Jump to content

outbound IP being blocked, 184.173.133.194


Recommended Posts

Hi folks. I have an outbound IP being blocked, 184.173.133.194.

Dreamweaver and FF are mainly when it tries to phone home. I assume it's trying to steal FTP passwords.

Ran MBAM, all is clean.

FRST.txt
============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Bobby (administrator) on BOBBY-PC on 04-05-2015 12:18:30
Running from E:\Tools
Loaded Profiles: Bobby (Available profiles: Bobby & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
( ) C:\Windows\System32\lmabcoms.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Traysoft Inc.) E:\Program Files (x86)\PhoneTray\PhoneTrayService.exe
(Safer Networking Ltd.) E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
( ) C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Safer-Networking Ltd.) E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Traysoft Inc.) E:\Program Files (x86)\PhoneTray\PhoneTray.exe
(Chicony) C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe
(Chicony) C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe
(Acronis) E:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Systems, Inc.) E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
(Microsoft Corporation) E:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Adobe\Fireworks\Fireworks.exe
(Microsoft Corporation) E:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [ChallengerUltimate] => C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe [1254912 2010-08-05] (Chicony)
HKLM-x32\...\Run: [ChallengerUltimateOSD] => C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe [634880 2010-08-05] (Chicony)
HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => E:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Run: [LMab1err] => C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [582312 2009-10-07] ( )
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6886752 2015-01-07] (Binary Fortress Software)
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Run: [spybotSD TeaTimer] => E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Run: [Weather] => E:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1652736 2011-10-05] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2010-12-09]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhoneTray.lnk [2015-05-01]
ShortcutTarget: PhoneTray.lnk -> E:\Program Files (x86)\PhoneTray\PhoneTray.exe (Traysoft Inc.)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-06-21]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2014-05-25]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => E:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => E:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => E:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-81963032-649918307-2679247094-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKLM -> DefaultScope {F532A5DA-0013-4CE1-BFEB-4A280AD829E7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {F532A5DA-0013-4CE1-BFEB-4A280AD829E7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {3FFC994E-18C0-4818-BD04-55311417924A} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {3FFC994E-18C0-4818-BD04-55311417924A} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> DefaultScope {F532A5DA-0013-4CE1-BFEB-4A280AD829E7} URL =
SearchScopes: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> {3FFC994E-18C0-4818-BD04-55311417924A} URL =
SearchScopes: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> {F532A5DA-0013-4CE1-BFEB-4A280AD829E7} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-08-16] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-08-16] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-04-30] (Google Inc.)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93}
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} https://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{77F5E0C6-D644-489C-84AB-9BCD8B4A1120}: [NameServer] 208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.coincommunity.com/home/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-30] ()
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-08-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-30] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-30] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> E:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Extension: Favicon Restorer - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\faviconrestorer@masserog.it [2014-06-05]
FF Extension: Form History Control - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\formhistory@yahoo.com [2015-04-30]
FF Extension: FireShot - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-04-30]
FF Extension: Live HTTP headers - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2012-12-28]
FF Extension: FireFTP - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-04-30]
FF Extension: Bookmark Favicon Changer - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\bookmarkfaviconchanger@sonthakit.xpi [2014-06-05]
FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-11]
FF Extension: Firebug - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\firebug@software.joehewitt.com.xpi [2014-07-12]
FF Extension: Myibidder (Myibay) Bid Sniper for eBay - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\firefox1@myibay.com.xpi [2013-01-15]
FF Extension: Open Image In New Tab - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\imagetab@next.gen.nz.xpi [2013-03-27]
FF Extension: Self-Destructing Cookies - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-03-17]
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2015-04-30]
FF Extension: PageRank for Firefox - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\pagerank@any-tech.ws.xpi [2012-12-28]
FF Extension: Search Site - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\searchsite@DW-dev.xpi [2012-12-31]
FF Extension: Status-4-Evar - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\status4evar@caligonstudios.com.xpi [2014-08-16]
FF Extension: TitleCase - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\TitleCase@htdsoftware.com.xpi [2014-04-23]
FF Extension: Firesizer - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}.xpi [2012-12-29]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-02-20]
FF Extension: YouTube High Definition - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-04-30]
FF Extension: Video DownloadHelper - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-30]
FF Extension: BetterPrivacy - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-28]
FF Extension: Tab Mix Plus - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\8f2hvdfx.default-1356672519695\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-06-24]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.coincommunity.com/forum/
CHR StartupUrls: Default -> "hxxp://www.coincommunity.com/forum/active.asp", "hxxp://www.stampcommunity.org/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (NPCIG.dll) - E:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (VLC Web Plugin) - E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Profile: C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (BetaFish Adblocker) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-01-19]
CHR Extension: (HTTP Headers) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\hplfkkmefamockhligfdcfgfnbcdddbg [2013-01-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3169648 2015-01-07] (Binary Fortress Software)
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [1044992 2009-10-07] ( ) [File not signed]
R2 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [593920 2009-10-07] ( ) [File not signed]
R2 MBAMScheduler; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PhoneTrayService; E:\Program Files (x86)\PhoneTray\PhoneTrayService.exe [14696 2015-02-21] (Traysoft Inc.)
R2 SBSDWSCService; E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 archlp; C:\Windows\SysWow64\drivers\archlp.sys [161792 2009-02-06] ()
