1. #1

    Unhappy ColorUService

    I have an ASUS G56Jr running on Windows 8, I am currently having troubles shutting down as ColorUService is constantly preventing my laptop from shutting down and I have to force shut down all the time.

    Is there any way to fix this problem?

    Thanks


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2

    Re: ColorUService

    Here is an attachment of the logs I ran in Command Prompt as I saw from a previous post in the forum the guy used sfc/scannow
    Attached Files Attached Files

  3. #3

    Re: ColorUService

    Please refer to the following and reply accordingly so you can be assisted properly - Malware Removal Posting Instructions

  4. #4

    Re: ColorUService

    Quote Originally Posted by Patrick View Post
    Please refer to the following and reply accordingly so you can be assisted properly - Malware Removal Posting Instructions
    Results of screen317's Security Check version 0.99.96
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Kaspersky Internet Security
    Windows Defender
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java 7 Update 67
    Java version 32-bit out of Date!
    Java 64-bit 8 Update 31
    Adobe Flash Player 16.0.0.305
    Adobe Reader XI
    Mozilla Firefox (35.0.1)
    ````````Process Check: objlist.exe by Laurent````````
    Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe
    Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````



    Addition_06-02-2015_13-30-12.txtFRST_06-02-2015_13-30-13.txt

    Here are the attachments required.

    Thanks for the quick response.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
    Ran by G56 (administrator) on ASUS on 06-02-2015 13:28:44
    Running from C:\Users\G56\Downloads
    Loaded Profiles: G56 (Available profiles: G56)
    Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
    (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    () C:\Program Files\pia_manager\pia_manager.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Spotify Ltd) C:\Users\G56\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (http://www.ruby-lang.org/) C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\bin\rubyw.exe
    () C:\Program Files\pia_manager\pia_manager.exe
    (http://www.ruby-lang.org/) C:\Users\G56\AppData\Local\Temp\ocr854.tmp\bin\rubyw.exe
    () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe
    () C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSService.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
    () C:\Program Files\pia_manager\openvpn.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-17] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()
    HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2014-01-11] (ASUS)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
    HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-29] ( (Qualcomm®Atheros®))
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [Spotify Web Helper] => C:\Users\G56\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\MountPoints2: {87d78ba4-99d8-11e4-827a-54271ea2e5cc} - "F:\HTC_Sync_Manager_PC.exe"
    ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
    SearchScopes: HKU\S-1-5-21-4019362282-2020168261-1634841575-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-4019362282-2020168261-1634841575-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218

    FireFox:
    ========
    FF ProfilePath: C:\Users\G56\AppData\Roaming\Mozilla\Firefox\Profiles\2cvdvbjc.default-1419943619147
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Extension: Adblock Plus - C:\Users\G56\AppData\Roaming\Mozilla\Firefox\Profiles\2cvdvbjc.default-1419943619147\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-30]
    FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
    FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-08-23]
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
    FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-23]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
    FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-08-23]
    FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
    FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-08-23]
    FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
    FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-08-23]

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/d...nlhhddbepgkeaa [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/d...nlhhddbepgkeaa [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-26]
    CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-26]
    CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-26]
    CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-26]
    CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-26]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-29] (Windows (R) Win 7 DDK provider)
    R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-26] (Kaspersky Lab ZAO)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-29] (Atheros) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-29] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
    R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-08-06] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-26] (Kaspersky Lab ZAO)
    S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-05-26] (Kaspersky Lab)
    U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-05-26] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-05-26] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-05-26] (Kaspersky Lab ZAO)
    R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-05-26] (Kaspersky Lab ZAO)
    R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2014-05-26] (Kaspersky Lab ZAO)
    R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
    R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-05-26] (Kaspersky Lab ZAO)
    R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-05-26] (Kaspersky Lab ZAO)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
    R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    S3 cpuz136; \??\C:\Users\G56\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
    U0 msahci; system32\drivers\msahci.sys

