10-30 12:46 - 00710144 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieapfltr.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 03168768 _____ (Microsoft Corporation) C:\\Windows\\system32\\wucltux.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 02608128 _____ (Microsoft Corporation) C:\\Windows\\system32\\wuaueng.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 00696320 _____ (Microsoft Corporation) C:\\Windows\\system32\\wuapi.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 00192512 _____ (Microsoft Corporation) C:\\Windows\\system32\\wuwebv.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 00098816 _____ (Microsoft Corporation) C:\\Windows\\system32\\wudriver.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 00037888 _____ (Microsoft Corporation) C:\\Windows\\system32\\wups2.dll
2015-11-12 22:22 - 2015-10-20 09:42 - 00036864 _____ (Microsoft Corporation) C:\\Windows\\system32\\wups.dll
2015-11-12 22:22 - 2015-10-20 09:41 - 00140288 _____ (Microsoft Corporation) C:\\Windows\\system32\\wuauclt.exe
2015-11-12 22:22 - 2015-10-20 09:41 - 00091136 _____ (Microsoft Corporation) C:\\Windows\\system32\\WinSetupUI.dll
2015-11-12 22:22 - 2015-10-20 09:41 - 00037888 _____ (Microsoft Corporation) C:\\Windows\\system32\\wuapp.exe
2015-11-12 22:22 - 2015-10-20 09:41 - 00012288 _____ (Microsoft Corporation) C:\\Windows\\system32\\wu.upgrade.ps.dll
2015-11-12 22:22 - 2015-10-20 08:46 - 00566784 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wuapi.dll
2015-11-12 22:22 - 2015-10-20 08:46 - 00174080 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wuwebv.dll
2015-11-12 22:22 - 2015-10-20 08:46 - 00093696 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wudriver.dll
2015-11-12 22:22 - 2015-10-20 08:46 - 00030208 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wups.dll
2015-11-12 22:22 - 2015-10-20 08:45 - 00035328 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wuapp.exe
2015-11-12 22:22 - 2015-10-19 16:12 - 05570496 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntoskrnl.exe
2015-11-12 22:22 - 2015-10-19 16:12 - 00154560 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ksecpkg.sys
2015-11-12 22:22 - 2015-10-19 16:12 - 00095680 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ksecdd.sys
2015-11-12 22:22 - 2015-10-19 16:09 - 01730496 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntdll.dll
2015-11-12 22:22 - 2015-10-19 16:06 - 00362496 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64win.dll
2015-11-12 22:22 - 2015-10-19 16:06 - 00243712 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64.dll
2015-11-12 22:22 - 2015-10-19 16:06 - 00215040 _____ (Microsoft Corporation) C:\\Windows\\system32\\winsrv.dll
2015-11-12 22:22 - 2015-10-19 16:06 - 00013312 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64cpu.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 01461760 _____ (Microsoft Corporation) C:\\Windows\\system32\\lsasrv.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 01216512 _____ (Microsoft Corporation) C:\\Windows\\system32\\rpcrt4.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 01164800 _____ (Microsoft Corporation) C:\\Windows\\system32\\kernel32.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00729600 _____ (Microsoft Corporation) C:\\Windows\\system32\\kerberos.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00503808 _____ (Microsoft Corporation) C:\\Windows\\system32\\srcore.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00424960 _____ (Microsoft Corporation) C:\\Windows\\system32\\KernelBase.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00344064 _____ (Microsoft Corporation) C:\\Windows\\system32\\schannel.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00315392 _____ (Microsoft Corporation) C:\\Windows\\system32\\msv1_0.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00312320 _____ (Microsoft Corporation) C:\\Windows\\system32\\ncrypt.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00296960 _____ (Microsoft Corporation) C:\\Windows\\system32\\rstrui.exe
2015-11-12 22:22 - 2015-10-19 16:05 - 00210944 _____ (Microsoft Corporation) C:\\Windows\\system32\\wdigest.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00136192 _____ (Microsoft Corporation) C:\\Windows\\system32\\sspicli.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00112640 _____ (Microsoft Corporation) C:\\Windows\\system32\\smss.exe
2015-11-12 22:22 - 2015-10-19 16:05 - 00086528 _____ (Microsoft Corporation) C:\\Windows\\system32\\TSpkg.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00050176 _____ (Microsoft Corporation) C:\\Windows\\system32\\srclient.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00044032 _____ (Microsoft Corporation) C:\\Windows\\system32\\cryptbase.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00043520 _____ (Microsoft Corporation) C:\\Windows\\system32\\csrsrv.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00029184 _____ (Microsoft Corporation) C:\\Windows\\system32\\sspisrv.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00028160 _____ (Microsoft Corporation) C:\\Windows\\system32\\secur32.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00022016 _____ (Microsoft Corporation) C:\\Windows\\system32\\credssp.dll
2015-11-12 22:22 - 2015-10-19 16:05 - 00016384 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntvdm64.dll
2015-11-12 22:22 - 2015-10-19 16:04 - 00338432 _____ (Microsoft Corporation) C:\\Windows\\system32\\conhost.exe
2015-11-12 22:22 - 2015-10-19 16:04 - 00064000 _____ (Microsoft Corporation) C:\\Windows\\system32\\auditpol.exe
2015-11-12 22:22 - 2015-10-19 16:04 - 00031232 _____ (Microsoft Corporation) C:\\Windows\\system32\\lsass.exe
2015-11-12 22:22 - 2015-10-19 16:00 - 00060416 _____ (Microsoft Corporation) C:\\Windows\\system32\\msobjs.dll
2015-11-12 22:22 - 2015-10-19 15:59 - 00146432 _____ (Microsoft Corporation) C:\\Windows\\system32\\msaudite.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00686080 _____ (Microsoft Corporation) C:\\Windows\\system32\\adtschema.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00006656 _____ (Microsoft Corporation) C:\\Windows\\system32\\apisetschema.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00006144 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-security-base-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00005120 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-file-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00004608 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00004608 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-util-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-string-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-io-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:53 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-console-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:52 - 03991488 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntkrnlpa.exe
2015-11-12 22:22 - 2015-10-19 15:52 - 03935680 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntoskrnl.exe
2015-11-12 22:22 - 2015-10-19 15:48 - 01311768 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntdll.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00552960 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\kerberos.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00259584 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msv1_0.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00251392 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\schannel.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00223232 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ncrypt.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00172032 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wdigest.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00065536 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\TSpkg.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00043008 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\srclient.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00036864 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\cryptbase.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00025600 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\setup16.exe
2015-11-12 22:22 - 2015-10-19 15:45 - 00022016 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\secur32.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00017408 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\credssp.dll
2015-11-12 22:22 - 2015-10-19 15:45 - 00014336 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntvdm64.dll
2015-11-12 22:22 - 2015-10-19 15:44 - 01114112 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\kernel32.dll
2015-11-12 22:22 - 2015-10-19 15:44 - 00665088 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\rpcrt4.dll
2015-11-12 22:22 - 2015-10-19 15:44 - 00274944 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\KernelBase.dll
2015-11-12 22:22 - 2015-10-19 15:44 - 00096768 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\sspicli.dll
2015-11-12 22:22 - 2015-10-19 15:44 - 00050176 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\auditpol.exe
2015-11-12 22:22 - 2015-10-19 15:44 - 00005120 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wow32.dll
2015-11-12 22:22 - 2015-10-19 15:39 - 00146432 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msaudite.dll
2015-11-12 22:22 - 2015-10-19 15:39 - 00060416 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msobjs.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00686080 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\adtschema.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00006656 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\apisetschema.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00005120 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-file-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00004608 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00004096 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003584 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-string-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-io-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 22:22 - 2015-10-19 15:35 - 00003072 ____H (Microsoft Corporation) C:\\Windows\\SysWOW64\\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 22:22 - 2015-10-