S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [189952 2011-06-10] (Hauppauge, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\42EC5297.sys [129752 2015-05-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 MT300; C:\Windows\System32\Drivers\MT30064.sys [33952 2010-12-15] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
R1 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [86768 2014-09-19] (Dataram, Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-05-01] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2015-05-01] (Acronis International GmbH)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [124176 2012-11-30] (High Criteria inc.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-05-01] (Acronis International GmbH)
R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.)
R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.)
S3 appliandMP; system32\DRIVERS\appliand.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S4 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S4 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S4 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S4 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S4 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 12:18 - 2015-05-04 12:18 - 00000000 ____D () C:\FRST
2015-05-04 12:09 - 2015-05-04 12:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\42EC5297.sys
2015-05-04 02:56 - 2015-05-04 02:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7CB02B57.sys
2015-05-02 14:10 - 2015-05-02 14:47 - 00025172 _____ () C:\Windows\PFRO.log
2015-05-02 14:04 - 2012-11-19 12:10 - 00652344 ____H (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-05-02 14:04 - 2012-11-19 12:10 - 00028216 ____H (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-05-02 14:03 - 2015-05-02 14:03 - 06976080 _____ (Macrovision Corporation) C:\Users\Bobby\Downloads\iata_enu.exe
2015-05-02 10:35 - 2015-05-02 10:35 - 00000000 ____D () C:\Users\Bobby\Intel
2015-05-02 10:34 - 2015-05-02 10:34 - 00571533 _____ () C:\Users\Bobby\Downloads\f6flpy-x64.zip
2015-05-02 10:20 - 2015-05-02 10:20 - 02333416 _____ (Intel) C:\Users\Bobby\Downloads\Intel Driver Update Utility Installer.exe
2015-05-02 08:57 - 2015-05-02 18:50 - 00001793 _____ () C:\Windows\setupact.log
2015-05-02 08:57 - 2015-05-02 08:57 - 00446208 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-02 08:57 - 2015-05-02 08:57 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-02 08:45 - 2015-05-02 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OutlookTempCleaner
2015-05-01 20:56 - 2015-05-01 20:56 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-05-01 20:56 - 2015-05-01 20:56 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2015-05-01 20:55 - 2015-05-01 20:55 - 00000928 _____ () C:\Users\Bobby\Desktop\AVS Document Converter.lnk
2015-05-01 20:55 - 2015-05-01 20:55 - 00000912 _____ () C:\Users\Bobby\Desktop\AVS Registry Cleaner.lnk
2015-05-01 20:55 - 2015-05-01 20:55 - 00000904 _____ () C:\Users\Bobby\Desktop\AVS Image Converter.lnk
2015-05-01 20:55 - 2015-05-01 20:55 - 00000880 _____ () C:\Users\Bobby\Desktop\AVS Photo Editor.lnk
2015-05-01 20:55 - 2015-05-01 20:55 - 00000880 _____ () C:\Users\Bobby\Desktop\AVS Disc Creator.lnk
2015-05-01 20:54 - 2015-05-01 20:54 - 00000904 _____ () C:\Users\Bobby\Desktop\AVS Audio Converter.lnk
2015-05-01 20:54 - 2015-05-01 20:54 - 00000888 _____ () C:\Users\Bobby\Desktop\AVS Video ReMaker.lnk
2015-05-01 20:54 - 2015-05-01 20:54 - 00000880 _____ () C:\Users\Bobby\Desktop\AVS Video Editor.lnk
2015-05-01 20:54 - 2015-05-01 20:54 - 00000880 _____ () C:\Users\Bobby\Desktop\AVS Media Player.lnk
2015-05-01 20:54 - 2015-05-01 20:54 - 00000880 _____ () C:\Users\Bobby\Desktop\AVS Audio Editor.lnk
2015-05-01 20:53 - 2015-05-01 20:53 - 00000904 _____ () C:\Users\Bobby\Desktop\AVS Video Converter.lnk
2015-05-01 20:08 - 2015-05-01 20:49 - 258586000 _____ (Online Media Technologies Ltd. ) C:\Users\Bobby\Downloads\AVSInstallPack.exe
2015-05-01 18:44 - 2015-05-01 18:45 - 285249144 _____ (Adobe Systems Incorporated) C:\Users\Bobby\Downloads\Dreamweaver_12_LS16.exe
2015-05-01 16:55 - 2015-05-01 16:55 - 00000808 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-05-01 16:54 - 2015-05-01 16:54 - 04532776 _____ (Piriform Ltd) C:\Users\Bobby\Downloads\dfsetup219.exe
2015-05-01 14:57 - 2015-05-01 14:57 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\Acronis
2015-05-01 14:56 - 2015-05-01 15:34 - 00000000 ____D () C:\ProgramData\Acronis
2015-05-01 14:56 - 2015-05-01 14:56 - 01464096 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 01120032 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00367200 ____H (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00269600 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00198432 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00161568 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00117024 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00116000 ____H (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-05-01 14:56 - 2015-05-01 14:56 - 00000924 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2015-05-01 14:56 - 2015-05-01 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-05-01 14:51 - 2015-05-01 14:52 - 276253520 _____ (Acronis) C:\Users\Bobby\Downloads\atih_installer_hd_s_e.exe
2015-04-30 17:23 - 2015-04-30 17:23 - 00014048 _____ () C:\Users\Bobby\Downloads\burnished labels.jpeg
2015-04-30 16:45 - 2015-04-30 16:45 - 00000752 _____ () C:\Users\Public\Desktop\PhoneTray.lnk
2015-04-30 16:45 - 2015-04-30 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoneTray Pro
2015-04-30 16:44 - 2015-04-30 16:44 - 16781200 _____ () C:\Users\Bobby\Downloads\PhoneTrayProTrial.exe
2015-04-30 10:58 - 2015-04-30 10:58 - 00000921 _____ () C:\Users\Bobby\Desktop\4K Video Downloader.lnk
2015-04-30 10:58 - 2015-04-30 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2015-04-30 10:57 - 2015-04-30 10:57 - 24936600 _____ (Open Media LLC ) C:\Users\Bobby\Downloads\4kvideodownloader_3.5.exe
2015-04-30 02:16 - 2015-05-02 08:56 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-30 02:16 - 2015-04-30 02:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-30 02:16 - 2015-04-30 02:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-30 01:57 - 2015-01-08 19:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-30 01:57 - 2015-01-08 19:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-30 01:19 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-30 01:19 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-30 01:19 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-30 01:19 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-30 01:19 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-30 01:19 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-30 01:19 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-30 01:19 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-30 01:19 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-30 01:19 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-30 01:19 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-30 01:19 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-30 01:19 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-30 01:19 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-30 01:19 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-30 01:19 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-30 01:19 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-30 01:19 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-30 01:19 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-30 01:19 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-30 01:19 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-30 01:19 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-30 01:19 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-30 01:19 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-30 01:19 - 2015-01-08 23:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-30 01:19 - 2015-01-08 23:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-30 01:19 - 2015-01-08 23:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-30 01:19 - 2015-01-08 22:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-04-30 01:18 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-30 01:18 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-30 01:18 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-30 01:18 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-30 01:18 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-30 01:18 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-30 01:18 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-30 01:18 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-30 01:18 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-30 01:18 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-30 01:18 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-30 01:18 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-30 01:18 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-30 01:18 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-30 01:18 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-30 01:18 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-30 01:18 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-30 01:18 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-30 01:18 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-30 01:18 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-30 01:18 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-04-30 01:18 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-04-30 01:18 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-04-30 01:18 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-04-30 01:18 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-30 01:18 - 2014-12-18 23:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-30 01:18 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-30 01:18 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-30 01:18 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-30 01:18 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-30 01:18 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-04-30 01:18 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-04-30 01:18 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-30 01:18 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-04-30 01:18 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-30 01:17 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-30 01:17 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-30 01:17 - 2015-01-30 23:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-30 01:17 - 2015-01-30 23:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-04-30 01:17 - 2015-01-30 19:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-04-30 01:17 - 2014-12-06 00:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-30 01:17 - 2014-12-05 23:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-04-30 01:17 - 2014-12-05 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-30 01:17 - 2014-10-13 22:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-30 01:17 - 2014-10-13 22:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-30 01:17 - 2014-10-13 21:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-30 01:16 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-30 01:16 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-30 01:16 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-30 01:16 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-30 01:16 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-30 01:16 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-30 01:16 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-30 01:16 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-30 01:16 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-30 01:16 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-30 01:16 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-04-30 01:16 - 2014-12-18 21:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-30 01:13 - 2015-05-04 11:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-30 01:13 - 2015-04-30 01:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-30 01:13 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-30 01:13 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-30 01:13 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-30 01:13 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-30 01:13 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-30 01:13 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-30 01:13 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-30 01:13 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-30 01:13 - 2015-03-17 01:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-30 01:13 - 2015-03-17 01:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-30 01:13 - 2015-03-17 01:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-30 01:13 - 2015-03-17 01:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-30 01:13 - 2015-03-17 01:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-30 01:13 - 2015-03-17 01:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-30 01:13 - 2015-03-17 01:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-30 01:13 - 2015-03-17 01:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-30 01:13 - 2015-03-17 01:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-30 01:13 - 2015-03-17 01:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-30 01:13 - 2015-03-17 01:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-30 01:13 - 2015-03-17 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-30 01:13 - 2015-03-17 01:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-30 01:13 - 2015-03-17 01:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-30 01:13 - 2015-03-17 01:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-30 01:13 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-30 01:13 - 2015-03-17 00:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-30 01:13 - 2015-03-17 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-30 01:13 - 2015-03-17 00:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-30 01:13 - 2015-03-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-30 01:13 - 2015-03-17 00:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-30 01:13 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-30 01:13 - 2015-03-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-30 01:13 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-30 01:13 - 2015-03-17 00:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-30 01:13 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-30 01:13 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-30 01:13 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-30 01:13 - 2015-03-16 23:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-30 01:13 - 2015-03-16 23:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-30 01:13 - 2015-03-16 23:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-30 01:13 - 2015-03-16 23:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-30 01:13 - 2015-03-16 23:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-30 01:13 - 2015-03-16 23:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-30 01:13 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-30 01:13 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-30 01:13 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-30 01:13 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-30 01:13 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-30 01:13 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-30 01:13 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-30 01:13 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-30 01:13 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-30 01:13 - 2015-01-27 19:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-30 01:13 - 2014-11-10 21:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-30 01:13 - 2014-08-11 22:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-30 01:13 - 2014-08-11 21:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-04-30 01:12 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-30 01:12 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-30 01:12 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-30 01:12 - 2014-12-11 13:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-30 01:12 - 2014-11-25 23:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-30 01:12 - 2014-11-25 23:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-30 01:12 - 2014-11-10 23:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-30 01:12 - 2014-11-10 22:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-30 01:12 - 2014-10-29 22:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-30 01:12 - 2014-10-29 21:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-04-30 01:12 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-30 01:12 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-30 01:11 - 2015-04-01 20:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-30 01:11 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-30 01:11 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-30 01:11 - 2015-03-13 00:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-30 01:11 - 2015-03-13 00:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-30 01:11 - 2015-03-13 00:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-30 01:11 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-30 01:11 - 2015-03-13 00:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-30 01:11 - 2015-03-13 00:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-30 01:11 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-30 01:11 - 2015-03-13 00:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-30 01:11 - 2015-03-13 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-30 01:11 - 2015-03-12 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-30 01:11 - 2015-03-12 23:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-30 01:11 - 2015-03-12 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-30 01:11 - 2015-03-12 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-30 01:11 - 2015-03-12 23:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-30 01:11 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-30 01:11 - 2015-03-12 23:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-30 01:11 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-30 01:11 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-30 01:11 - 2015-03-12 23:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-30 01:11 - 2015-03-12 23:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-30 01:11 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-30 01:11 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-30 01:11 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-30 01:11 - 2015-03-12 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-30 01:11 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-30 01:11 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-30 01:11 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-30 01:11 - 2015-03-12 23:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-30 01:11 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-30 01:11 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-30 01:11 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-30 01:11 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-30 01:11 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-30 01:11 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-30 01:11 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-30 01:11 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-30 01:11 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-30 01:11 - 2015-03-12 23:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-30 01:11 - 2015-03-12 23:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-30 01:11 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-30 01:11 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-30 01:11 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-30 01:11 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-30 01:11 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-30 01:11 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-30 01:11 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-30 01:11 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-30 01:11 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-30 01:11 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-30 01:11 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-30 01:11 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-30 01:11 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-30 01:11 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-30 01:11 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-30 01:11 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-30 01:11 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-30 01:11 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-30 01:11 - 2014-11-07 23:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-30 01:11 - 2014-11-07 22:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-04-30 01:11 - 2014-10-02 22:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-30 01:11 - 2014-10-02 22:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-30 01:11 - 2014-10-02 22:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-30 01:11 - 2014-10-02 22:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-30 01:11 - 2014-10-02 22:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-30 01:11 - 2014-10-02 21:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-30 01:11 - 2014-10-02 21:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-04-30 01:11 - 2014-10-02 21:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-04-30 01:11 - 2014-10-02 21:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-04-30 01:11 - 2014-10-02 21:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-04-30 01:10 - 2015-04-30 01:10 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-04-30 01:09 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-30 01:09 - 2014-10-24 21:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-30 01:09 - 2014-10-24 21:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-30 01:07 - 2015-04-30 01:07 - 05014810 _____ () C:\Users\Bobby\Downloads\ASMedia_xHCI_Host_Controller_Driver_v1.16.12.0.zip
2015-04-30 01:07 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-30 01:07 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-30 01:07 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-30 01:07 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-04-30 01:07 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-30 01:07 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-30 01:06 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-30 01:06 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-30 01:06 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-30 01:06 - 2014-12-07 23:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-30 01:06 - 2014-12-07 22:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-30 01:06 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-30 01:06 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-30 00:44 - 2015-05-02 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-29 19:33 - 2015-04-08 16:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-29 19:23 - 2015-04-08 20:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 10423952 ____H (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-29 19:23 - 2015-04-08 20:58 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-29 19:23 - 2015-04-08 20:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-29 18:07 - 2015-04-29 18:07 - 00000000 __SHD () C:\found.001
2015-04-29 17:48 - 2015-05-02 15:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-29 17:48 - 2015-04-29 17:48 - 00000000 ____D () C:\NVIDIA