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-06 13:28 - 2015-02-06 13:29 - 00026368 _____ () C:\Users\G56\Downloads\FRST.txt
    2015-02-06 13:28 - 2015-02-06 13:28 - 00000000 ____D () C:\FRST
    2015-02-06 13:23 - 2015-02-06 13:23 - 02131968 _____ (Farbar) C:\Users\G56\Downloads\FRST64.exe
    2015-02-06 11:16 - 2015-02-06 13:23 - 00033857 _____ () C:\Windows\WindowsUpdate.log
    2015-02-06 11:11 - 2015-02-06 13:26 - 00001142 _____ () C:\Windows\setupact.log
    2015-02-06 11:11 - 2015-02-06 11:11 - 00001520 _____ () C:\Windows\PFRO.log
    2015-02-06 11:11 - 2015-02-06 11:11 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-06 10:34 - 2015-02-06 10:34 - 00000765 _____ () C:\Users\G56\.pia_manager_crash.log
    2015-02-01 10:38 - 2015-01-31 17:31 - 00001015 _____ () C:\Users\G56\Desktop\Private Internet Access.lnk
    2015-01-31 17:33 - 2015-01-31 17:33 - 00000000 ____D () C:\Users\G56\AppData\Roaming\Titanium
    2015-01-31 17:31 - 2015-01-31 17:31 - 00003146 _____ () C:\Windows\System32\Tasks\Private Internet Access Startup
    2015-01-31 17:31 - 2015-01-31 17:31 - 00000000 ____D () C:\Users\G56\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
    2015-01-31 17:30 - 2015-02-01 02:20 - 00000000 ____D () C:\Program Files\pia_manager
    2015-01-31 17:30 - 2015-01-31 17:31 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2015-01-31 17:29 - 2015-01-31 17:29 - 25723531 _____ () C:\Users\G56\Downloads\installer_win.exe
    2015-01-28 23:02 - 2015-01-28 23:02 - 05135288 _____ (Piriform Ltd) C:\Users\G56\Downloads\spsetup128.exe
    2015-01-27 19:51 - 2015-01-27 19:51 - 00016508 _____ () C:\Users\G56\Desktop\StudentRemoteDesktop-FastBroadband.RDP
    2015-01-26 18:35 - 2015-01-26 18:35 - 00058639 _____ () C:\Users\G56\Downloads\CupDispencerSTEP.zip
    2015-01-26 18:01 - 2015-01-26 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-01-23 03:02 - 2015-01-10 08:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-01-23 03:02 - 2015-01-10 08:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2015-01-23 03:02 - 2015-01-10 08:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2015-01-20 21:47 - 2015-01-20 21:47 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2015-01-20 21:47 - 2015-01-20 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-01-20 21:46 - 2015-01-20 21:47 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
    2015-01-20 21:46 - 2015-01-20 21:47 - 00000000 ____D () C:\Program Files\iTunes
    2015-01-20 21:46 - 2015-01-20 21:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2015-01-20 21:46 - 2015-01-20 21:46 - 00000000 ____D () C:\Program Files\iPod
    2015-01-14 19:37 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-14 19:37 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-14 19:37 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-01-14 19:37 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2015-01-14 19:37 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2015-01-14 19:37 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2015-01-14 19:37 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2015-01-14 19:37 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-14 19:37 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2015-01-14 19:37 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2015-01-14 19:37 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2015-01-14 19:37 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2015-01-14 19:37 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2015-01-14 19:37 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2015-01-14 19:37 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2015-01-14 19:37 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2015-01-14 19:37 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2015-01-14 19:37 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2015-01-14 19:37 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2015-01-14 19:37 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2015-01-14 19:37 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2015-01-14 19:37 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
