Jump to content

lpmxp malware asking to update Windows Media Player


Recommended Posts

Being a noob I evidently posted in the wrong forum located at https://forums.malwarebytes.org/index.php?/topic/154105-lpmxp-is-wanting-to-update-windows-media-player/. Issue is that I am being asked to update Windows Media Player from a non-Microsoft Windows website. I have run my Malwarebytes Anti Malware (Premium) 2.0.2.1012 and have received a "System Fully Protected".

 

I was asked to repost here on this forum and to copy and paste the FRST.TXT and ADDITION.TXT. So here goes...

 

FRST.TXT:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by kholloway (administrator) on KHOLLOWAY-PC on 31-07-2014 12:24:30
Running from C:\Users\kholloway\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
(KYOCERA MITA CORPORATION) C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(KYOCERA MITA Corporation) C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Spotify Ltd) C:\Users\kholloway\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(KYOCERA MITA Corporation) C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\mspub.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Firetrust Ltd) C:\Program Files (x86)\FireTrust\MailWasher Pro\MailWasher.exe
(Microsoft Corporation) C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\mspub.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-13] (IDT, Inc.)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7469568 2012-01-18] (Dell Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [381296 2011-12-08] (Wave Systems Corp.)
HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\Run: [iSUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\Run: [spotify Web Helper] => C:\Users\kholloway\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-01-28] (Spotify Ltd)
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\Run: [AdobeBridge] => C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe [13145448 2008-08-28] (Adobe Systems, Inc.)
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\Run: [skyDrive] => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-07-30] (Microsoft Corporation)
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\RunOnce: [uninstall C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618"
HKU\S-1-5-21-1915709852-3685380495-697511374-1001\...\Policies\Explorer: []
Lsa: [Authentication Packages] msv1_0 wvauth
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner File Utility.lnk
ShortcutTarget: Scanner File Utility.lnk -> C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe (KYOCERA MITA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\kholloway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\kholloway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\scanner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13-comm.msn.com
SearchScopes: HKLM - DefaultScope {019CA2C9-951D-4FFF-85F8-1BAFF33E5997} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM - {019CA2C9-951D-4FFF-85F8-1BAFF33E5997} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {019CA2C9-951D-4FFF-85F8-1BAFF33E5997} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM-x32 - {019CA2C9-951D-4FFF-85F8-1BAFF33E5997} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {019CA2C9-951D-4FFF-85F8-1BAFF33E5997} URL =
SearchScopes: HKCU - {019CA2C9-951D-4FFF-85F8-1BAFF33E5997} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll No File
Hosts: 127.0.0.1                activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\kholloway\AppData\Roaming\Mozilla\Firefox\Profiles\whrvd3uz.default
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072313&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\kholloway\AppData\Roaming\Mozilla\Firefox\Profiles\whrvd3uz.default\user.js
FF SearchPlugin: C:\Users\kholloway\AppData\Roaming\Mozilla\Firefox\Profiles\whrvd3uz.default\searchplugins\bingp.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\kholloway\AppData\Roaming\Mozilla\Firefox\Profiles\whrvd3uz.default\Extensions\artur.dubovoy@gmail.com [2014-05-10]
FF Extension: DownloadHelper - C:\Users\kholloway\AppData\Roaming\Mozilla\Firefox\Profiles\whrvd3uz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=072313"
CHR DefaultSearchKeyword: bing.com
CHR DefaultNewTabURL: https://www.bing.com/chrome/newtab?setmkt=en-US
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-09]
CHR Extension: (YouTube) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google Search) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (Skype Click to Call) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-23]
CHR Extension: (Google Wallet) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\kholloway\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [163840 2011-11-30] (Broadcom Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-07] (CrypKey (Canada) Ltd.) [File not signed]
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [218504 2012-01-17] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 SFUSVC; C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe [61440 2003-09-16] (KYOCERA MITA CORPORATION) [File not signed]
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1679872 2012-01-05] (Wave Systems Corp.) [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6157312 2012-01-18] (Dell Inc.) [File not signed]
S3 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [198144 2012-01-16] (Wave Systems Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec) [File not signed]
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-12-15] (Broadcom Corporation.)
R2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
R2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
R0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
R2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
R2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2011-11-04] (STMicroelectronics)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 12:24 - 2014-07-31 12:25 - 00035749 _____ () C:\Users\kholloway\Desktop\FRST.txt
2014-07-31 12:24 - 2014-07-31 12:24 - 00000000 ____D () C:\FRST
2014-07-31 12:24 - 2014-07-31 12:23 - 02094080 _____ (Farbar) C:\Users\kholloway\Desktop\FRST64.exe
2014-07-31 12:23 - 2014-07-31 12:23 - 02094080 _____ (Farbar) C:\Users\kholloway\Downloads\FRST64.exe
2014-07-31 11:34 - 2014-07-31 11:34 - 00149043 _____ () C:\Users\kholloway\Desktop\Malwarebytes Screen.psp
2014-07-30 18:21 - 2014-07-30 18:21 - 00000165 ____H () C:\Users\kholloway\Documents\~$2013-2014 Nomination Committee Final.xlsx
2014-07-30 14:24 - 2014-07-30 14:24 - 00000000 ____D () C:\Users\kholloway\Downloads\nothing-but-the-blood
2014-07-30 14:22 - 2014-07-30 14:22 - 18099739 _____ () C:\Users\kholloway\Downloads\nothing-but-the-blood.zip
2014-07-30 14:19 - 2014-07-30 14:20 - 20172957 _____ () C:\Users\kholloway\Downloads\smoky-mountain-gospel-medley.zip