2015-04-29 17:47 - 2015-04-29 19:34 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-29 17:47 - 2015-04-29 19:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-29 17:47 - 2015-04-29 19:24 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-29 17:47 - 2015-04-08 17:30 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-29 17:47 - 2015-04-08 17:30 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-29 17:47 - 2015-04-08 17:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-29 17:47 - 2015-04-08 17:30 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-29 17:47 - 2015-04-08 17:30 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-29 17:47 - 2015-04-08 17:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-29 17:47 - 2015-04-08 13:52 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-29 17:46 - 2015-04-29 17:47 - 283201840 _____ (NVIDIA Corporation) C:\Users\Bobby\Downloads\350.12-desktop-win8-win7-winvista-64bit-international-whql.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 11:49 - 2011-06-26 22:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-04 04:08 - 2013-05-05 21:13 - 01745273 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 03:15 - 2011-08-19 15:16 - 00000400 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job
2015-05-03 20:32 - 2012-07-17 23:38 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\vlc
2015-05-03 17:56 - 2009-07-14 01:13 - 00912608 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-03 17:49 - 2011-06-26 22:38 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 18:54 - 2009-07-14 00:45 - 00019392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 18:54 - 2009-07-14 00:45 - 00019392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 15:36 - 2014-08-09 09:50 - 00129752 ____H (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-02 15:35 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 14:56 - 2010-12-01 12:14 - 00904730 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-02 14:44 - 2014-03-25 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-02 14:44 - 2010-11-24 12:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-05-02 14:28 - 2014-02-20 15:20 - 22413696 _____ (Microsoft Corporation) C:\Users\Bobby\Downloads\IPx64_1033_8.20.468.0.exe
2015-05-02 14:05 - 2010-11-24 12:42 - 00000000 ____D () C:\ProgramData\InstallShield
2015-05-02 14:04 - 2010-11-24 12:29 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-02 13:56 - 2010-11-30 15:18 - 00000000 ____D () C:\Users\Bobby
2015-05-02 13:55 - 2014-08-16 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-05-02 13:55 - 2014-07-02 02:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-02 13:55 - 2014-07-02 02:48 - 00000000 ____D () C:\Program Files\Java
2015-05-02 13:55 - 2013-09-20 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-02 13:55 - 2011-06-21 22:11 - 00000000 ____D () C:\Users\DefaultAppPool
2015-05-02 13:55 - 2011-06-02 23:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-02 13:55 - 2010-11-24 12:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-02 13:54 - 2014-06-04 22:19 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2015-05-02 13:54 - 2010-11-24 12:33 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-02 13:54 - 2010-11-24 12:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-02 13:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-05-02 13:14 - 2014-06-25 21:48 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-02 12:55 - 2014-09-24 19:38 - 00000000 ____D () C:\RamDrive
2015-05-02 08:57 - 2011-04-08 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
2015-05-02 08:57 - 2010-12-30 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open DVD ripper
2015-05-02 08:57 - 2010-12-29 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Cloner
2015-05-02 08:57 - 2010-12-28 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 5.2
2015-05-02 08:56 - 2012-06-22 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonus Ball Scoreboard
2015-05-02 08:56 - 2012-03-25 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seo Indexer Pro
2015-05-02 08:56 - 2012-01-20 21:58 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StampManage 2012
2015-05-02 08:56 - 2011-12-20 10:55 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Mail PassView
2015-05-02 08:56 - 2011-06-22 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-02 08:56 - 2011-06-19 21:26 - 00000000 ____D () C:\Users\Bobby\Desktop\Video Tools
2015-05-02 08:56 - 2011-06-15 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-05-02 08:56 - 2011-06-14 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-05-02 08:56 - 2011-03-18 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV
2015-05-02 08:56 - 2011-01-04 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue cloner
2015-05-02 08:56 - 2010-12-22 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
2015-05-02 08:56 - 2010-11-30 16:46 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\Macromedia
2015-05-02 08:56 - 2010-11-24 12:44 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-05-01 20:59 - 2013-03-22 11:22 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\AVS4YOU
2015-05-01 20:56 - 2013-03-22 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-05-01 20:15 - 2011-08-03 17:18 - 00000000 ____D () C:\ProgramData\Garmin
2015-05-01 19:01 - 2012-03-05 15:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-01 18:59 - 2012-12-05 00:06 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\Samsung
2015-05-01 18:59 - 2012-12-05 00:04 - 00000000 ____D () C:\ProgramData\Samsung
2015-05-01 16:30 - 2010-12-08 18:03 - 00000000 ____D () C:\Windows\pss
2015-05-01 10:22 - 2010-12-30 17:08 - 00000000 ____D () C:\Users\Bobby\Desktop\Avatars
2015-04-30 03:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-30 02:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-04-30 02:16 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-30 02:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2015-04-30 02:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-30 02:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-30 02:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-30 01:56 - 2010-11-30 22:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-30 01:46 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-30 01:32 - 2012-05-01 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-04-30 01:32 - 2011-01-25 18:04 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-04-30 01:32 - 2011-01-25 18:03 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-04-30 01:32 - 2010-11-30 19:37 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-04-30 01:27 - 2010-11-24 12:30 - 00000000 ____D () C:\Windows\softwaredistribution.old
2015-04-30 01:23 - 2012-07-22 14:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-30 01:23 - 2012-07-22 14:31 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-30 00:52 - 2013-01-27 21:10 - 00000000 ____D () C:\Users\Bobby\AppData\Roaming\DisplayFusion
2015-04-30 00:49 - 2012-05-02 09:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-30 00:33 - 2014-08-09 09:50 - 00000795 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-30 00:32 - 2014-06-19 10:57 - 00001312 _____ () C:\Users\Public\Desktop\DisplayFusion.lnk
2015-04-30 00:32 - 2013-01-27 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2015-04-30 00:32 - 2013-01-27 21:10 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2015-04-30 00:02 - 2014-04-14 14:27 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-29 23:23 - 2014-01-13 13:20 - 00003156 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2015-04-29 23:23 - 2014-01-13 13:20 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-29 19:34 - 2010-11-24 12:36 - 00000000 ____D () C:\Temp
2015-04-29 17:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2015-04-29 17:44 - 2011-06-26 22:38 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-29 17:44 - 2011-06-26 22:38 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-08 20:58 - 2015-02-20 01:18 - 00029329 _____ () C:\Windows\system32\nvinfo.pb