    2015-01-14 19:37 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2015-01-14 19:37 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-01-14 19:37 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2015-01-14 00:13 - 2014-12-13 10:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
    2015-01-14 00:13 - 2014-12-13 10:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
    2015-01-13 23:58 - 2015-01-13 23:58 - 00000000 ____D () C:\Users\G56\Documents\My Games
    2015-01-13 23:58 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2015-01-13 23:58 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2015-01-13 23:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2015-01-13 23:58 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
    2015-01-13 23:58 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2015-01-13 22:36 - 2015-01-13 22:36 - 00000221 _____ () C:\Users\G56\Desktop\Borderlands 2.url
    2015-01-13 22:36 - 2015-01-13 22:36 - 00000000 ____D () C:\Users\G56\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2015-01-13 22:04 - 2015-02-06 11:41 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-01-13 22:04 - 2015-01-13 22:04 - 00000981 _____ () C:\Users\Public\Desktop\Steam.lnk
    2015-01-13 22:04 - 2015-01-13 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2015-01-13 21:54 - 2015-01-13 21:54 - 01142128 _____ () C:\Users\G56\Downloads\SteamSetup.exe
    2015-01-12 17:47 - 2015-01-12 17:47 - 00000000 ____D () C:\Users\G56\AppData\Roaming\HTC
    2015-01-12 17:46 - 2015-02-06 11:15 - 00000000 ____D () C:\Users\G56\AppData\Local\HTC MediaHub
    2015-01-12 17:46 - 2015-01-12 17:47 - 00000000 ____D () C:\Users\G56\Documents\HTC
    2015-01-12 17:46 - 2015-01-12 17:46 - 00000000 ____D () C:\Users\G56\.android
    2015-01-12 17:45 - 2015-01-12 17:45 - 00002049 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
    2015-01-12 17:45 - 2015-01-12 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
    2015-01-12 17:45 - 2015-01-12 17:45 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
    2015-01-12 17:43 - 2015-01-12 17:43 - 00000000 ____D () C:\Users\G56\AppData\Local\Downloaded Installations
    2015-01-12 17:42 - 2015-01-12 17:45 - 00000000 ____D () C:\Program Files (x86)\HTC
    2015-01-12 17:41 - 2015-01-23 03:06 - 00000000 ____D () C:\Temp
    2015-01-12 17:41 - 2015-01-12 17:41 - 00000000 ____D () C:\ProgramData\HTC
    2015-01-12 17:37 - 2015-01-12 17:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
    2015-01-07 13:49 - 2015-01-07 13:49 - 05317104 _____ (Piriform Ltd) C:\Users\G56\Downloads\ccsetup501.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-06 13:29 - 2013-12-17 05:44 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-02-06 13:24 - 2014-09-26 14:15 - 00004950 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ASUS-G56 ASUS
    2015-02-06 13:22 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-02-06 12:16 - 2014-08-12 02:28 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4019362282-2020168261-1634841575-1001
    2015-02-06 11:57 - 2014-10-18 15:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-06 11:20 - 2014-08-12 02:24 - 00000000 ____D () C:\Users\G56\AppData\Roaming\WebStorage
    2015-02-06 11:17 - 2014-08-12 18:24 - 00000073 _____ () C:\Users\G56\AppData\Roaming\sp_data.sys
    2015-02-06 11:16 - 2014-09-26 14:19 - 00000000 ___DO () C:\Users\G56\OneDrive
    2015-02-06 11:15 - 2014-08-23 05:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2015-02-06 11:11 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-06 11:10 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
    2015-02-06 10:54 - 2014-10-12 10:41 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-02-06 10:49 - 2014-08-12 02:39 - 00000000 ____D () C:\Users\G56\AppData\Local\Google