Tech Clinic / PC running slow

« on: November 22, 2015, 01:09:41 AM »

thank you for your reply here are the logs you asked for.

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-11-2015
Ran by Dirtbag (2015-11-21 21:08:01)
Running from C:\\Users\\Dirtbag\\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-04-23 01:49:38)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2787044202-2378965189-2633346745-500 - Administrator - Disabled)
Dirtbag (S-1-5-21-2787044202-2378965189-2633346745-1001 - Administrator - Enabled) => C:\\Users\\Dirtbag
Guest (S-1-5-21-2787044202-2378965189-2633346745-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2787044202-2378965189-2633346745-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-2787044202-2378965189-2633346745-1007 - Limited - Enabled) => C:\\Users\\UpdatusUser.Dirtbag-PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with \"Hidden\" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\\...\\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\\...\\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\\...\\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\\...\\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\\...\\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.02 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\\...\\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\\...\\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\\...\\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Apple Application Support (HKLM-x32\\...\\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\\...\\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\\...\\Avast) (Version: 10.4.2233 - AVAST Software)
Blender (HKLM\\...\\Blender) (Version: 2.62-release - Blender Foundation)
Cisco Connect (HKLM-x32\\...\\Cisco Connect) (Version: 1.4.11222.0 - Cisco Consumer Products LLC)
CleanUp! (HKLM-x32\\...\\CleanUp!) (Version: - )
DAZ Content Management Service (HKLM-x32\\...\\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM-x32\\...\\DAZ Install Manager 1.1.0.28) (Version: 1.1.0.28 - DAZ 3D)
Diablo III (HKLM-x32\\...\\Diablo III) (Version: 1.0.1.9558 - Blizzard Entertainment)
DivX Setup (HKLM-x32\\...\\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
DriverAgent by eSupport.com (HKLM\\...\\DriverAgent.exe) (Version: - )
Dungeon Siege III (HKLM-x32\\...\\Steam App 39160) (Version: - Obsidian Entertainment)
EVGA Precision 2.0.4 (HKLM-x32\\...\\Precision) (Version: 2.0.4 - EVGA Corporation)
Far Cry® 3 (HKLM-x32\\...\\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\\...\\Steam App 233270) (Version: - Ubisoft Montreal)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\\...\\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Firestorm SecondLife and OpenSim viewer (Version: 4.7.47975 - The Phoenix Firestorm Project, Inc.) Hidden
Firestorm-Release (remove only) (HKLM-x32\\...\\Firestorm-Release) (Version: 4.4.2.34167 - The Phoenix Firestorm Project, Inc.)
Firestorm-Releasex64 x64 (HKLM-x32\\...\\{5b0b9787-398d-46f9-ab2c-4f0ad6671f84}) (Version: 4.6.42398 - Phoenix Firestorm Project Inc)
Firestorm-Releasex64 x64 (HKLM-x32\\...\\{63667a72-ee55-4dac-b231-18e6773104d8}) (Version: 4.7.47975 - The Phoenix Firestorm Project, Inc.)
Fitbit Connect (HKLM-x32\\...\\{E54705FB-98A6-4C03-B2DC-D8C3B5486DCD}) (Version: 2.0.0.6512 - Fitbit Inc.)
Game of Thrones - A Telltale Games Series (HKLM-x32\\...\\Steam App 330840) (Version: - Telltale Games)
GCI Security Guard (HKLM-x32\\...\\F-Secure Product 430) (Version: - )
GIMP 2.6.11 (HKLM-x32\\...\\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\\...\\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HiJackThis (HKLM-x32\\...\\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Intel(R) Management Engine Components (HKLM-x32\\...\\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
InWorldzReleaseCandidate (remove only) (HKLM-x32\\...\\InWorldzReleaseCandidate) (Version: 2.2.15.35036 - InWorldz, LLC)
Java 8 Update 66 (HKLM-x32\\...\\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\\...\\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\\...\\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\\...\\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\\...\\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\\...\\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\\...\\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\\...\\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\\...\\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\\...\\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\\...\\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\\...\\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\\...\\MSTTS) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\\...\\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\\...\\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\\...\\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\\...\\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\\...\\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\\...\\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\\...\\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\\...\\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\\...\\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\\...\\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\\...\\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mplayer 0.6.9 (HKLM-x32\\...\\Mplayer) (Version: 0.6.9 - )
NETGEAR Genie (HKLM-x32\\...\\NETGEAR Genie) (Version: 2.4.16.00 - NETGEAR Inc.)
NVIDIA 3D Vision Controller Driver 280.19 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\\...\\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenAL (HKLM-x32\\...\\OpenAL) (Version: - )
PunkBuster Services (HKLM-x32\\...\\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\\...\\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.0.2.56 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.0.2.60 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\\...\\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\\...\\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\\...\\RealPlayer 18.0) (Version: 18.0.2 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remember Me (HKLM-x32\\...\\Steam App 228300) (Version: - DONTNOD Entertainment)
Runes of Magic (HKLM-x32\\...\\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 3.0.8.2349 - Frogster America Inc.)
SecondLifeViewer (remove only) (HKLM-x32\\...\\SecondLifeViewer) (Version: - )
Sid Meier\'s Civilization V (HKLM-x32\\...\\Steam App 8930) (Version: - 2K Games, Inc.)
Sleeping Dogs™ (HKLM-x32\\...\\Steam App 202170) (Version: - United Front Games)
Star Trek Online (HKLM-x32\\...\\Star Trek Online) (Version: - Cryptic Studios)
Star Wars: The Old Republic (HKLM-x32\\...\\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\\...\\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Elder Scrolls Online (HKLM-x32\\...\\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\\...\\Steam App 72850) (Version: - Bethesda Game Studios)
The Works version 3.2 (HKLM-x32\\...\\{839CA7E5-5956-487D-8138-682907C5D576}_is1) (Version: 3.2 - Cybia)
Tropico 4 (HKLM-x32\\...\\Steam App 57690) (Version: - Haemimont Games)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Uplay (HKLM-x32\\...\\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VoiceMX STUDIO 4 (HKLM-x32\\...\\VoiceMX STUDIO 4_is1) (Version: 4.0 - Tanseon Systems)
Warzone 2100 (HKLM-x32\\...\\Warzone 2100) (Version: 2.3.7 - Warzone 2100 Project)
WildStar (HKLM-x32\\...\\WildStar) (Version: - NCSOFT)
Win7codecs (HKLM-x32\\...\\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.0.8 - Shark007)
Windows Live Essentials (HKLM-x32\\...\\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\\...\\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\\...\\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\\...\\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer Plugin - Sharper Photo (HKLM-x32\\...\\{DB06102B-24CD-4FB0-B41A-1A0AC8A21755}) (Version: 1.0.0.0 - JoseNet.com)
World of Tanks (HKLM-x32\\...\\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001_Classes\\CLSID\\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\\InprocServer32 -> C:\\Program Files (x86)\\Blender Foundation\\Blender\\BlendThumb64.dll ()
CustomCLSID: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001_Classes\\CLSID\\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\\InprocServer32 -> C:\\ProgramData\\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\\twain_32.dll => No File <==== ATTENTION