==================== Files in the root of some directories =======

2014-05-25 11:06 - 2014-05-25 11:06 - 14936064 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-02-19 23:22 - 2013-02-19 23:27 - 0000576 _____ () C:\Users\Bobby\AppData\Roaming\All CPU MeterV3_Settings.ini
2011-12-22 09:56 - 2011-12-22 09:56 - 0000412 _____ () C:\Users\Bobby\AppData\Roaming\All CPU Meter_Settings.ini
2013-05-26 22:29 - 2013-05-26 22:31 - 0000096 _____ () C:\Users\Bobby\AppData\Roaming\Camdata.ini
2013-05-26 22:29 - 2013-05-26 22:31 - 0000408 _____ () C:\Users\Bobby\AppData\Roaming\CamLayout.ini
2013-05-26 22:29 - 2013-05-26 22:31 - 0000408 _____ () C:\Users\Bobby\AppData\Roaming\CamShapes.ini
2013-05-26 22:31 - 2013-05-26 22:31 - 0004416 _____ () C:\Users\Bobby\AppData\Roaming\CamStudio.cfg
2011-12-22 10:02 - 2011-12-23 11:27 - 0000128 _____ () C:\Users\Bobby\AppData\Roaming\Earthquakes Meter_Settings.ini
2011-12-22 10:00 - 2011-12-22 10:00 - 0000352 _____ () C:\Users\Bobby\AppData\Roaming\Network Meter_Settings.ini
2011-06-03 04:00 - 2014-04-11 01:39 - 0008704 _____ () C:\Users\Bobby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-01 02:08 - 2014-09-26 21:29 - 0007613 _____ () C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg
2010-12-26 15:01 - 2011-03-10 08:25 - 0000125 ___SH () C:\ProgramData\.zreglib
2013-01-15 21:39 - 2013-01-27 16:40 - 0001303 _____ () C:\ProgramData\lmab.log
2011-08-31 17:06 - 2011-08-31 17:06 - 0000100 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 00:21

==================== End Of Log ============================

Link to post
Share on other sites

Sorry for the double post, it told me my post was too long...

 