    2015-02-06 10:34 - 2014-08-12 18:22 - 00000000 ____D () C:\Users\G56
    2015-02-06 10:32 - 2014-08-12 02:36 - 00003902 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{613383B4-8494-453F-B8FF-3F7B35067DE1}
    2015-02-06 00:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
    2015-02-05 18:56 - 2014-09-24 13:38 - 00000000 ____D () C:\Users\G56\Desktop\University Stuff
    2015-02-05 17:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-02-05 00:01 - 2014-10-08 20:06 - 00000000 ____D () C:\Users\G56\AppData\Roaming\Spotify
    2015-02-04 19:58 - 2014-10-18 15:42 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-04 17:18 - 2014-10-08 20:07 - 00000000 ____D () C:\Users\G56\AppData\Local\Spotify
    2015-02-01 01:32 - 2014-09-13 14:07 - 00000000 ____D () C:\Users\G56\AppData\Local\CrashDumps
    2015-01-30 23:34 - 2014-08-22 12:39 - 00000000 ____D () C:\Asus WebStorage
    2015-01-28 23:04 - 2014-08-12 11:38 - 00000810 _____ () C:\Users\Public\Desktop\Speccy.lnk
    2015-01-28 23:03 - 2014-08-12 11:38 - 00000000 ____D () C:\Program Files\Speccy
    2015-01-28 15:48 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-01-26 23:32 - 2014-08-12 02:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-01-25 16:19 - 2014-08-19 07:19 - 00000000 ____D () C:\Users\G56\Desktop\BSP
    2015-01-25 15:56 - 2014-08-12 18:22 - 00000000 ____D () C:\Users\G56\AppData\Local\Packages
    2015-01-24 20:20 - 2014-11-13 23:37 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-01-24 20:20 - 2014-11-13 23:37 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-01-23 03:06 - 2014-05-20 14:43 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-01-21 02:24 - 2014-08-12 02:48 - 00000000 ____D () C:\Users\G56\AppData\Roaming\Apple Computer
    2015-01-20 21:46 - 2014-08-29 01:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2015-01-20 21:46 - 2014-08-12 02:48 - 00000000 ____D () C:\ProgramData\Apple Computer
    2015-01-20 21:46 - 2014-08-12 02:47 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2015-01-16 06:41 - 2014-10-12 11:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2015-01-16 06:41 - 2014-10-12 11:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2015-01-16 06:41 - 2014-10-12 11:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2015-01-16 06:41 - 2014-10-12 11:40 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2015-01-15 14:20 - 2014-08-15 12:55 - 00000000 ____D () C:\Windows\system32\MRT
    2015-01-15 14:12 - 2014-08-15 12:55 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-01-14 00:05 - 2013-08-22 14:44 - 05099192 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-12 17:46 - 2014-08-12 02:48 - 00000000 ____D () C:\Users\G56\AppData\Local\Apple Computer
    2015-01-10 08:07 - 2014-05-20 14:42 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2015-01-10 08:07 - 2014-05-20 14:42 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
    2015-01-09 23:30 - 2014-05-20 14:43 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2015-01-09 23:30 - 2014-05-20 14:43 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2015-01-09 23:29 - 2014-05-20 14:43 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2015-01-09 23:29 - 2014-05-20 14:43 - 01097872 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2015-01-09 23:29 - 2014-05-20 14:43 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2015-01-09 23:29 - 2014-05-20 14:43 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2015-01-09 23:29 - 2014-05-20 14:43 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2015-01-09 23:29 - 2014-05-20 14:43 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2015-01-09 20:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\LiveKernelReports
    2015-01-09 19:47 - 2014-05-20 14:43 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
    2015-01-07 13:50 - 2014-08-12 02:53 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-01-07 13:50 - 2014-08-12 02:53 - 00000000 ____D () C:\Program Files\CCleaner