==================== Restore Points =========================

28-10-2015 18:50:43 Scheduled Checkpoint
14-11-2015 17:39:29 Windows Update
15-11-2015 16:52:44 Installed NVIDIA PhysX
17-11-2015 20:44:16 Firestorm-Releasex64 x64
17-11-2015 20:44:37 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
17-11-2015 20:45:00 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
17-11-2015 20:47:42 Firestorm-Releasex64 x64

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 17:34 - 2014-10-30 16:45 - 00000027 ____A C:\\Windows\\system32\\Drivers\\etc\\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05782674-3320-4436-90F7-2E669CBEE05C} - System32\\Tasks\\{7BFF5E3E-C71B-4183-8147-3F811DCDBDC8} => C:\\Program Files (x86)\\Electronic Arts\\BioWare\\Star Wars - The Old Republic\\launcher.exe [2012-03-06] (BioWare)
Task: {106CFE5F-91BC-4FDC-950A-9B1CFD937FF0} - System32\\Tasks\\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2787044202-2378965189-2633346745-1001 => C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {27FD557F-26F2-4537-9573-C3C00699B3DF} - System32\\Tasks\\LaunchSignup => C:\\Program Files (x86)\\MyPC Backup\\Signup Wizard.exe <==== ATTENTION
Task: {378CD8F7-0B5B-4637-BF67-493FCC2F3105} - System32\\Tasks\\EVGAPrecision => C:\\Program Files (x86)\\EVGA Precision\\EVGAPrecision.exe [2011-08-12] ()
Task: {3866A705-1F13-4B50-8826-14B2B7A80C6E} - System32\\Tasks\\{3937C46C-5FE8-4783-9F59-10538DB96742} => C:\\Program Files (x86)\\Phoenix Viewer\\PhoenixViewer.exe
Task: {38EC09CC-1F65-40E4-9A8E-265F7CE3650C} - System32\\Tasks\\avast! Emergency Update => C:\\Program Files\\AVAST Software\\Avast\\AvastEmUpdate.exe [2015-09-20] (AVAST Software)
Task: {39DDA152-FC71-4896-903B-5E05AB882110} - System32\\Tasks\\{8A639209-09E4-4D22-BBD8-530B371FD233} => C:\\Program Files (x86)\\Electronic Arts\\BioWare\\Star Wars - The Old Republic\\launcher.exe [2012-03-06] (BioWare)
Task: {5A34C644-0C69-4BDA-9DDB-BEE5E3CC2ED8} - System32\\Tasks\\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2787044202-2378965189-2633346745-1001 => C:\\Program Files (x86)\\Real\\RealUpgrade\\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {6B33B83D-9035-4DA0-9983-3AE422FFF0EC} - System32\\Tasks\\{316AD529-56D4-4864-A329-26F1AC90F141} => pcalua.exe -a D:\\AutoPlay\\cd\\monsetup.exe -d D:\\AutoPlay\\cd
Task: {A2E8492E-D82A-490A-882B-5BB14B7B0988} - System32\\Tasks\\RealPlayerRealUpgradeLogonTaskS-1-5-21-2787044202-2378965189-2633346745-1001 => C:\\Program Files (x86)\\Real\\RealUpgrade\\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {A3D333F4-3908-4696-B5E9-52013BC8114B} - System32\\Tasks\\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2787044202-2378965189-2633346745-1001 => C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {C59E9803-7236-4FC7-9023-C29306BB28F1} - System32\\Tasks\\RealUpgradeScheduledTaskS-1-5-21-2787044202-2378965189-2633346745-1001 => C:\\Program Files (x86)\\Real\\RealUpgrade\\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {CC1A73CB-529D-43B5-9E1B-610F6FD6E1A7} - System32\\Tasks\\GoogleUpdateTaskMachineUA => C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D02AA6BB-B902-4B6A-8431-073D2FE51B50} - System32\\Tasks\\{746942E1-5412-48E7-9A45-4A0DEFADF93F} => C:\\Program Files (x86)\\Phoenix Viewer\\PhoenixViewer.exe
Task: {E1284EAE-72DB-4B7A-8692-9CB2054991F5} - System32\\Tasks\\{502ECA6D-FBFA-45CE-864A-04BF55CFE7F3} => C:\\Program Files (x86)\\Firestorm-Release\\Firestorm-Release.exe [2013-07-01] (The Phoenix Firestorm Project, Inc.)
Task: {E537B4FE-38B6-4316-8D94-0BB2F7B79CB5} - System32\\Tasks\\RealDownloader Update Check => C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe [2015-07-27] ()
Task: {E745E7F6-17A5-4F7D-AB28-82BE63A4140F} - System32\\Tasks\\RealUpgradeLogonTaskS-1-5-21-2787044202-2378965189-2633346745-1001 => C:\\Program Files (x86)\\Real\\RealUpgrade\\RealUpgrade.exe [2015-07-27] (RealNetworks, Inc.)
Task: {EFC92E57-6F4D-4D96-AA49-232B129F14D6} - System32\\Tasks\\GoogleUpdateTaskMachineCore => C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F81D1306-B1A9-40B9-A772-6F1CCBF89383} - \\{32848E10-8664-418F-98CB-A818780BBEB0} -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\\Windows\\Tasks\\GoogleUpdateTaskMachineCore.job => C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe
Task: C:\\Windows\\Tasks\\GoogleUpdateTaskMachineUA.job => C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-07-20 17:37 - 2014-03-04 04:05 - 00116056 _____ () C:\\Program Files\\NVIDIA Corporation\\Display\\NvSmartMax64.dll
2015-04-18 21:03 - 2011-05-05 11:36 - 00022528 _____ () C:\\Program Files\\DAZ 3D\\Content Management Service\\ContentManagementServer.exe
2015-04-18 21:03 - 2011-05-05 11:36 - 01479680 _____ () C:\\Program Files\\DAZ 3D\\Content Management Service\\ace_x64.dll
2015-04-18 21:03 - 2011-05-05 11:36 - 00977408 _____ () C:\\Program Files\\DAZ 3D\\Content Management Service\\VServer_x64.dll
2015-04-18 21:03 - 2011-05-05 11:36 - 01053696 _____ () C:\\Program Files\\DAZ 3D\\Content Management Service\\ace_ssl_x64.dll
2015-04-18 21:03 - 2011-05-05 11:36 - 00155136 _____ () C:\\Program Files\\DAZ 3D\\Content Management Service\\asnmp_x64.dll