Addition.txt
===============

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Bobby at 2015-05-04 12:18:58
Running from E:\Tools
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-81963032-649918307-2679247094-500 - Administrator - Disabled)
Bobby (S-1-5-21-81963032-649918307-2679247094-1001 - Administrator - Enabled) => C:\Users\Bobby
Guest (S-1-5-21-81963032-649918307-2679247094-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.4.1695 - Open Media LLC)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.5 - Adobe Systems Incorporated)
Adobe Dreamweaver CS3 (HKLM-x32\...\Adobe_435a6af7459cb02a9c1138113a26e93) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia Extreme (HKLM-x32\...\{88B05038-C890-468B-A563-0015FD53CDC3}) (Version: 1.0.9.9 - ArcSoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0517.1741 - )
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.1.540 - Online Media Technologies Ltd.)
AVS Audio Editor 8.0 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.0.1.500 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.3.533 - Online Media Technologies Ltd.)
AVS Document Converter 2.4.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 2.4.1.236 - Online Media Technologies Ltd.)
AVS Image Converter 3.2.2.278 (HKLM-x32\...\AVS Image Converter_is1) (Version: 3.2.2.278 - Online Media Technologies Ltd.)
AVS Media Player 4.2.4.107 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.4.107 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.2.145 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.2.145 - Online Media Technologies Ltd.)
AVS Registry Cleaner 2.3.5.262 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 2.3.5.262 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.3.572 - Online Media Technologies Ltd.)
AVS Video Editor 7.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.1.2.262 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.4.2.168 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.4.2.168 - Online Media Technologies Ltd.)
Better File Series (HKLM\...\Better File Series_is1) (Version:  - publicspace.net)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CombineZP (HKLM-x32\...\{8E41D2A5-C0DD-4139-8C7A-2F0E1F20ED24}) (Version: 1.0.0 - Alan Hadley)
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.125 - PC-Doctor, Inc.)
Dell System Detect (HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\9204f5692a8faf3b) (Version: 4.0.5.6 - Dell)
Desktop Icon Position Saver (64-bit) (HKLM-x32\...\dips64) (Version:  - )
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DisplayFusion 7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.1.0.0 - Binary Fortress Software)
DVD43 Plug-in v1.0.0.5 (HKLM-x32\...\DVD43 Plug-in_is1) (Version:  - )
FeedReader (HKLM-x32\...\FeedReader_is1) (Version:  - i-Systems Inc.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Helicon Focus 5.3.7 (HKLM-x32\...\Helicon Focus_is1) (Version:  - Helicon Soft Ltd.)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
Lexmark Software Uninstall (HKLM\...\Lexmark_HostCD) (Version:  - Lexmark International, Inc.)
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.7.1 - LG Electronics)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Macro Express 3 (HKLM-x32\...\Macro Express 3) (Version: 3.8.1.1 - Insight Software Solutions, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Digital Image Pro 7.0 (HKLM-x32\...\{369B36BE-3D64-4641-9AEA-808D436FE134}) (Version: 7.0.0.0000 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook SMS Add-in (HKLM-x32\...\{FD5C399F-2D43-4EC5-AAF7-D600041EF25C}) (Version: 12.0.0009.0 - Microsoft Office)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Policies (HKLM-x32\...\{01C5A10F-AD9B-405B-853A-6659841A1242}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Query Tools English (HKLM-x32\...\{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 6.0 (HKLM-x32\...\{7A181D43-86AE-4362-91BF-5C01A19653D7}_is1) (Version:  - MiniTool Solution Ltd.)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MT300 Driver Version 1.0 (HKLM\...\{7C1D54BE-66A1-4B03-9A67-A219D918C71C}_is1) (Version:  - AmScope)
MyFreeCodec (HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\MyFreeCodec) (Version:  - )
Myibidder Auction Bid Sniper for eBay 1.1.4 (HKLM-x32\...\myibay eBay bid sniper_is1) (Version: 1.1.4 (Build 551) - Myibidder.com)
MyInfinity (HKLM-x32\...\com.carrier.myinfinity) (Version: 1.64 - Carrier Corporation)
MyInfinity (x32 Version: 1.64 - Carrier Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NexDef Plug-in (HKLM-x32\...\Autobahn) (Version:  - )
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version:  - )
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PGA Championship Golf CE (HKLM-x32\...\PGA Championship Golf CE) (Version:  - )
PhoneTray Pro (HKLM-x32\...\PhoneTrayPro) (Version:  - Traysoft Inc.)
RAMDisk (HKLM-x32\...\{0FEB4B92-FA19-4417-B7A2-092D1F85A2FA}) (Version: 4.4.0.32 - Dataram, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Redist (HKLM-x32\...\{0F052922-4BCE-4763-A540-00857554336D}) (Version: 3.00.0000 - Verizon)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
SEO Link Robot - Fast Indexer 2.0.1.0 (HKLM\...\{8E9F77E9-8C21-4DEE-8295-A9599CECA49D}) (Version: 2.0.1.0 - http://www.seolinkrobot.com)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skins (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.07 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SQLyog 11.22 (64 bit) (HKLM\...\SQLyog64) (Version: 11.22 (64 bit) - Webyog Inc.)
SQLyog Trial 11.2 (64 bit) (HKLM\...\SQLyogTrial64) (Version: 11.2 (64 bit) - Webyog Inc.)
StampManage 2012 (HKLM-x32\...\StampManage_2012) (Version: 2012 - Liberty Street Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Toolbar Cleaner 1.1 (HKLM-x32\...\Toolbar Cleaner) (Version:  - Visicom Media Inc.)
Total Recorder 8.4 Standard Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
Tt eSPORTS Challenger Ultimate (HKLM-x32\...\{D65D9706-6D6D-42E8-A11A-63E3AFECBBC1}) (Version: 2.0.2.0 - Tt eSPORTS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.63.0 - Verizon)
WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.10 - Earth Networks, Inc.)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinHTTrack Website Copier 3.43-9D (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.43.12 - HTTrack)
Wondershare DVD Slideshow Builder Deluxe(Build 6.1.14.0) (HKLM-x32\...\Wondershare DVD Slideshow Builder Deluxe_is1) (Version: 6.1.14.0 - WonderShare Software Co.,Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-81963032-649918307-2679247094-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-81963032-649918307-2679247094-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points  =========================

01-05-2015 18:58:52 Removed Samsung Kies
01-05-2015 20:15:21 Garmin Express
01-05-2015 20:32:11 Removed EasyRotator Wizard
01-05-2015 20:59:40 AVS Registry Cleaner First Launch
01-05-2015 21:01:53 Backup_2015_05_01
02-05-2015 08:45:23 Installed OutlookTempCleaner
02-05-2015 08:54:45 Restore Operation
02-05-2015 10:20:49 Intel® Driver Update Utility
02-05-2015 10:31:27 Before RST Drivers Installed
02-05-2015 11:18:45 Intel® Driver Update Utility
02-05-2015 11:19:05 Intel® Driver Update Utility
02-05-2015 12:56:39 Windows Update
02-05-2015 13:31:01 Windows Update
02-05-2015 13:52:52 Restore Operation
02-05-2015 14:44:38 Intel® Driver Update Utility
02-05-2015 14:46:09 Windows Update
02-05-2015 14:54:25 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-05-03 19:43 - 00000049 ___AH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        localhost
184.173.133.194    localhost