    ==================== Files in the root of some directories =======

    2014-08-12 18:24 - 2015-02-06 11:17 - 0000073 _____ () C:\Users\G56\AppData\Roaming\sp_data.sys
    2014-11-23 19:42 - 2014-11-23 21:53 - 0000337 _____ () C:\Users\G56\AppData\Local\Perfmon.PerfmonCfg
    2014-05-20 14:45 - 2014-05-20 14:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2013-12-17 05:36 - 2012-09-07 11:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2013-12-17 05:36 - 2009-07-22 10:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2013-12-17 05:36 - 2012-09-07 11:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
    2014-05-20 15:02 - 2014-05-20 15:02 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2014-05-20 15:01 - 2014-05-20 15:02 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
    2014-05-20 15:00 - 2014-05-20 15:01 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

    Files to move or delete:
    ====================
    C:\ProgramData\SetStretch.exe
    C:\ProgramData\SetStretch.VBS


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-05 18:08

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
    Ran by G56 at 2015-02-06 13:29:38
    Running from C:\Users\G56\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ASUS Video Magic 10 (x32 Version: 10.0.0.8404 - CyberLink Corp.) Hidden
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.7 - ASUS)
    ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.5 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
    ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
    ASUS Video Magic (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0.0.8404 - CyberLink Corp.)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5920.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.5920.52 - CyberLink Corp.) Hidden
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
    Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
    Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
    Canon MG3200 series User Registration (HKLM-x32\...\Canon MG3200 series User Registration) (Version: - Canon Inc.‎)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
    Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
    Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
    K-Lite Codec Pack 9.9.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.0 - )
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
    SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
    Spotify (HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)
    WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent)
    Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
    WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    21-01-2015 14:51:41 Scheduled Checkpoint
    28-01-2015 15:47:06 Windows Update
    06-02-2015 12:25:13 Scheduled Checkpoint

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0AEB1AD9-2077-4747-82BD-F3EA21F71F23} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-22] (Realtek Semiconductor)
    Task: {16F2340E-81B0-47D7-A978-57DDF9863E23} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
    Task: {203E99D8-F56C-4B96-9942-2ACF44AA0E29} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
    Task: {30153512-9105-475E-BB36-4CCC3E51CF5F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
    Task: {422B8578-5B27-4A13-9D72-33D9147CAB78} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-13] (Realtek Semiconductor)
    Task: {428345A3-C5F1-44C2-82D2-E234FDC24AC8} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
    Task: {4487FDCC-FC5B-44B9-9300-D75FBB58656E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
    Task: {510AB47F-C414-434C-8E9C-659EB8370705} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
    Task: {563F345D-F690-4CD8-B652-42AC030B4921} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
    Task: {77BBEC57-3CBD-4EC1-B273-23762D16CD0A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ASUS-G56 ASUS => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
    Task: {87B08D0F-5C77-467A-9FF0-46ED314E731C} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
    Task: {8EB0141A-EE5E-4C55-953F-33917C6530F0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
    Task: {8EE01D3D-156C-4AFA-9A18-8114439F009E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {932E260A-D78C-4FB3-8484-1D342C19ABCD} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-01-31] ()
    Task: {A77DC966-07B9-47A1-9706-9E7A69525DB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
    Task: {AF3ADAEF-A04C-4762-BFFB-69F0B3567791} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
    Task: {B06BEE96-7B98-4D4E-9175-DFFFF6C2106E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
    Task: {B13A05C4-8B5B-4581-BD7D-CD40E11ACDB5} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
    Task: {EBC37F14-C2FD-44BE-8891-9F4CFC3F5120} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {F8C1017B-6B6D-46F6-B502-5D3FC62A3940} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
    Task: {FAE45A2E-A3B9-4903-B740-D4CDE9E07C71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
    Task: {FF3F379E-E02C-4C89-B791-4D04450E5BDE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) ==============