2014-11-16 21:16 - 2014-11-16 21:16 - 00076888 _____ () C:\\Windows\\SysWOW64\\PnkBstrA.exe
2015-07-27 20:28 - 2015-07-27 20:28 - 00032880 _____ () C:\\Program Files (x86)\\Real\\UpdateService\\RealPlayerUpdateSvc.exe
2011-08-12 16:03 - 2011-08-12 16:03 - 00359528 _____ () C:\\Program Files (x86)\\EVGA Precision\\EVGAPrecision.exe
2015-07-27 18:40 - 2015-07-27 18:40 - 00614464 _____ () C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe
2015-09-20 09:04 - 2015-09-20 09:04 - 00103376 _____ () C:\\Program Files\\AVAST Software\\Avast\\log.dll
2015-09-20 09:04 - 2015-09-20 09:04 - 00123976 _____ () C:\\Program Files\\AVAST Software\\Avast\\JsonRpcServer.dll
2015-11-20 20:41 - 2015-11-20 20:41 - 02993664 _____ () C:\\Program Files\\AVAST Software\\Avast\\defs\\15112001\\algo.dll
2015-11-21 12:13 - 2015-11-21 12:13 - 02994176 _____ () C:\\Program Files\\AVAST Software\\Avast\\defs\\15112101\\algo.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 00037512 _____ () C:\\Program Files (x86)\\Real\\UpdateService\\DL2UpdatePlugin.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 00039560 _____ () C:\\Program Files (x86)\\Real\\UpdateService\\RealDownloaderUpdatePlugin.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 00037528 _____ () C:\\Program Files (x86)\\Real\\UpdateService\\VideoDLUpdatePlugin.dll
2011-07-05 17:56 - 2011-07-05 17:56 - 00061440 _____ () C:\\Program Files (x86)\\EVGA Precision\\RTMUI.dll
2011-07-05 17:55 - 2011-07-05 17:55 - 00061440 _____ () C:\\Program Files (x86)\\EVGA Precision\\RTFC.dll
2011-07-05 17:56 - 2011-07-05 17:56 - 00229376 _____ () C:\\Program Files (x86)\\EVGA Precision\\RTCore.dll
2011-07-05 17:56 - 2011-07-05 17:56 - 00147456 _____ () C:\\Program Files (x86)\\EVGA Precision\\RTUI.dll
2011-07-05 17:56 - 2011-07-05 17:56 - 00290816 _____ () C:\\Program Files (x86)\\EVGA Precision\\RTHAL.dll
2011-04-30 21:04 - 2011-04-30 21:04 - 00013312 _____ () C:\\Program Files (x86)\\EVGA Precision\\RTTSH.dll
2014-10-28 12:22 - 2014-10-28 12:22 - 40622592 ____R () C:\\Program Files (x86)\\Fitbit Connect\\libcef.dll
2015-09-20 09:04 - 2015-09-20 09:04 - 40539648 _____ () C:\\Program Files\\AVAST Software\\Avast\\libcef.dll
2013-03-12 16:10 - 2015-10-05 07:18 - 00778752 _____ () C:\\Program Files (x86)\\Steam\\SDL2.dll
2015-02-16 20:06 - 2015-07-03 07:12 - 04962816 _____ () C:\\Program Files (x86)\\Steam\\v8.dll
2015-02-16 20:06 - 2015-07-03 07:12 - 01556992 _____ () C:\\Program Files (x86)\\Steam\\icui18n.dll
2015-02-16 20:06 - 2015-07-03 07:12 - 01187840 _____ () C:\\Program Files (x86)\\Steam\\icuuc.dll
2014-05-31 10:15 - 2015-11-09 17:44 - 02541648 _____ () C:\\Program Files (x86)\\Steam\\video.dll
2014-09-23 10:46 - 2015-09-23 15:33 - 02549248 _____ () C:\\Program Files (x86)\\Steam\\libavcodec-56.dll
2014-09-23 10:46 - 2015-09-23 15:33 - 00442880 _____ () C:\\Program Files (x86)\\Steam\\libavutil-54.dll
2014-09-23 10:46 - 2015-09-23 15:33 - 00491008 _____ () C:\\Program Files (x86)\\Steam\\libavformat-56.dll
2014-09-23 10:46 - 2015-09-23 15:33 - 00332800 _____ () C:\\Program Files (x86)\\Steam\\libavresample-2.dll
2014-09-23 10:46 - 2015-09-23 15:33 - 00485888 _____ () C:\\Program Files (x86)\\Steam\\libswscale-3.dll
2011-07-13 19:33 - 2015-11-09 17:44 - 00806992 _____ () C:\\Program Files (x86)\\Steam\\bin\\chromehtml.DLL
2015-08-26 19:56 - 2015-11-03 13:00 - 00201728 _____ () C:\\Program Files (x86)\\Steam\\bin\\openvr_api.dll
2011-05-02 20:50 - 2015-10-08 13:20 - 45010208 _____ () C:\\Program Files (x86)\\Steam\\bin\\libcef.dll
2015-02-16 20:06 - 2015-09-24 14:56 - 00119208 _____ () C:\\Program Files (x86)\\Steam\\winh264.dll
2015-07-27 18:35 - 2015-07-27 18:35 - 01382048 _____ () C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\cpprest100_1_2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\\ProgramData\\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The \"AlternateShell\" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\freerealms.com -> freerealms.com
IE trusted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\soe.com -> soe.com
IE trusted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\sony.com -> sony.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\008i.com -> 008i.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\008k.com -> 008k.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\00hq.com -> 00hq.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\01i.info -> 01i.info
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\05p.com -> 05p.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\0calories.net -> 0calories.net
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\0cj.net -> 0cj.net
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\0scan.com -> 0scan.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\1-se.com -> 1-se.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\1001movie.com -> 1001movie.com
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\1001night.biz -> 1001night.biz
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\100gal.net -> 100gal.net
IE restricted site: HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\...\\100sexlinks.com -> 100sexlinks.com