2014-07-30 14:19 - 2014-07-30 14:19 - 11559393 _____ () C:\Users\kholloway\Downloads\jesus-loves-me.zip
2014-07-30 13:39 - 2014-07-30 13:39 - 00121568 _____ () C:\Users\kholloway\Desktop\University of Wisconsin Division 1 Hip Hop 2014.sfk
2014-07-30 13:38 - 2014-07-30 13:38 - 15552672 _____ () C:\Users\kholloway\Desktop\University of Wisconsin Division 1 Hip Hop 2014.WAV
2014-07-30 12:15 - 2014-07-30 12:16 - 00142048 _____ () C:\Users\kholloway\Desktop\West Springfield 2013 Hip Hop.sfk
2014-07-30 12:14 - 2014-07-30 12:15 - 00137520 _____ () C:\Users\kholloway\Desktop\Mepham High School Pom 2014.sfk
2014-07-30 12:13 - 2014-07-30 12:13 - 17594136 _____ () C:\Users\kholloway\Desktop\Mepham High School Pom 2014.WAV
2014-07-30 11:58 - 2014-07-30 11:58 - 18173310 _____ () C:\Users\kholloway\Desktop\West Springfield 2013 Hip Hop.WAV
2014-07-30 11:01 - 2014-07-30 11:02 - 15785702 _____ () C:\Users\kholloway\Downloads\_y_o_you-are-my-shelter.zip
2014-07-30 09:36 - 2014-07-30 10:16 - 00000000 ____D () C:\Users\kholloway\Desktop\Cowboy
2014-07-29 10:07 - 2014-07-29 10:07 - 05355335 _____ () C:\Users\kholloway\Downloads\WesternCowboyClassroomTheme.zip
2014-07-29 10:07 - 2014-07-29 10:07 - 00000000 ____D () C:\Users\kholloway\Downloads\WesternCowboyClassroomTheme
2014-07-28 12:32 - 2014-07-28 12:33 - 00013028 _____ () C:\Users\kholloway\Desktop\Emails for Teaching Leadership.xlsx
2014-07-28 12:13 - 2014-07-28 12:13 - 00011385 _____ () C:\Users\kholloway\Desktop\Teaching Leadership.xls
2014-07-28 09:31 - 2014-07-28 09:31 - 01269280 _____ () C:\Users\kholloway\Downloads\1st set - Choir(1).zip
2014-07-28 09:30 - 2014-07-28 09:31 - 01761969 _____ () C:\Users\kholloway\Downloads\1st set - Choir Director(1).zip
2014-07-28 09:30 - 2014-07-28 09:30 - 01269280 _____ () C:\Users\kholloway\Downloads\1st set - Choir.zip
2014-07-28 09:29 - 2014-07-28 09:29 - 01761969 _____ () C:\Users\kholloway\Downloads\1st set - Choir Director.zip
2014-07-28 09:28 - 2014-07-28 09:29 - 01028573 _____ () C:\Users\kholloway\Downloads\Rehearsal Accompaniments.zip
2014-07-26 17:22 - 2014-07-26 17:31 - 06684672 _____ () C:\Users\kholloway\Desktop\Partnership Volunteer Missions Dabase - Jan 2014.mdb
2014-07-25 12:38 - 2014-07-25 12:38 - 00001823 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-25 12:38 - 2014-07-25 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-25 12:37 - 2014-07-25 12:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-25 12:37 - 2014-07-25 12:38 - 00000000 ____D () C:\Program Files\iTunes
2014-07-25 12:37 - 2014-07-25 12:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-25 12:37 - 2014-07-25 12:37 - 00000000 ____D () C:\Program Files\iPod
2014-07-25 09:36 - 2014-07-27 12:07 - 00000000 ____D () C:\Users\kholloway\Desktop\Thunder Storm
2014-07-22 11:41 - 2014-07-22 11:41 - 01009149 _____ () C:\Users\kholloway\Downloads\FFF-Tusj(1).zip
2014-07-22 11:41 - 2014-07-22 11:41 - 00000000 ____D () C:\Users\kholloway\Downloads\FFF-Tusj(1)
2014-07-22 11:22 - 2014-07-22 11:22 - 00067076 _____ () C:\Users\kholloway\Downloads\bergamot_ornaments.zip
2014-07-22 11:22 - 2014-07-22 11:22 - 00000000 ____D () C:\Users\kholloway\Downloads\bergamot_ornaments
2014-07-22 11:16 - 2014-07-22 11:16 - 00000000 ____D () C:\Users\kholloway\Downloads\return_to_sender
2014-07-22 11:15 - 2014-07-22 11:16 - 00404889 _____ () C:\Users\kholloway\Downloads\return_to_sender.zip
2014-07-22 10:37 - 2014-07-22 10:37 - 00606479 _____ () C:\Users\kholloway\Downloads\fontscafe_chalk-hand-lettering-shaded-dem.zip
2014-07-22 10:37 - 2014-07-22 10:37 - 00000000 ____D () C:\Users\kholloway\Downloads\fontscafe_chalk-hand-lettering-shaded-dem
2014-07-21 13:43 - 2014-07-21 15:47 - 00000000 ____D () C:\Users\kholloway\Desktop\Answers In Genesis
2014-07-20 11:54 - 2014-07-20 12:06 - 48872795 _____ () C:\Users\kholloway\Desktop\Crosstimbers 2014 Facebook.mp4
2014-07-17 15:25 - 2014-07-17 17:12 - 00000000 ____D () C:\Users\kholloway\Desktop\CrossTimbers Resizes
2014-07-17 10:14 - 2014-07-17 10:45 - 526942591 _____ () C:\Users\kholloway\Desktop\Crosstimbers 2014.mp4
2014-07-15 09:22 - 2014-07-15 09:56 - 00000000 ____D () C:\Users\kholloway\Desktop\Sony
2014-07-14 19:22 - 2014-07-25 09:35 - 00000000 ____D () C:\Users\kholloway\Desktop\Crosstimbers 2014
2014-07-11 19:38 - 2014-07-15 12:52 - 00000000 ____D () C:\Users\kholloway\Desktop\GoPro
2014-07-10 15:10 - 2014-07-28 12:18 - 00026363 _____ () C:\Users\kholloway\Documents\2013-2014 Nomination Committee Final.xlsx
2014-07-10 13:24 - 2014-07-10 15:43 - 00104448 _____ () C:\Users\kholloway\Documents\2014-15 Nominating Committee Letter.pub
2014-07-09 17:17 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 17:17 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 17:14 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 17:14 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 17:14 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 17:13 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 17:13 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 17:12 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 17:12 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 17:12 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 17:11 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 17:11 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 17:11 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 17:11 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 17:11 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 17:11 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 17:11 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 17:11 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 17:11 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 17:11 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 17:11 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 17:11 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 17:11 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 17:11 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 17:11 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 17:11 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 17:11 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 17:11 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 17:11 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 17:11 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 17:11 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 17:11 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 17:11 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 17:11 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 17:11 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 17:11 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 17:11 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 17:11 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 