    2014-05-20 14:43 - 2015-01-09 23:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-09-26 10:09 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2013-08-29 23:01 - 2013-08-29 23:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2014-11-21 22:59 - 2014-09-23 13:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
    2014-08-12 02:38 - 2009-12-12 22:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
    2014-12-18 15:10 - 2014-12-18 15:10 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    2013-11-29 05:35 - 2013-11-29 05:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2013-11-29 05:32 - 2013-11-29 05:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
    2013-11-29 05:38 - 2013-11-29 05:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2014-05-20 15:02 - 2013-05-15 21:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
    2015-01-31 17:30 - 2015-01-31 17:31 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
    2014-12-04 07:37 - 2014-12-04 07:37 - 01358120 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSService.exe
    2014-11-21 22:59 - 2014-11-21 22:59 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream64.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00690176 _____ () C:\Program Files\pia_manager\openvpn.exe
    2015-01-31 17:30 - 2015-01-31 17:31 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
    2014-07-31 04:16 - 2014-07-31 04:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-06-17 04:35 - 2013-06-17 04:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
    2013-05-08 06:52 - 2013-05-08 06:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
    2014-12-18 15:06 - 2014-12-18 15:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
    2014-12-18 15:08 - 2014-12-18 15:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
    2014-12-18 15:09 - 2014-12-18 15:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
    2014-12-18 15:08 - 2014-12-18 15:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
    2014-12-18 15:09 - 2014-12-18 15:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
    2014-12-18 15:11 - 2014-12-18 15:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
    2014-12-18 15:14 - 2014-12-18 15:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
    2014-05-20 14:50 - 2013-10-23 20:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2013-09-10 01:23 - 2013-09-10 01:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
    2013-10-09 03:41 - 2013-10-09 03:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
    2015-01-13 22:08 - 2014-12-01 21:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2015-01-13 22:08 - 2014-12-01 21:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2015-01-13 22:08 - 2014-12-01 21:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2015-01-13 22:08 - 2014-12-01 21:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2015-01-13 22:09 - 2014-11-11 18:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2015-01-19 21:50 - 2014-12-02 00:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
    2015-01-13 22:09 - 2015-01-23 22:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
    2015-01-19 21:50 - 2014-12-02 00:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2015-01-19 21:50 - 2014-12-02 00:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2015-01-13 22:08 - 2014-12-01 21:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2015-01-13 22:08 - 2015-01-23 22:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2015-01-13 22:08 - 2015-01-15 23:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2015-02-06 11:16 - 2015-02-06 11:16 - 00012800 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00009728 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00014848 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
    2015-02-06 11:15 - 2015-02-06 11:15 - 00094208 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\src\rgloader\rgloader193.mswin.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00009216 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00094208 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00126976 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00087552 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00016384 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00127316 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\bin\libffi-6.dll
    2015-02-06 11:16 - 2015-02-06 11:16 - 00008704 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00013312 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00095744 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00026624 _____ () C:\Users\G56\AppData\Local\Temp\ocrAFB9.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00012800 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00009728 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00014848 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00094208 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\src\rgloader\rgloader193.mswin.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00094208 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00118784 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00069120 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00083968 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\bin\zlib1.dll
    2015-02-06 11:16 - 2015-02-06 11:16 - 00026624 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00275968 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00015360 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00008192 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00009216 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00023552 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00008704 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00008704 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00008704 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00008704 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00036352 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00126976 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00087552 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00016384 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00127316 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\bin\libffi-6.dll
    2015-02-06 11:16 - 2015-02-06 11:16 - 00013312 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00095744 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
    2015-02-06 11:16 - 2015-02-06 11:16 - 00026624 _____ () C:\Users\G56\AppData\Local\Temp\ocr854.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
    2015-01-31 17:30 - 2015-01-31 17:31 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
    2015-01-31 17:30 - 2015-01-31 17:31 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
    2015-01-26 18:01 - 2015-01-26 18:01 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\G56\OneDrive:ms-properties

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Registry Areas =====================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\G56\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\StartupApproved\Run: => "Spotify"

    ==================== Accounts: =============================

    Administrator (S-1-5-21-4019362282-2020168261-1634841575-500 - Administrator - Disabled)
    G56 (S-1-5-21-4019362282-2020168261-1634841575-1001 - Administrator - Enabled) => C:\Users\G56
    Guest (S-1-5-21-4019362282-2020168261-1634841575-501 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/06/2015 00:20:37 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

    Error: (02/06/2015 11:08:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ASUS)
    Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (02/06/2015 10:45:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program firefox.exe version 35.0.1.5500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1a40