There are 6051 more sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\\S-1-5-21-2787044202-2378965189-2633346745-1001\\Control Panel\\Desktop\\\\Wallpaper -> C:\\Users\\Dirtbag\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\\Windows\\pss\\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\\startupreg: Aeria Ignite => \"C:\\Program Files (x86)\\Aeria Games\\Ignite\\aeriaignite.exe\" silent
MSCONFIG\\startupreg: APSDaemon => \"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"
MSCONFIG\\startupreg: DivXUpdate => \"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW
MSCONFIG\\startupreg: QuickTime Task => \"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime
MSCONFIG\\startupreg: TkBellExe => \"c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe\" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{806F3C11-6F75-447F-9EA4-9859453637B9}] => (Allow) C:\\Program Files (x86)\\Windows Live\\Messenger\\wlcsdk.exe
FirewallRules: [{702D8959-1637-4658-91D4-F73E7C44B0A4}] => (Allow) C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe
FirewallRules: [{C82D830F-6889-483E-9BB8-57F2C59F17AE}] => (Allow) svchost.exe
FirewallRules: [{DB409C55-9F87-40AD-9F89-0E66BBE92147}] => (Allow) C:\\Program Files (x86)\\Windows Live\\Sync\\WindowsLiveSync.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\\system32\\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\\system32\\sppsvc.exe
FirewallRules: [{ACF5FC99-B191-4F01-AF17-DE878A70DEAB}] => (Allow) C:\\Program Files (x86)\\Adobe\\Elements Organizer 8.0\\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{0BB9804F-D1EB-40D6-860C-275B2AC67C32}] => (Allow) C:\\Program Files (x86)\\Adobe\\Elements Organizer 8.0\\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{00F0D149-2729-4DD0-8272-7BFEF6EEB3BD}] => (Allow) C:\\Program Files (x86)\\Warzone 2100\\warzone2100.exe
FirewallRules: [{658FCAB4-B43A-478D-840D-23ECF050F415}] => (Allow) C:\\Program Files (x86)\\Warzone 2100\\warzone2100.exe
FirewallRules: [{FB0622FF-93F9-429F-9D14-9887203117ED}] => (Allow) C:\\Program Files (x86)\\Warzone 2100\\warzone2100.exe
FirewallRules: [{D920BF21-45E5-4731-88E6-7F62A644F40B}] => (Allow) C:\\Program Files (x86)\\Warzone 2100\\warzone2100.exe
FirewallRules: [{93C0E394-4384-4852-8363-FD26547C0DCF}] => (Allow) C:\\Program Files (x86)\\Electronic Arts\\BioWare\\Star Wars - The Old Republic\\launcher.exe
FirewallRules: [{F5B5218F-0BD1-40AA-B930-D9204EC2E98D}] => (Allow) C:\\Program Files (x86)\\Electronic Arts\\BioWare\\Star Wars - The Old Republic\\launcher.exe
FirewallRules: [{B8194AFC-02AF-435A-B19A-9519E67FE93F}] => (Allow) C:\\Program Files (x86)\\Electronic Arts\\BioWare\\Star Wars - The Old Republic\\launcher.exe
FirewallRules: [{F99BFD05-9684-46A1-9D89-106EC537F084}] => (Allow) C:\\Program Files (x86)\\Electronic Arts\\BioWare\\Star Wars - The Old Republic\\launcher.exe
FirewallRules: [{25619D9F-3EA1-4288-AB22-7B890931915D}] => (Allow) C:\\Program Files (x86)\\Steam\\Steam.exe
FirewallRules: [{04FB66BE-CDE1-4774-A74A-5CD0A3E0A3E3}] => (Allow) C:\\Program Files (x86)\\Steam\\Steam.exe
FirewallRules: [{A27EAF3D-67BD-40A8-9393-181D9EC8F932}] => (Allow) C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe
FirewallRules: [{4AC4AF15-5397-4BCC-A051-3D10538A5134}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dungeon siege iii\\Dungeon Siege III.exe
FirewallRules: [{0D4A21F1-B261-47D1-A518-167B8D238712}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dungeon siege iii\\Dungeon Siege III.exe
FirewallRules: [{6874180B-5B1C-4BF4-B8B1-847D7F27FB87}] => (Allow) C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe
FirewallRules: [{C7466A51-4D7E-4B4E-BE80-8DE888B91701}] => (Allow) C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe
FirewallRules: [{A15EA8C2-5200-4091-B0BA-E8A04BF48AD0}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Sid Meier\'s Civilization V\\Launcher.exe
FirewallRules: [{6445FD35-6D66-4A98-8BFB-B27105A05812}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Sid Meier\'s Civilization V\\Launcher.exe
FirewallRules: [{66173A2F-3153-424A-9A37-F784026321E3}] => (Allow) C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe
FirewallRules: [{26CA978F-8559-4119-8DD2-5CC7C7086537}] => (Allow) C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe
FirewallRules: [{1A677B90-182F-472A-8337-BB29BD2F916E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Skyrim\\SkyrimLauncher.exe
FirewallRules: [{9362227F-6787-4AA3-A889-8903F7EB4444}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Skyrim\\SkyrimLauncher.exe
FirewallRules: [{7D5D0A9B-2F61-4C38-95ED-D00F70162579}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Sid Meier\'s Civilization V\\Launcher.exe
FirewallRules: [{47440BBE-601B-47A4-9CEA-53D6640FE65D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Sid Meier\'s Civilization V\\Launcher.exe
FirewallRules: [{ACE18B82-9EC1-447F-9198-C014D1535723}] => (Allow) C:\\Program Files (x86)\\SquareEnix\\FINAL FANTASY XIV - A Realm Reborn\\boot\\ffxivboot.exe
FirewallRules: [{253C2381-A157-45A7-8600-97AC976A002D}] => (Allow) C:\\Program Files (x86)\\SquareEnix\\FINAL FANTASY XIV - A Realm Reborn\\boot\\ffxivboot.exe
FirewallRules: [{00F7CD4A-FB15-4424-A724-21830F9EDB46}] => (Allow) C:\\Program Files (x86)\\SquareEnix\\FINAL FANTASY XIV - A Realm Reborn\\boot\\ffxivlauncher.exe
FirewallRules: [{0435E164-681A-462F-8C48-0F74FD9E3C8E}] => (Allow) C:\\Program Files (x86)\\SquareEnix\\FINAL FANTASY XIV - A Realm Reborn\\boot\\ffxivlauncher.exe
FirewallRules: [{E57AFE80-ABC6-4227-9E93-4E1201729AA8}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\SleepingDogs\\HKShip.exe
FirewallRules: [{F4E5DF4A-D103-47D6-8996-F227B2A9DCDF}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\SleepingDogs\\HKShip.exe
FirewallRules: [{CE8CB4F8-0A8B-4863-B1F0-F089A6099472}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Tropico 4\\Tropico4.exe
FirewallRules: [{3BB6AF69-48B0-48D3-9DFA-08E09A8237EB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Tropico 4\\Tropico4.exe
FirewallRules: [{961C95C9-39C9-4801-809D-79CEF33FD519}] => (Allow) C:\\Program Files (x86)\\Steam\\bin\\steamwebhelper.exe
FirewallRules: [{AEACDBC6-706C-41E4-B0DD-AE961BB89897}] => (Allow) C:\\Program Files (x86)\\Steam\\bin\\steamwebhelper.exe
FirewallRules: [{6065977E-979A-4C21-841C-D68CEAD901E1}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Fuse Basic\\Code\\Build\\Output\\bin\\Release\\Fuse.exe
FirewallRules: [{9659189B-C274-4D6C-9678-44927BFE84C7}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Fuse Basic\\Code\\Build\\Output\\bin\\Release\\Fuse.exe
FirewallRules: [{90D3D9EE-88AD-422C-9175-DDBBF8FA5475}] => (Allow) C:\\Windows\\SysWOW64\\muzapp.exe
FirewallRules: [{6279E404-D105-4C6D-95A3-06E63874B5F5}] => (Allow) C:\\Windows\\SysWOW64\\muzapp.exe