17:11 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 17:11 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 17:11 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 17:11 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 17:11 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 17:11 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 17:11 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 17:11 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 17:11 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 17:11 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 17:11 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 17:11 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 17:11 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 17:11 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 17:11 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 17:11 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 17:11 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 17:11 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 17:11 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 17:11 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 17:11 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 17:11 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 17:11 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 17:11 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 17:11 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 17:11 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 17:11 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 17:11 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 17:10 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 17:10 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 17:10 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-05 18:09 - 2014-07-05 18:09 - 44797440 _____ () C:\Users\kholloway\Documents\The Presence of the Lord is Here.ppt
2014-07-05 17:50 - 2014-07-05 17:50 - 01138240 _____ () C:\Windows\Minidump\070514-21855-01.dmp
2014-07-04 14:24 - 2014-07-04 14:28 - 00000000 ____D () C:\Users\kholloway\Desktop\Sarah
2014-07-03 10:34 - 2014-07-05 18:02 - 47223902 _____ () C:\Users\kholloway\Documents\The Presence of the Lord is Here.pptx
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\Users\kholloway\Downloads\godblessamerica_480p_mpg
2014-07-02 14:02 - 2014-07-02 14:06 - 00000000 ____D () C:\Users\kholloway\Downloads\freeindeedindependenceday_480p_mpg
2014-07-02 13:47 - 2014-07-02 13:50 - 83562423 _____ () C:\Users\kholloway\Downloads\godblessamerica_480p_mpg.zip
2014-07-02 13:47 - 2014-07-02 13:48 - 31713056 _____ () C:\Users\kholloway\Downloads\freeindeedindependenceday_480p_mpg.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 12:25 - 2014-07-31 12:24 - 00035749 _____ () C:\Users\kholloway\Desktop\FRST.txt
2014-07-31 12:24 - 2014-07-31 12:24 - 00000000 ____D () C:\FRST
2014-07-31 12:23 - 2014-07-31 12:24 - 02094080 _____ (Farbar) C:\Users\kholloway\Desktop\FRST64.exe
2014-07-31 12:23 - 2014-07-31 12:23 - 02094080 _____ (Farbar) C:\Users\kholloway\Downloads\FRST64.exe
2014-07-31 12:19 - 2014-04-11 15:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-31 12:16 - 2012-12-15 06:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 11:34 - 2014-07-31 11:34 - 00149043 _____ () C:\Users\kholloway\Desktop\Malwarebytes Screen.psp
2014-07-31 11:28 - 2012-12-21 16:00 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-31 10:43 - 2012-12-23 18:07 - 00000000 ____D () C:\Users\kholloway\AppData\Roaming\MailWasherPro
2014-07-31 09:31 - 2012-12-15 06:03 - 01505161 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 09:29 - 2012-12-21 16:00 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 09:20 - 2009-07-13 23:51 - 00170465 _____ () C:\Windows\setupact.log
2014-07-30 18:33 - 2013-02-14 17:43 - 00005004 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for kholloway-PC-kholloway kholloway-PC
2014-07-30 18:21 - 2014-07-30 18:21 - 00000165 ____H () C:\Users\kholloway\Documents\~$2013-2014 Nomination Committee Final.xlsx
2014-07-30 14:24 - 2014-07-30 14:24 - 00000000 ____D () C:\Users\kholloway\Downloads\nothing-but-the-blood
2014-07-30 14:22 - 2014-07-30 14:22 - 18099739 _____ () C:\Users\kholloway\Downloads\nothing-but-the-blood.zip
2014-07-30 14:20 - 2014-07-30 14:19 - 20172957 _____ () C:\Users\kholloway\Downloads\smoky-mountain-gospel-medley.zip
2014-07-30 14:19 - 2014-07-30 14:19 - 11559393 _____ () C:\Users\kholloway\Downloads\jesus-loves-me.zip
2014-07-30 13:39 - 2014-07-30 13:39 - 00121568 _____ () C:\Users\kholloway\Desktop\University of Wisconsin Division 1 Hip Hop 2014.sfk
2014-07-30 13:38 - 2014-07-30 13:38 - 15552672 _____ () C:\Users\kholloway\Desktop\University of Wisconsin Division 1 Hip Hop 2014.WAV
2014-07-30 13:38 - 2012-12-23 22:08 - 00000000 ____D () C:\Users\kholloway\Documents\Movie Studio Platinum 12.0 Projects
2014-07-30 12:16 - 2014-07-30 12:15 - 00142048 _____ () C:\Users\kholloway\Desktop\West Springfield 2013 Hip Hop.sfk
2014-07-30 12:15 - 2014-07-30 12:14 - 00137520 _____ () C:\Users\kholloway\Desktop\Mepham High School Pom 2014.sfk
2014-07-30 12:13 - 2014-07-30 12:13 - 17594136 _____ () C:\Users\kholloway\Desktop\Mepham High School Pom 2014.WAV
2014-07-30 11:58 - 2014-07-30 11:58 - 18173310 _____ () C:\Users\kholloway\Desktop\West Springfield 2013 Hip Hop.WAV
2014-07-30 11:02 - 2014-07-30 11:01 - 15785702 _____ () C:\Users\kholloway\Downloads\_y_o_you-are-my-shelter.zip
2014-07-30 10:16 - 2014-07-30 09:36 - 00000000 ____D () C:\Users\kholloway\Desktop\Cowboy
2014-07-30 09:09 - 2014-02-20 18:06 - 00002194 _____ () C:\Users\kholloway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-30 09:09 - 2013-02-14 17:18 - 00000000 ___RD () C:\Users\kholloway\SkyDrive
2014-07-29 10:07 - 2014-07-29 10:07 - 05355335 _____ () C:\Users\kholloway\Downloads\WesternCowboyClassroomTheme.zip
2014-07-29 10:07 - 2014-07-29 10:07 - 00000000 ____D () C:\Users\kholloway\Downloads\WesternCowboyClassroomTheme
2014-07-29 09:57 - 2012-12-24 14:49 - 00000000 ____D () C:\ProgramData\Roxio
2014-07-28 15:54 - 2012-12-23 23:04 - 00000000 ____D () C:\Users\kholloway\Documents\Sunday Bulletins
2014-07-28 12:33 - 2014-07-28 12:32 - 00013028 _____ () C:\Users\kholloway\Desktop\Emails for Teaching Leadership.xlsx
2014-07-28 12:18 - 2014-07-10 15:10 - 00026363 _____ () C:\Users\kholloway\Documents\2013-2014 Nomination Committee Final.xlsx
2014-07-28 12:13 - 2014-07-28 12:13 - 00011385 _____ () C:\Users\kholloway\Desktop\Teaching Leadership.xls
2014-07-28 09:33 - 2012-12-23 22:51 - 00000000 ____D () C:\Users\kholloway\Documents\Mileage Record
2014-07-28 09:31 - 2014-07-28 09:31 - 01269280 _____ () C:\Users\kholloway\Downloads\1st set - Choir(1).zip
2014-07-28 09:31 - 2014-07-28 09:30 - 01761969 _____ () C:\Users\kholloway\Downloads\1st set - Choir Director(1).zip