    Start Time: 01d041f9b227feca

    Termination Time: 658

    Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    Report Id: 38ca0ce2-aded-11e4-8280-54271ea2e5cc

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (02/06/2015 10:40:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ASUS)
    Description: Activation of app winstore_cw5n1h2txyewy!Windows.Store failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (02/06/2015 10:40:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program WWAHost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2f8

    Start Time: 01d041f938f8c80f

    Termination Time: 4294967295

    Application Path: C:\Windows\System32\WWAHost.exe

    Report Id: 7ccfa6d7-adec-11e4-8280-54271ea2e5cc

    Faulting package full name: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

    Faulting package-relative application ID: Windows.Store

    Error: (02/06/2015 10:39:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ASUS)
    Description: App winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store did not launch within its allotted time.

    Error: (02/06/2015 00:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15078

    Error: (02/06/2015 00:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15078

    Error: (02/06/2015 00:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/05/2015 06:15:36 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.


    System errors:
    =============
    Error: (02/06/2015 11:10:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NvNetworkService service.

    Error: (02/06/2015 11:10:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.

    Error: (02/06/2015 11:10:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Asus WebStorage Windows Service service.

    Error: (02/06/2015 11:09:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Superfetch service terminated with the following error:
    %%1062

    Error: (02/06/2015 11:09:06 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

    Error: (02/06/2015 11:09:00 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (02/06/2015 11:09:00 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

    Error: (02/06/2015 11:08:56 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (02/06/2015 11:08:55 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

    Error: (02/06/2015 11:08:54 AM) (Source: DCOM) (EventID: 10010) (User: ASUS)
    Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca


    Microsoft Office Sessions:
    =========================
    Error: (02/06/2015 00:20:37 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe

    Error: (02/06/2015 11:08:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ASUS)
    Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

    Error: (02/06/2015 10:45:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.1.55001a4001d041f9b227feca658C:\Program Files (x86)\Mozilla Firefox\firefox.exe38ca0ce2-aded-11e4-8280-54271ea2e5cc

    Error: (02/06/2015 10:40:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ASUS)
    Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

    Error: (02/06/2015 10:40:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: WWAHost.exe6.3.9600.170312f801d041f938f8c80f4294967295C:\Windows\System32\WWAHost.exe7ccfa6d7-adec-11e4-8280-54271ea2e5ccwinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store

    Error: (02/06/2015 10:39:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ASUS)
    Description: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store

    Error: (02/06/2015 00:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15078

    Error: (02/06/2015 00:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15078

    Error: (02/06/2015 00:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/05/2015 06:15:36 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe


    CodeIntegrity Errors:
    ===================================
    Date: 2014-08-23 09:48:18.066
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2014-08-23 09:48:17.711
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2014-08-21 15:03:41.411
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2014-08-21 15:03:41.255
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
    Last edited by Corrine; 02-07-2015 at 07:15 PM. Reason: Add Logs

  5. #5
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,717

    Re: ColorUService

    Hi, segal. Welcome to Sysnative.

    The issue you are having does not appear to be a security issue. However, before I point you to the instructions, please note that you have an out-dated version of Java on your computer. Although most people do not need Java (see Java, The Never-Ending Saga, if you do for online gaming and the like, you should at least uninstall the old version, Java 7 Update 31.

    As to the ASUS ColorUService, corruptions with the CNBJ2530.DPB file appear to be common in Windows 8 and 8.1. Reproduced below are the fevised instructions for this issue from GUIDE: CNBJ2530.DPB and prncacla.inf Corruptions - Windows 8/8.1.