FirewallRules: [{C1F6816E-600A-44E1-9401-70D709FC45EF}] => (Allow) C:\\Program Files\\Firestorm-Releasex64\\Firestorm-bin.exe
FirewallRules: [{BB6F5021-3674-4D4E-BE84-2A063BE145DD}] => (Allow) C:\\Program Files\\Firestorm-Releasex64\\Firestorm-bin.exe
FirewallRules: [{9E70E0BE-02E7-4F13-9B1B-8129154CCCDC}] => (Allow) C:\\Program Files\\Firestorm-Releasex64\\Firestorm-bin.exe
FirewallRules: [{3329993E-212F-4582-89C6-15726D62C47F}] => (Allow) C:\\Program Files\\Firestorm-Releasex64\\Firestorm-bin.exe
FirewallRules: [TCP Query User{120E9E4F-B80F-450D-9E8D-71BEB26AB31A}C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe] => (Allow) C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe
FirewallRules: [UDP Query User{87DEB21A-8374-4117-B6E8-0784414AF0B3}C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe] => (Allow) C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe
FirewallRules: [TCP Query User{61D8B32F-08EC-42F7-9DCD-1EE82309335A}C:\\program files\\firestorm-releasex64\\slvoice.exe] => (Allow) C:\\program files\\firestorm-releasex64\\slvoice.exe
FirewallRules: [UDP Query User{88C94B6A-D60C-441F-9F8B-F4E5F05A5761}C:\\program files\\firestorm-releasex64\\slvoice.exe] => (Allow) C:\\program files\\firestorm-releasex64\\slvoice.exe
FirewallRules: [TCP Query User{1403A1AF-EB4C-4923-A757-F5D1356A27B3}C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe] => (Block) C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe
FirewallRules: [UDP Query User{DE05D586-973C-4636-8FDF-EA3947C096F1}C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe] => (Block) C:\\program files (x86)\\netgear genie\\bin\\netgeargenie.exe
FirewallRules: [TCP Query User{12D568B7-8E5B-4C6A-B06E-C2D886E63B90}C:\\program files (x86)\\java\\jre1.8.0_25\\bin\\javaw.exe] => (Allow) C:\\program files (x86)\\java\\jre1.8.0_25\\bin\\javaw.exe
FirewallRules: [UDP Query User{C8D53707-DD9D-47F2-8794-9AF2E172B08D}C:\\program files (x86)\\java\\jre1.8.0_25\\bin\\javaw.exe] => (Allow) C:\\program files (x86)\\java\\jre1.8.0_25\\bin\\javaw.exe
FirewallRules: [{AAE8BC6C-E723-4077-94CC-2CE54FD953F5}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3 Blood Dragon\\bin\\FC3BDUpdaterSteam.exe
FirewallRules: [{2CF68CFD-0BA1-4265-96C2-D329D42CD2B2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3 Blood Dragon\\bin\\FC3BDUpdaterSteam.exe
FirewallRules: [{35E5613C-6F93-49CE-8F36-0810F3239E1F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3\\bin\\FC3UpdaterSteam.exe
FirewallRules: [{ABBBE795-D581-47B1-B896-299289462AEF}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3\\bin\\FC3UpdaterSteam.exe
FirewallRules: [{4F7CCE2E-B3E9-43CD-90F3-D2E90CEC5A0A}] => (Allow) C:\\Windows\\SysWOW64\\PnkBstrA.exe
FirewallRules: [{A38EFB56-3A80-4904-989C-99F7464AFF8F}] => (Allow) C:\\Windows\\SysWOW64\\PnkBstrA.exe
FirewallRules: [{B333BB04-2E80-4295-AC13-9F2DEBA15326}] => (Allow) C:\\Windows\\SysWOW64\\PnkBstrB.exe
FirewallRules: [{EB3F2538-C674-4F32-8173-328A4CBCCE74}] => (Allow) C:\\Windows\\SysWOW64\\PnkBstrB.exe
FirewallRules: [{B9CEA9D8-5B61-4AE0-9756-359B24CC684C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3\\bin\\farcry3.exe
FirewallRules: [{79265605-D942-41E2-B5E4-620A3B1A7A31}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3\\bin\\farcry3.exe
FirewallRules: [{508AA12E-22CE-4968-8154-D39133184883}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3\\bin\\farcry3_d3d11.exe
FirewallRules: [{C352C83C-3F85-403F-874C-301F29D29DE4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3\\bin\\farcry3_d3d11.exe
FirewallRules: [{0C9EB26D-4621-4C12-80A7-38F3B1394922}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3 Blood Dragon\\bin\\fc3_blooddragon.exe
FirewallRules: [{6551E4B2-EDDA-41E6-A5E6-840D7D4107EB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3 Blood Dragon\\bin\\fc3_blooddragon.exe
FirewallRules: [{15BB5F82-CF61-4BC4-8EC8-6944727CCCFE}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3 Blood Dragon\\bin\\fc3_blooddragon_d3d11.exe
FirewallRules: [{A52E90B7-BED5-4128-BE3E-0552FA7B07A5}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Far Cry 3 Blood Dragon\\bin\\fc3_blooddragon_d3d11.exe
FirewallRules: [{C2AE7E74-D14C-4697-9AC1-BE6C854925A6}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Game of Thrones\\Thrones.exe
FirewallRules: [{A7847178-203B-4321-BC21-84266F4D732C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Game of Thrones\\Thrones.exe
FirewallRules: [TCP Query User{0561B9A3-0B10-41D5-B26F-6B8822F59F07}C:\\program files (x86)\\zenimax online\\launcher\\bethesda.net_launcher.exe] => (Allow) C:\\program files (x86)\\zenimax online\\launcher\\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{47128F02-51E3-4ACE-BEDB-35A827B93A3B}C:\\program files (x86)\\zenimax online\\launcher\\bethesda.net_launcher.exe] => (Allow) C:\\program files (x86)\\zenimax online\\launcher\\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{8093AAC6-F3A0-4B87-B233-E81638EB5380}C:\\program files (x86)\\java\\jre1.8.0_31\\bin\\javaw.exe] => (Allow) C:\\program files (x86)\\java\\jre1.8.0_31\\bin\\javaw.exe
FirewallRules: [UDP Query User{6020CF2B-57FB-46C8-95C3-C9F38B3EC72E}C:\\program files (x86)\\java\\jre1.8.0_31\\bin\\javaw.exe] => (Allow) C:\\program files (x86)\\java\\jre1.8.0_31\\bin\\javaw.exe
FirewallRules: [TCP Query User{FDE834DC-25ED-43A8-A384-A869AA59D5A1}C:\\program files (x86)\\inworldzreleasecandidate\\iwvoice.exe] => (Allow) C:\\program files (x86)\\inworldzreleasecandidate\\iwvoice.exe
FirewallRules: [UDP Query User{6E885C96-0925-4570-BB14-A47499A75631}C:\\program files (x86)\\inworldzreleasecandidate\\iwvoice.exe] => (Allow) C:\\program files (x86)\\inworldzreleasecandidate\\iwvoice.exe
FirewallRules: [TCP Query User{E048A779-DA94-4888-9EDB-D81E085D3E8F}C:\\program files\\firestorm-betax64\\slvoice.exe] => (Allow) C:\\program files\\firestorm-betax64\\slvoice.exe
FirewallRules: [UDP Query User{7100AEA2-2B93-4A7A-BFF5-A100155810AE}C:\\program files\\firestorm-betax64\\slvoice.exe] => (Allow) C:\\program files\\firestorm-betax64\\slvoice.exe
FirewallRules: [{049E746E-F06E-47FD-A436-D60C0FDF1154}] => (Allow) c:\\program files (x86)\\real\\realplayer\\RPDS\\Bin\\rpdsvc.exe
FirewallRules: [{3937EE59-28D4-49C0-97DA-A995EF4C5651}] => (Allow) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe
FirewallRules: [{D1CBBE29-386D-469B-A3CD-E6D4CF5B0805}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Remember Me\\Binaries\\Win32\\RememberMe.exe
FirewallRules: [{363E25DD-E3ED-43FA-A370-358475B2C765}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Remember Me\\Binaries\\Win32\\RememberMe.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/21/2015 06:38:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for \"1\".Error in manifest or policy file \"2\" on line 3.
Invalid Xml syntax.