2014-07-28 09:30 - 2014-07-28 09:30 - 01269280 _____ () C:\Users\kholloway\Downloads\1st set - Choir.zip
2014-07-28 09:29 - 2014-07-28 09:29 - 01761969 _____ () C:\Users\kholloway\Downloads\1st set - Choir Director.zip
2014-07-28 09:29 - 2014-07-28 09:28 - 01028573 _____ () C:\Users\kholloway\Downloads\Rehearsal Accompaniments.zip
2014-07-27 12:07 - 2014-07-25 09:36 - 00000000 ____D () C:\Users\kholloway\Desktop\Thunder Storm
2014-07-27 11:52 - 2014-03-30 18:32 - 00000000 ____D () C:\Users\kholloway\AppData\Roaming\Audacity
2014-07-27 07:45 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-27 07:45 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-27 07:38 - 2012-12-26 22:30 - 00037820 _____ () C:\Windows\error.log
2014-07-27 07:37 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-27 07:36 - 2012-12-26 22:30 - 00009997 _____ () C:\Windows\errord.log
2014-07-26 17:31 - 2014-07-26 17:22 - 06684672 _____ () C:\Users\kholloway\Desktop\Partnership Volunteer Missions Dabase - Jan 2014.mdb
2014-07-25 21:11 - 2013-01-24 12:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-25 21:07 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 21:07 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 20:52 - 2013-03-14 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 12:38 - 2014-07-25 12:38 - 00001823 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-25 12:38 - 2014-07-25 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-25 12:38 - 2014-07-25 12:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-25 12:38 - 2014-07-25 12:37 - 00000000 ____D () C:\Program Files\iTunes
2014-07-25 12:38 - 2014-07-25 12:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-25 12:37 - 2014-07-25 12:37 - 00000000 ____D () C:\Program Files\iPod
2014-07-25 09:35 - 2014-07-14 19:22 - 00000000 ____D () C:\Users\kholloway\Desktop\Crosstimbers 2014
2014-07-23 20:29 - 2009-07-13 23:45 - 03966000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-23 20:27 - 2014-06-11 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 20:27 - 2013-10-30 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 20:27 - 2010-11-20 22:47 - 00482724 _____ () C:\Windows\PFRO.log
2014-07-22 11:41 - 2014-07-22 11:41 - 01009149 _____ () C:\Users\kholloway\Downloads\FFF-Tusj(1).zip
2014-07-22 11:41 - 2014-07-22 11:41 - 00000000 ____D () C:\Users\kholloway\Downloads\FFF-Tusj(1)
2014-07-22 11:22 - 2014-07-22 11:22 - 00067076 _____ () C:\Users\kholloway\Downloads\bergamot_ornaments.zip
2014-07-22 11:22 - 2014-07-22 11:22 - 00000000 ____D () C:\Users\kholloway\Downloads\bergamot_ornaments
2014-07-22 11:22 - 2012-12-21 15:55 - 00479848 _____ () C:\Users\kholloway\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-22 11:16 - 2014-07-22 11:16 - 00000000 ____D () C:\Users\kholloway\Downloads\return_to_sender
2014-07-22 11:16 - 2014-07-22 11:15 - 00404889 _____ () C:\Users\kholloway\Downloads\return_to_sender.zip
2014-07-22 10:37 - 2014-07-22 10:37 - 00606479 _____ () C:\Users\kholloway\Downloads\fontscafe_chalk-hand-lettering-shaded-dem.zip
2014-07-22 10:37 - 2014-07-22 10:37 - 00000000 ____D () C:\Users\kholloway\Downloads\fontscafe_chalk-hand-lettering-shaded-dem
2014-07-21 15:47 - 2014-07-21 13:43 - 00000000 ____D () C:\Users\kholloway\Desktop\Answers In Genesis
2014-07-20 12:06 - 2014-07-20 11:54 - 48872795 _____ () C:\Users\kholloway\Desktop\Crosstimbers 2014 Facebook.mp4
2014-07-18 15:00 - 2012-12-24 15:07 - 00000000 ____D () C:\The Modulator
2014-07-18 14:56 - 2009-07-14 00:13 - 00835304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-17 17:12 - 2014-07-17 15:25 - 00000000 ____D () C:\Users\kholloway\Desktop\CrossTimbers Resizes
2014-07-17 11:06 - 2013-02-14 16:51 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-17 10:45 - 2014-07-17 10:14 - 526942591 _____ () C:\Users\kholloway\Desktop\Crosstimbers 2014.mp4
2014-07-16 10:18 - 2013-01-07 16:56 - 00000000 ____D () C:\scans
2014-07-15 12:52 - 2014-07-11 19:38 - 00000000 ____D () C:\Users\kholloway\Desktop\GoPro
2014-07-15 09:56 - 2014-07-15 09:22 - 00000000 ____D () C:\Users\kholloway\Desktop\Sony
2014-07-12 16:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-12 16:36 - 2014-06-05 11:35 - 00000000 ____D () C:\Users\kholloway\Desktop\New folder
2014-07-10 17:37 - 2014-02-13 10:51 - 00000000 ____D () C:\Users\kholloway\Documents\2014 Crosstimbers
2014-07-10 15:43 - 2014-07-10 13:24 - 00104448 _____ () C:\Users\kholloway\Documents\2014-15 Nominating Committee Letter.pub
2014-07-10 13:50 - 2014-01-26 12:41 - 00000000 ____D () C:\Users\kholloway\Documents\2014 VBS
2014-07-10 13:01 - 2014-03-28 13:32 - 00506880 _____ () C:\Users\kholloway\Documents\Church Map and Classes.pub
2014-07-10 04:00 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 03:21 - 2014-05-06 17:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 03:21 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 03:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 03:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 03:05 - 2013-07-21 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:02 - 2012-12-26 22:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 11:16 - 2012-12-15 06:05 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 11:16 - 2012-12-15 06:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 11:16 - 2012-12-15 06:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 09:17 - 2014-06-12 11:52 - 00000000 ____D () C:\Users\kholloway\AppData\Local\Adobe
2014-07-06 11:54 - 2014-01-12 10:03 - 00184320 _____ () C:\Users\kholloway\Documents\Worship Service Count Sheet.pub
2014-07-05 18:09 - 2014-07-05 18:09 - 44797440 _____ () C:\Users\kholloway\Documents\The Presence of the Lord is Here.ppt
2014-07-05 18:02 - 2014-07-03 10:34 - 47223902 _____ () C:\Users\kholloway\Documents\The Presence of the Lord is Here.pptx
2014-07-05 17:50 - 2014-07-05 17:50 - 01138240 _____ () C:\Windows\Minidump\070514-21855-01.dmp
2014-07-05 17:50 - 2012-12-28 04:32 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 17:50 - 2012-12-28 04:31 - 735945039 _____ () C:\Windows\MEMORY.DMP
2014-07-04 14:28 - 2014-07-04 14:24 - 00000000 ____D () C:\Users\kholloway\Desktop\Sarah
2014-07-02 14:06 - 2014-07-02 14:02 - 00000000 ____D () C:\Users\kholloway\Downloads\freeindeedindependenceday_480p_mpg
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\Users\kholloway\Downloads\godblessamerica_480p_mpg
2014-07-02 13:50 - 2014-07-02 13:47 - 83562423 _____ () C:\Users\kholloway\Downloads\godblessamerica_480p_mpg.zip
2014-07-02 13:48 - 2014-07-02 13:47 - 31713056 _____ () C:\Users\kholloway\Downloads\freeindeedindependenceday_480p_mpg.zip
2014-07-01 13:40 - 2013-04-01 09:42 - 00000000 ____D () C:\Users\kholloway\Documents\2013 Crosstimbers
2014-07-01 09:44 - 2014-06-28 19:21 - 00000000 ____D () C:\Users\kholloway\Documents\2014 Mission Trip