    Use DISM -

    1. Press the Windows Key on your keyboard and X to open up the Power User Tasks Menu
    2. Click (or tap) Command Prompt (admin)
    3. When command prompt opens, copy and paste the following commands into it, press enter after each

      DISM.exe /Online /Cleanup-image /Restorehealth

      Wait for this to finish before you continue (approximately 15-20 minutes)

      sfc /scannow
      Wait for this to finish before you continue (approximately another 15 minutes)


    If this does not solve your problem, please let us know.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  6. #6
    niemiro's Avatar
    Join Date
    Mar 2012
    Location
    District 12
    Posts
    7,852

    Re: ColorUService

    Further to Corrine's advice, if DISM stills at 40%, also please let us know. At the present time there is a bug in DISM (which we're currently trying to specifically identify so that we can report it to MS) which is causing DISM to stall on certain computers with a particular installed update from the last patch Tuesday (we're still trying to figure out which one). Since your computer does not have a Windows Update issue, and so it's likely you've got all Windows Updates installed, you're in a fairly high risk category for DISM stalling. It won't cause any issues though, we'll just fix the corruption manually if we need to.

    Richard
    Corrine says thanks for this.

  7. #7

    Re: ColorUService

    It didn't work ColorUService still prevents me from shutting down but it didn't stall at 40% though so I did all the steps as suggested. Thanks

  8. #8
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,717

    Re: ColorUService

    Hi, segal.

    Since that didn't work, I edited your post and pasted your logs rather than jumping back and forth between Notepad and the browser to do research. While doing that research, I ran across a similar situation as yours with ColorU preventing shutdown. Strangely, merely removing adware solved that person's problem. So, what I'd like you to do is follow the instructions below and we'll see if it helps.

    1. Please do the following to run FRST:
    • Click Start
    • Type notepad.exe in the search programs and files box and click Enter.
    • A blank Notepad page should open.
      • Copy/Paste the contents of the code box below, beginning with "start" and including "end" into Notepad.

    Code:
    start
    CreateRestorePoint:
    CloseProcesses:
    EmptyTemp:
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [AdobeBridge] => [X]
    C:\ProgramData\SetStretch.exe
    C:\ProgramData\SetStretch.VBS 
    C:\ProgramData\DP45977C.lfl
    C:\ProgramData\SetStretch.cmd
    CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/d...nlhhddbepgkeaa [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/d...nlhhddbepgkeaa [Not Found]
    end
    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt



    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
      • Press the Fix button once and wait.
      • FRST will process fixlist.txt
      • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
      • Please copy/paste the the log in your next reply.


    2. FRST will automatically restart your computer. However, it will have closed all processes. Thus, after your computer restarts, please shut down/restart again. Let me know if you had to end the ColorU Service or if the computer shut down normally.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  9. #9

    Re: ColorUService

    It shutdown without having to end ColorUService, thanks so much.

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2015
    Ran by G56 at 2015-02-08 10:47:33 Run:1
    Running from C:\Users\G56\Downloads\Farbar
    Loaded Profiles: G56 (Available profiles: G56)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    EmptyTemp:
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\...\Run: [AdobeBridge] => [X]
    C:\ProgramData\SetStretch.exe
    C:\ProgramData\SetStretch.VBS
    C:\ProgramData\DP45977C.lfl
    C:\ProgramData\SetStretch.cmd
    CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/d...nlhhddbepgkeaa [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/d...nlhhddbepgkeaa [Not Found]
    end
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    HKU\S-1-5-21-4019362282-2020168261-1634841575-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
    C:\ProgramData\SetStretch.exe => Moved successfully.
    C:\ProgramData\SetStretch.VBS => Moved successfully.
    C:\ProgramData\DP45977C.lfl => Moved successfully.
    C:\ProgramData\SetStretch.cmd => Moved successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa" => Key deleted successfully.
    EmptyTemp: => Removed 426.7 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog 10:48:44 ====

  10. #10
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,717

    Re: ColorUService

    That is great news!

    If you haven't yet, please be sure to uninstall the outdated Java 7 Update 31, mentioned previously.

    Let's take care of removing the tools used. Please download Delfix from here.

    Ensure the following boxes are checked:
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Click Run


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Log in

Log in