Error: (11/21/2015 06:38:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for \"rpshellextension.1.0,language=\"*\",type=\"win32\",version=\"1.0.0.0\"1\".
Dependent Assembly rpshellextension.1.0,language=\"*\",type=\"win32\",version=\"1.0.0.0\" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/21/2015 06:38:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for \"WLMFDS,processorArchitecture=\"AMD64\",type=\"win32\",version=\"1.0.0.1\"1\".Error in manifest or policy file \"WLMFDS,processorArchitecture=\"AMD64\",type=\"win32\",version=\"1.0.0.1\"2\" on line WLMFDS,processorArchitecture=\"AMD64\",type=\"win32\",version=\"1.0.0.1\"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture=\"AMD64\",type=\"win32\",version=\"1.0.0.1\".
Definition is WLMFDS,processorArchitecture=\"x86\",type=\"win32\",version=\"1.0.0.1\".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/21/2015 00:30:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error

Error: (11/21/2015 00:30:18 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error

Error: (11/21/2015 00:17:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/21/2015 00:17:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/21/2015 00:13:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA \"Win32_Processor\" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 09:09:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error

Error: (11/20/2015 09:09:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error

System errors:
=============
Error: (11/21/2015 09:08:13 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 09:06:03 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (11/21/2015 08:56:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 07:56:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 07:20:18 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 06:44:19 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 06:20:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 05:44:12 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 05:08:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

Error: (11/21/2015 04:44:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TISA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}.
The master browser is stopping or an election is being forced.

CodeIntegrity:
===================================
Date: 2014-10-31 17:10:13.827
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-31 17:10:13.796
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-30 17:45:07.000
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-30 17:45:06.969
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-30 17:24:53.296
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-30 17:24:53.265
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 21:41:10.922
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 21:41:10.891
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 20:36:13.875
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 20:36:13.844
Description: Windows is unable to verify the image integrity of the file \\Device\\HarddiskVolume2\\Windows\\System32\\drivers\\fses.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8173.41 MB
Available physical RAM: 6179.93 MB
Total Virtual: 16345.04 MB
Available Virtual: 13445.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:597.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 931.5 GB) (Disk ID: E9F1C6AA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
Ran by Dirtbag (administrator) on DIRTBAG-PC (21-11-2015 21:07:37)
Running from C:\\Users\\Dirtbag\\Desktop
Loaded Profiles: Dirtbag (Available Profiles: Dirtbag & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/\'>http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\\Windows\\System32\\nvvsvc.exe
(NVIDIA Corporation) C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\nvSCPAPISvr.exe
(AVAST Software) C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe
(NVIDIA Corporation) C:\\Program Files\\NVIDIA Corporation\\Display\\nvxdsync.exe
(NVIDIA Corporation) C:\\Windows\\System32\\nvvsvc.exe
(Adobe Systems Incorporated) C:\\Program Files (x86)\\Adobe\\Elements Organizer 8.0\\PhotoshopElementsFileAgent.exe
() C:\\Program Files\\DAZ 3D\\Content Management Service\\ContentManagementServer.exe
(Fitbit, Inc.) C:\\Program Files (x86)\\Fitbit Connect\\FitbitConnectService.exe
() C:\\Windows\\SysWOW64\\PnkBstrA.exe
() C:\\Program Files (x86)\\Real\\UpdateService\\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\\Program Files (x86)\\Real\\RealPlayer\\RPDS\\Bin\\rpdsvc.exe
(Microsoft Corp.) C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\SeaPort\\SeaPort.exe
() C:\\Program Files (x86)\\EVGA Precision\\EVGAPrecision.exe
(Realtek Semiconductor) C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe
(NVIDIA Corporation) C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe
(Fitbit, Inc.) C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe
(NVIDIA Corporation) C:\\Program Files\\NVIDIA Corporation\\Display\\nvtray.exe
(AVAST Software) C:\\Program Files\\AVAST Software\\Avast\\avastui.exe
(RealNetworks, Inc.) C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe
(Oracle Corporation) C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe
(Valve Corporation) C:\\Program Files (x86)\\Steam\\Steam.exe
(Valve Corporation) C:\\Program Files (x86)\\Steam\\bin\\steamwebhelper.exe
(Valve Corporation) C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe
(Valve Corporation) C:\\Program Files (x86)\\Steam\\bin\\steamwebhelper.exe
() C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe
(Microsoft Corporation) C:\\Program Files\\Internet Explorer\\iexplore.exe
(Adobe Systems Incorporated) C:\\Windows\\System32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe
(Microsoft Corporation) C:\\Windows\\System32\\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\\...\\Run: [RtHDVCpl] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\\...\\Run: [NvBackend] => C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\\...\\Run: [JMB36X IDE Setup] => C:\\Windows\\RaidTool\\xInsIDE.exe
HKLM-x32\\...\\Run: [Adobe Reader Speed Launcher] => C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\\...\\Run: [Adobe ARM] => C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\\...\\Run: [DivXMediaServer] => C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe [448856 2014-08-18] (DivX, LLC)
HKLM-x32\\...\\Run: [DivXUpdate] => C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\\...\\Run: [AvastUI.exe] => C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe [6133520 2015-11-14] (AVAST Software)
HKLM-x32\\...\\Run: [Fitbit Connect] => C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
HKLM-x32\\...\\Run: [TkBellExe] => c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe [286784 2015-09-08] (RealNetworks, Inc.)
HKLM-x32\\...\\Run: [RealDownloader] => C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe [614464 2015-07-27] ()
HKLM-x32\\...\\Run: [QuickTime Task] => C:\\Program Files (x86)\\QuickTime\\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\\...\\Run: [SunJavaUpdateSched] => C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\\Users\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Local\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\LocalLow\\*\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\\*\\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\\*\\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\\*\\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\\$Recycle.Bin <====== ATTENTION
HKLM Group Policy re