Some content of TEMP:
====================
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{032785FB-5FA2-4d09-9BC8-6D2B8459C1F2}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{05968D51-3A32-4086-B51F-BFFD7AED3E76}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{07ECE514-CE8B-4948-ACC7-C53C4CD1C69D}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{08554763-1012-49e9-A8C6-6529797DCBAD}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{0E8C7A7F-6A69-4fcc-93E4-93FA94B1E147}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{183CDC5F-4872-4f68-90CE-7CF286190727}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{1C4283D2-44C9-4a41-918F-0A850C377B11}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{1D51DEFB-6A56-4981-85D8-E3C623209AC9}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{202257F8-39EE-40a2-90B6-77CBA444357C}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{22366535-B56A-48f5-91B0-BF6CD6B449A5}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{25609445-33CD-4219-8A84-6425F6A25961}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{26BCBD36-1A00-4c08-A731-94EE623F54B4}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{2CD45C72-AE49-4e9a-AB49-A1EE33EE65B1}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{2F3E4E43-77F6-4b8b-A4C3-62F0CE88BF8F}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{341C3130-50B7-4a3d-80D2-66021BBCE608}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{36809610-E263-4bb5-B9CB-48F0ED5D490B}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{3BA58847-0DE0-4945-B98E-34DBA344D1B1}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{3D96481D-29E9-470c-996F-3C2D68175F8D}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{3DAD1AA4-F076-412b-AAEB-0EA27F21B9AC}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{3EA427B2-A441-4ff9-93BD-2290CDC4E548}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{427D2B22-FE22-4782-9BB9-78B24E87B379}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{479CD297-A798-48ce-92A9-177A3648FCD9}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{4964C6F9-CF68-4a3d-9977-55CC26A419A6}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{4B1E3F68-B8A1-44b0-BC11-168F6F6B5BF8}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{5020C042-26BD-42aa-8169-91DBBE6E36E0}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{526BB1B2-21C6-48f4-9424-1CA3A19D78FD}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{5842E521-B117-450a-AEC9-5D1D15D304D6}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{5C63838B-58F2-4067-93EE-5C3E83492BF3}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{63AC5557-8850-479c-8110-8997E80B53C4}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{6AF67708-5450-408b-B11B-7478D029AA60}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{6FDAA969-FAAC-4914-AD32-43F1CBF25FC5}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{74AAC4D7-9FF3-4ae0-AA67-5AA49508F598}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{844E19A4-72F3-42bb-B26A-D08C0728EE6F}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{86AC0B96-7931-4a8d-9F81-C354F6CD6AE4}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{8BBB032A-7EC8-4ac7-B65A-7331863DC705}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{8EB29627-BD9E-40f7-B4BA-A2CCBF8A69D4}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{8F3EC70A-143B-4125-A4C9-A1E1629B68D4}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{98B2BB20-AC5C-4f09-86D0-C51F1FD74B03}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{9F4611C0-BB99-46ec-ACF0-DD66A4FC6B83}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{A0230B32-FD90-4208-A566-BACEE2302FA7}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{A9416568-F735-4dde-9D1C-6610033BBEFE}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{ABB39743-8E7D-4cae-918B-C5F477F71AFC}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{AE43D362-253C-48c5-8162-129293D77192}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{AF839D52-0DAC-4e7f-BEE0-C209FC4F4E39}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{B0A5C8BD-FE7D-4536-81F5-FA5539B1D6B5}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{B87666E2-53BF-415d-8A72-1340B226544D}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{B9F4CDDA-9B8D-4d45-9278-F6CA05F4518B}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{BA02F2B0-2BA8-4e66-89CC-1E51DE3A76C5}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{BD759BC9-4A33-41d5-B99B-0D802AC9EE2D}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{C16AD64E-A451-40bd-87DB-363310390CBC}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{C59CCAD0-0B0A-4586-98E4-D9DB540CBE81}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{C5CE72D9-BA2B-48df-A254-C6D710C79880}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{C8232EDF-C271-4804-994D-170422AA7F83}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{D2A490FF-D839-47e1-A743-2077392C31AD}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{D520416C-892D-474e-963C-B01ADCE089CE}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{E51B146D-447E-40c5-9C42-5E2323BC1B46}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{E5A375AB-507D-472c-BA1A-DEB2B9118A7C}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{E8AEC970-C019-4dfc-9D8D-5E07D575D954}.dll
C:\Users\kholloway\AppData\Local\Temp\mpeg2lib_{FFEF0B42-D873-46d6-8A53-75F396209EF3}.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 09:04