Tech Clinic / PC running slow

« on: November 21, 2015, 02:57:23 AM »

im having trouble with my PC loading web pages, sometimes it loads fine others it only loads partial pictures sometimes they are completely blank. I don\'t think I have a virus, Im using Avast with Windows firewall, any help you could offer would be much appreciated. I have included my Hijack log.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:59:29 PM, on 11/20/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)

Boot mode: Normal

Running processes:
C:\\Program Files (x86)\\EVGA Precision\\EVGAPrecision.exe
C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe
C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe
C:\\Program Files\\AVAST Software\\Avast\\avastui.exe
C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe
C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe
C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe
C:\\Program Files (x86)\\Steam\\steam.exe
C:\\Program Files (x86)\\Steam\\bin\\steamwebhelper.exe
C:\\Program Files (x86)\\Internet Explorer\\IEXPLORE.EXE
C:\\Users\\Dirtbag\\Desktop\\HijackThis.exe

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.yahoo.com/\'>http://www.yahoo.com/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157\'>http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files (x86)\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\BrowserPlugins\\IE\\rndlbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre1.8.0_66\\bin\\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre1.8.0_66\\bin\\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\\Program Files (x86)\\Windows Live\\Toolbar\\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\\Program Files (x86)\\Windows Live\\Toolbar\\wltcore.dll
O4 - HKLM\\..\\Run: [JMB36X IDE Setup] C:\\Windows\\RaidTool\\xInsIDE.exe
O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"
O4 - HKLM\\..\\Run: [Adobe ARM] \"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"
O4 - HKLM\\..\\Run: [DivXMediaServer] C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe
O4 - HKLM\\..\\Run: [DivXUpdate] \"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW
O4 - HKLM\\..\\Run: [AvastUI.exe] \"C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe\" /nogui
O4 - HKLM\\..\\Run: [Fitbit Connect] \"C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe\" /autorun
O4 - HKLM\\..\\Run: [TkBellExe] \"c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe\" -osboot
O4 - HKLM\\..\\Run: [RealDownloader] C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\downloader2.exe
O4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"
O4 - HKCU\\..\\Run: [Web Companion] C:\\Program Files (x86)\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize
O4 - HKCU\\..\\Run: [Fitbit Connect] \"C:\\Program Files (x86)\\Fitbit Connect\\Fitbit Connect.exe\" /autorun
O4 - HKCU\\..\\Run: [NETGEARGenie] \"C:\\Program Files (x86)\\NETGEAR Genie\\bin\\NETGEARGenie.exe\" -mini -redirect
O4 - Global Startup: RealTimes.lnk = C:\\Program Files (x86)\\Real\\RealPlayer\\RPDS\\Bin\\rpsystray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab\'>http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab\'>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\\System\\CS1\\Services\\Tcpip\\..\\{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\\System\\CS2\\Services\\Tcpip\\..\\{5C735FFA-6AC9-458C-84D7-71BB8BF6FDA3}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\\Program Files (x86)\\Adobe\\Elements Organizer 8.0\\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe
O23 - Service: DAZ Content Management Service (DAZContentManagementService) - Unknown owner - C:\\Program Files\\DAZ 3D\\Content Management Service\\ContentManagementServer.exe
O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)
O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)
O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - C:\\Program Files (x86)\\Fitbit Connect\\FitbitConnectService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\\Program Files (x86)\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\\system32\\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\\Windows\\system32\\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\\Program Files (x86)\\NETGEAR Genie\\bin\\NETGEARGenieDaemon64.exe
O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\\Windows\\system32\\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\\Windows\\system32\\PnkBstrA.exe
O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\\Program Files (x86)\\Real\\UpdateService\\RealPlayerUpdateSvc.exe
O23 - Service: RealTimes Desktop Service - RealNetworks, Inc. - c:\\program files (x86)\\real\\realplayer\\RPDS\\Bin\\rpdsvc.exe
O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)
O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)

--
End of file - 10442 bytes

Tech Clinic / Windows command processor virus,..please help.

« on: May 26, 2014, 10:05:46 PM »

nevermind... I tried the adwcleaner and it cleared up the problem

Tech Clinic / Windows command processor virus,..please help.

« on: May 26, 2014, 06:33:22 PM »

please help I seem to have sucked up the windows command processor virus (I did a little checking on the web) and its currently messing with my internet modem and some functionality of my PC.I have tried to run your hijack this and create a log but when I do it gives me a error and the log is empty, any help u would be willing to give is greatly appreciated.

Pages: [1]

TheTechGuide Forums

News:

Show Posts

Messages - AlaskanSnowman

Tech Clinic / PCIe slot go bad?

Tech Clinic / PCIe slot go bad?

Tech Clinic / PCIe slot go bad?

Tech Clinic / PCIe slot go bad?

Tech Clinic / PCIe slot go bad?

Tech Clinic / PCIe slot go bad?

Tech Clinic / PC running slow

Tech Clinic / PC running slow

Tech Clinic / PC running slow

Tech Clinic / PC running slow

Tech Clinic / PC running slow

Tech Clinic / PC running slow

Tech Clinic / PC running slow

Tech Clinic / Windows command processor virus,..please help.

Tech Clinic / Windows command processor virus,..please help.