==================== End Of Log ============================

Link to post
Share on other sites

Here is the ADDITION.TXT:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 01
Ran by kholloway at 2014-07-31 12:25:21
Running from C:\Users\kholloway\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe SGM CS4 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 Codecs (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
AoA DVD Ripper (HKLM-x32\...\AoA DVD Ripper_is1) (Version:  - AoAMedia.Com)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARen (HKLM-x32\...\ARen_is1) (Version:  - Kim Jensen aka BOSH)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AuthenTec Fingerprint Software (Version: 8.4.4.39 - AuthenTec, Inc.) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD Architecture 2013 - English (HKLM\...\AutoCAD Architecture 2013 - English) (Version: 7.0.50.0 - Autodesk)
AutoCAD Architecture 2013 - English (Version: 7.0.50.0 - Autodesk) Hidden
AutoCAD Architecture 2013 Language Pack - English (Version: 7.0.50.0 - Autodesk) Hidden
Autodesk Civil View for 3ds Max Design 2013 (HKLM-x32\...\{FE6DCC8D-427F-405C-A779-C93B6D9F77A5}) (Version: 1.0.0.2 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max Design 2013 64-bit (HKLM\...\{62CBE596-1BB8-4D7B-A056-103287BAD1C4}) (Version: 1.0.0.1 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max Design 2013 64-bit (HKLM\...\{BC66B242-DF13-1664-851B-00123612ED98}) (Version: 15.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit (HKLM\...\{06E18300-BB64-1664-8E6A-2593FC67BB74}) (Version: 1.0.0.1 - Autodesk)
Autodesk Workflows - Building Design Suite 2013 (HKLM\...\{06388E0D-A364-478B-8E40-7D76142A8DF2}) (Version: 3.0.10.0 - Autodesk)
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0C518F4B-8D5A-47A6-A1E2-B3F371486118}) (Version: 15.2.1.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Client System Update (HKLM-x32\...\{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}) (Version: 1.2.3 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.2.00003.009 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.116 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
DellAccess (Version: 01.01.00.104 - Wave Systems Corp.) Hidden
DVD Architect Studio 5.0 (HKLM-x32\...\{42C509F1-C451-11E1-AEC9-F04DA23A5C58}) (Version: 5.0.161 - Sony)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.82.124 - Dell Inc.)
EasyWorship 2009 (HKLM-x32\...\{A92509EA-B526-4869-B8B3-A39E20DBBE7A}_is1) (Version: 2009.01.04 - Softouch Development, Inc.)
EMBASSY Client Core (Version: 01.01.00.036 - Wave Systems Corp.) Hidden
FARO LS 1.1.408.2 (HKLM-x32\...\{91221AAC-F2A0-4028-8016-C7DAF63CB6CC}) (Version: 4.8.2.25521 - FARO Scanner Production)
FARO LS 4.8.2.25521 (HKLM-x32\...\FARO LS_is1) (Version:  - FARO Technologies)
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version:  - )
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript 8.15 (HKLM-x32\...\GPL Ghostscript 8.15) (Version:  - )
GPL Ghostscript 8.56 (HKLM-x32\...\GPL Ghostscript 8.56) (Version:  - )
GPL Ghostscript Fonts (HKLM-x32\...\GPL Ghostscript Fonts) (Version:  - )
HP ePrint & Share (HKLM-x32\...\{79FCE17B-937F-4697-9A59-2B1B34CC0C17}) (Version: 1.8.2 - Hewlett-Packard)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kernel for Outlook PST Repair Evaluation ver 12.06.01 (HKLM-x32\...\Kernel for Outlook PST Repair - Evaluation Version_is1) (Version:  - Lepide Software Pvt.Ltd.)
K-Lite Codec Pack 10.5.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 2.0.0713 - Kyocera Mita Corporation)
Kyocera Scanner File Utility (HKLM-x32\...\{61C79AE1-5403-4687-AC68-28BFA5EF3895}) (Version: 3.17.11 - KyoceraMita)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
MAGIX audio cleaning lab 2004 (HKLM-x32\...\MAGIX audio cleaning lab 2004) (Version: 4.0.0.0 - MAGIX AG)
MAGIX Media Manager silver (HKLM-x32\...\MAGIX Media Manager silver) (Version: 1.3.1.0 - MAGIX AG)
MAGIX music maker 2005 deLuxe (HKLM-x32\...\MAGIX music maker 2005 deLuxe) (Version: 9.0.2.0 - MAGIX AG)
MailWasher Pro (HKLM-x32\...\MailWasher Pro_is1) (Version:  - FireTrust Limited)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access Runtime (English) 2007 (HKLM-x32\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher 2007 (HKLM-x32\...\PUBLISHERR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Publisher 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Media Content (HKLM-x32\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets & Trips 2007 (HKLM-x32\...\{C82185E8-C27B-4EF4-2007-4444BC2C2B6D}) (Version: 14.0.09.1100 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{A743F12E-0A86-11E3-8F1A-F04DA23A5C58}) (Version: 12.0.1184 - Sony)
Movie Studio Platinum 12.0 (HKLM-x32\...\{DBF51C81-1CD2-11E2-8E6C-F04DA23A5C58}) (Version: 12.0.575 - Sony)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Made Easy (HKLM-x32\...\{916DD4BD-5250-4A30-8318-CEB6BC6CE841}) (Version: 2.1.3 - Worship Ministry Solutions)
nBIT HTML Editor ActiveX 3.1.1/B (HKLM-x32\...\nBIT HTML Editor OCX_is1) (Version: 3.1.1/B - nBit Information Technologies Australia)
Neuratron AudioScore Lite (HKLM-x32\...\Neuratron AudioScore Lite) (Version: 6.5.0 - Neuratron Limited)
Neuratron PhotoScore (HKLM-x32\...\Neuratron PhotoScore) (Version: 4.2.1 - Neuratron Limited)
Neuratron PhotoScore Lite (HKLM-x32\...\Neuratron PhotoScore Lite) (Version: 6.0.0 - Neuratron Limited)
NewBlue Free Effects for Windows (HKLM-x32\...\NewBlue Free Effects for Windows) (Version:  - )
NewBlue Light Rays  for Windows (HKLM-x32\...\NewBlue Light Rays  for Windows) (Version:  - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version:  - )
NewBlue Video Essentials II  for Windows (HKLM-x32\...\NewBlue Video Essentials II  for Windows) (Version:  - )
NewBlue Video Essentials III  for Windows (HKLM-x32\...\NewBlue Video Essentials III  for Windows) (Version:  - )
NTRU TCG Software Stack (Version: 2.1.37 - Security Innovation, Inc.) Hidden
O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{5F962F59-DCCB-440B-A8E5-3BA4F7F09594}) (Version: 2.1.4.213 - O2Micro)
O2Micro OZ776 SCR Driver (Version: 2.1.4.213 - O2Micro) Hidden
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Outlook Setup Tool (HKLM-x32\...\outlookset) (Version: 2.2.19 - Starfield Technologies)
Paint Shop Pro 7 (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )
PdfEdit995 (HKLM-x32\...\PdfEdit995) (Version:  - )
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pitch Switch (HKLM\...\{8905471E-B67E-433A-BAFB-D70B0E66A002}_is1) (Version:  - Inspyder Software Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Preboot Manager (Version: 03.03.00.090 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.01.00.030 - Wave Systems Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Roxio Activation Module (HKLM-x32\...\{07159635-9DFE-4105-BFC0-2817DB540C68}) (Version: 1.0 - Roxio)
Roxio Creator Audio (HKLM-x32\...\{83FFCFC7-88C6-41C6-8752-958A45325C82}) (Version: 3.5.0 - Roxio)
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}) (Version: 3.5.0 - Roxio)
Roxio Creator Data (HKLM-x32\...\{0D397393-9B50-4C52-84D5-77E344289F87}) (Version: 3.5.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.5.0 - Roxio)
Roxio Creator Tools (HKLM-x32\...\{0394CDC8-FABD-4ED8-B104-03393876DFDF}) (Version: 3.5.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{AAE78E39-FAAF-4C19-A63E-BDED7428FDE1}) (Version: 9.1 - Roxio)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Update Manager (HKLM-x32\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
Sibelius 6.2.0.88 (HKLM-x32\...\Sibelius 6_is1) (Version:  - )
Sibelius Scorch (all browsers) (HKLM-x32\...\{968ECEB6-5476-4131-B5E0-41D01D621243}) (Version: 6.2.0 - Sibelius Software)
Sibelius Sounds Essentials for Sibelius 6 (HKLM-x32\...\{F0EB3969-C007-4ABE-9245-990C5E021A8F}_is1) (Version: 1.1.0 - Sibelius Software, a division of Avid Technology, Inc.)
Signature995 (HKLM-x32\...\Signature995) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
SPBA 5.9 (Version: 5.9.4.6901 - UPEK Inc.) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0016 - ST Microelectronics)
Stellar Phoenix Outlook PST Repair (HKLM-x32\...\Stellar Phoenix Outlook PST Repair_is1) (Version: 4.5.0.0 - Stellar Information Systems Ltd.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Modulator 9.10.10 (HKLM-x32\...\{61E00874-8C63-4057-9AE2-B0CD1292B759}) (Version: 9.10.10 - Worship Ministry Solutions)
toolkit32for64bit (x32 Version: 7.67.47.0000 - Wave Systems Corp) Hidden
Trusted Drive Manager (Version: 4.5.0.136 - Wave Systems Corp.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wokiper (x32 Version: 012.000.1512 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1790 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0463 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0162 - Intuit Inc.) Hidden
TurboTax 2013 wokiper (x32 Version: 013.000.1180 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PUBLISHERR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PUBLISHERR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PUBLISHERR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PUBLISHERR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Wave Crypto Runtime 2.0.7.0 x86 (x32 Version: 02.00.07.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.67.60.0020 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.051 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation)
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WP2009.11.6 (HKLM-x32\...\{E15219A5-483F-41D4-B10C-1BD4DAB359AC}) (Version: 9.11.6 - Worship Ministry Solutions)
Xara3D6 (HKLM-x32\...\{64C96428-3A75-4AAE-A538-C450EF68175F}) (Version: 1.00.0000 - Xara Group Ltd.)
Xilisoft DVD Ripper Ultimate 6 (HKLM-x32\...\Xilisoft DVD Ripper Ultimate 6) (Version: 6.0.12.0914 - Xilisoft)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.1.20140505 - Xilisoft)
XviD 1.1 final uninstall (HKLM-x32\...\XviD_is1) (Version: 1.1 - XviD team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1915709852-3685380495-697511374-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\kholloway\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

18-07-2014 20:03:50 Windows Update
22-07-2014 14:15:14 Windows Update
25-07-2014 14:16:29 Windows Update
26-07-2014 01:51:13 Windows Update
30-07-2014 14:19:26 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2013-01-05 14:13 - 00000857 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1                activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {088F86C5-9584-409A-A990-08AF0F828229} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {19ED722B-E808-4496-9588-08CC02459EDA} - System32\Tasks\{E7881468-BBA1-4485-9D6F-2547ED9AD726} => Chrome.exe http://ui.skype.com/ui/0/4.2.0.155.217/en/abandoninstall?source=lightinstaller&page=tsProblems&LastError=404&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {28DAD9E8-53DC-4003-A13B-B6958F749A1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {83080605-FD24-4DA7-B959-0EF56E91ACD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {87614F9E-CC9E-42A5-89A5-8241F50BD49F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {9323F799-0E3F-4611-B304-8E2C224E3124} - System32\Tasks\Microsoft Office 15 Sync Maintenance for kholloway-PC-kholloway kholloway-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-03] (Microsoft Corporation)
Task: {A16B6881-295F-4275-BEB6-85920A8BDC05} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {BC367346-9AF5-495C-903F-41A0FFEA0B0D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {C7AB78A9-8C2E-4904-9972-5C2D2BDDAB4B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E4FBE726-B11B-4AAA-8A02-B279E3E0B37B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {E9609011-EB61-4407-BBC5-C2A2700DFF98} - System32\Tasks\0 => Chrome.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-23 18:19 - 2013-06-11 10:53 - 00040448 _____ () C:\Windows\System32\pdf995mon64.dll
2014-03-07 16:19 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-01-17 08:45 - 2012-01-17 08:45 - 00218504 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-01-17 08:45 - 2012-01-17 08:45 - 00038792 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2011-10-08 23:56 - 2011-10-08 23:56 - 00003072 _____ () C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
2011-11-07 08:55 - 2011-11-07 08:55 - 00094720 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2006-12-08 16:42 - 2012-12-15 06:20 - 00155136 _____ () C:\Windows\system32\BioAPI100.dll
2006-12-08 16:41 - 2012-12-15 06:20 - 00239104 _____ () C:\Windows\system32\BIOAPI_MDS300.dll
2014-03-07 16:28 - 2014-05-20 11:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2007-07-23 16:05 - 2007-07-23 16:05 - 00066544 _____ () C:\Program Files\Roxio\Drag-to-Disc\DLAAPI_W.DLL
2012-12-15 07:47 - 2012-03-26 22:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-16 11:29 - 2000-11-09 11:17 - 00190464 _____ () C:\Program Files (x86)\Kyocera\FileUtility\HgTiff2Pdf.dll
2014-02-13 04:32 - 2014-02-13 04:32 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2f069b57965f456c3c25fb82419a363d\IsdiInterop.ni.dll
2012-12-15 06:29 - 2012-05-30 14:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-12-15 06:28 - 2012-02-21 05:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2008-08-28 17:53 - 2008-08-28 17:53 - 00073728 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Symlib.dll
2008-08-28 17:47 - 2008-08-28 17:47 - 02748416 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS4\LIBMYSQLD.dll
2008-08-28 17:54 - 2008-08-28 17:54 - 00502272 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMPFiles.dll
2008-08-28 17:54 - 2008-08-28 17:54 - 00424960 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMP.dll
2008-08-28 17:54 - 2008-08-28 17:54 - 00891904 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS4\FileInfo.dll
2013-11-13 15:59 - 2014-06-17 12:56 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-11-13 15:59 - 2014-06-17 12:56 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-03-07 16:29 - 2014-06-03 03:41 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-11-13 16:01 - 2013-11-13 16:01 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL
2014-03-07 16:20 - 2014-05-27 07:49 - 00321704 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\msfad.dll
2014-06-11 10:26 - 2014-07-23 09:19 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-02-14 16:52 - 2014-05-27 07:36 - 00196264 _____ () C:\Program Files\Microsoft Office 15\root\office15\IEAWSDC.DLL
2012-12-23 18:07 - 2010-05-28 14:57 - 00801976 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\ContactsLib.dll
2012-12-23 18:07 - 2009-06-25 16:40 - 00977080 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\MCORE.DLL
2012-12-23 18:07 - 2010-04-19 09:48 - 00277904 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\sqlite3.dll
2012-12-23 18:07 - 2009-08-25 18:51 - 00155320 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\MailPrefs.dll
2012-12-23 18:07 - 2008-09-12 18:39 - 00611936 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\MailAnalysis.DLL
2012-12-23 18:07 - 2006-03-09 16:38 - 00684032 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\libeay32.dll
2012-12-23 18:07 - 2006-03-09 16:38 - 00155648 _____ () C:\Program Files (x86)\FireTrust\MailWasher Pro\ssleay32.dll
2013-11-13 16:06 - 2014-06-17 13:03 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-07-09 11:16 - 2014-07-09 11:16 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:30FD0CBD

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Dell Wireless 380 Bluetooth 4.0 Module
Description: Dell Wireless 380 Bluetooth 4.0 Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2014 11:39:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067

Error: (07/30/2014 11:39:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7067

Error: (07/30/2014 11:39:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/30/2014 11:39:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (07/30/2014 11:39:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (07/30/2014 11:39:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/30/2014 11:39:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5055

Error: (07/30/2014 11:39:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5055

Error: (07/30/2014 11:39:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/30/2014 11:39:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4057


System errors:
=============
Error: (07/31/2014 11:37:41 AM) (Source: DCOM) (EventID: 10016) (User: kholloway-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}kholloway-PCkhollowayS-1-5-21-1915709852-3685380495-697511374-1001LocalHost (Using LRPC)

Error: (07/30/2014 03:30:32 PM) (Source: DCOM) (EventID: 10016) (User: kholloway-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}kholloway-PCkhollowayS-1-5-21-1915709852-3685380495-697511374-1001LocalHost (Using LRPC)

Error: (07/29/2014 11:56:06 AM) (Source: DCOM) (EventID: 10016) (User: kholloway-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}kholloway-PCkhollowayS-1-5-21-1915709852-3685380495-697511374-1001LocalHost (Using LRPC)

Error: (07/28/2014 00:45:08 PM) (Source: DCOM) (EventID: 10016) (User: kholloway-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}kholloway-PCkhollowayS-1-5-21-1915709852-3685380495-697511374-1001LocalHost (Using LRPC)

Error: (07/27/2014 01:22:45 PM) (Source: DCOM) (EventID: 10016) (User: kholloway-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}kholloway-PCkhollowayS-1-5-21-1915709852-3685380495-697511374-1001LocalHost (Using LRPC)

Error: (07/27/2014 07:38:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32

Error: (07/27/2014 07:37:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/27/2014 07:36:56 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/26/2014 05:23:19 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/26/2014 05:23:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 8065.24 MB
Available physical RAM: 3439.01 MB
Total Pagefile: 16128.66 MB
Available Pagefile: 10476.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:164.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 78F92FBA)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Hello,
    

They call me TwinHeadedEagle around here, and I'll be working with you.

    

    
Before we start please read and note the following:
    
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.
Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
    
icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
 
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

FRST.gif Fix with Farbar Recovery Scan Tool



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif


Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

I made a mistake, I need you to run one more fix:

 

 

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif

icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

 

 

 

Tell me is your problem fixed after this?

fixlist.txt

Link to post
Share on other sites

Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.

 

 

Recommended reading:




icon_exclaim.gifMUST READ - general maintenance: What to do if your Computer is running slowly?

 

 

 

Recommended additional software:



icon_arrow.gifTFC - to clean unneeded temporary files.

icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

icon_arrow.gifMcShield - to prevent infections spread by removable media.

icon_arrow.gifCryptoPrevent - to secure yourself from very severe CryptoLocker infection.

icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.

 

 

The following will implement some post-cleanup procedures:

 

=> Please download DelFix by Xplode to your Desktop.

 

Run the tool and check the following boxes below;

checkmark.png Remove disinfection tools

checkmark.png Create registry backup

checkmark.png Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.

At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

 

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix

Tool deletes old system restore points and create a fresh system restore point after cleaning.

 

 

My help is free for everybody.


If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif

Thank you!


 

 

 

Stay safe,

TwinHeadedEagle :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.