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D97C919-587F-41B3-8A52-CBA6E218AEC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-29] (Google Inc.)
Task: {0FFB8787-4C47-4048-A6A0-967CE40C6DE1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {1D21B419-1C9C-42B1-B868-0A7907F507E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-30] (Adobe Systems Incorporated)
Task: {4D34EDE2-6423-40EA-8B0B-D8EDF918BBC7} - System32\Tasks\{72542618-5868-4811-897C-462811BCE66B} => pcalua.exe -a I:\setup.exe -d I:\
Task: {55A0A708-8ADC-4CE7-A30F-88A349791AE4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {56266528-F4A2-4271-9536-59BB19E02AD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-29] (Google Inc.)
Task: {59EB21DA-55DE-4FCA-B46E-D58919E195B3} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {6D01FA09-4B0A-4949-BB17-9C24E5E9440B} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2013-02-05] (PC-Doctor, Inc.)
Task: {77F48B53-100C-42A4-A923-09DB26616172} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {92C7A032-A099-4EF4-93F0-1152CF1616B0} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A557A309-49B3-4520-B29F-165B49628D6A} - System32\Tasks\{C307FFE5-45A5-43E4-93F0-74C5B09A2E07} => pcalua.exe -a C:\Users\Bobby\Downloads\msicuu2.exe -d C:\Users\Bobby\Downloads
Task: {A7850C34-4B01-45AF-B246-D606C186D898} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BF28393E-1A96-4C1B-8816-438FC8987EBC} - System32\Tasks\Defraggler Volume C Task => E:\Program Files\Defraggler\df64.exe [2015-03-11] (Piriform Ltd)
Task: {D378CFB7-49C2-4629-8B0E-BAAE5E7D22F5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {DD245E11-DCD4-4F8B-A861-37DD2271C76A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DF78A8B7-BE49-4E44-96DD-502775125E04} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {E7DB10C1-A1FC-46C6-B32E-AE9BE734298A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F6B523A7-3F9E-4B22-A12E-A73492621FF1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FFF37266-A570-4526-AFFB-F045660E26F5} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => E:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () E:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2011-03-30 17:13 - 2010-08-05 14:39 - 00045056 _____ () C:\Program Files (x86)\Thermaltake Ttesports Ultimate\WMINPUT.DLL
2013-11-22 13:03 - 2013-11-22 13:03 - 00036672 _____ () E:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-11-22 13:03 - 2013-11-22 13:03 - 00028024 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-11-22 13:06 - 2013-11-22 13:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2007-02-21 04:22 - 2007-02-21 04:22 - 00073728 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\NetIO.dll
2007-02-21 04:22 - 2007-02-21 04:22 - 00143360 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\CoreTypes.dll
2007-02-21 04:10 - 2007-02-21 04:10 - 00843776 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\LIBEAY32.dll
2007-02-21 04:11 - 2007-02-21 04:11 - 00159744 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\SSLEAY32.dll
2007-02-21 04:22 - 2007-02-21 04:22 - 00139264 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\LIBCURL.dll
2007-02-21 04:23 - 2007-02-21 04:23 - 00442368 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Workspace.dll
2007-02-21 04:48 - 2007-02-21 04:48 - 02322432 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\Resources.dll
2007-02-21 04:23 - 2007-02-21 04:23 - 00192512 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\JSExtensions\SWFFile.dll
2007-02-21 04:23 - 2007-02-21 04:23 - 00196608 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\JSExtensions\MM.dll
2007-02-21 04:23 - 2007-02-21 04:23 - 00176128 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\JSExtensions\DWfile.dll
2007-02-21 04:25 - 2007-02-21 04:25 - 00200704 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\NetIOFTP.dll
2007-02-21 04:23 - 2007-02-21 04:23 - 00233472 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\JSExtensions\TSL.dll
2007-02-21 04:09 - 2007-02-21 04:09 - 00094208 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Plug-Ins\BMP Import Export.x32
2007-02-21 04:23 - 2007-02-21 04:23 - 00524288 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\SourceControl\ssPlugin.dll
2007-02-21 04:07 - 2007-02-21 04:07 - 00017408 _____ () E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Configuration\JSExtensions\DWEMLaunch.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2010-12-01 20:32 - 2007-01-28 16:43 - 00393216 _____ () E:\Program Files (x86)\Adobe\Fireworks\AdobeXMP.dll
2010-12-01 20:33 - 2007-01-31 10:35 - 00053248 _____ () E:\Program Files (x86)\Adobe\Fireworks\SPBasic.dll
2010-12-01 20:32 - 2007-03-15 16:37 - 00147456 _____ () E:\Program Files (x86)\Adobe\Fireworks\CoreTypes.dll
2010-12-01 20:33 - 2007-03-15 16:37 - 00344064 _____ () E:\Program Files (x86)\Adobe\Fireworks\jslib.dll
2010-12-01 20:33 - 2007-03-15 16:37 - 00135168 _____ () E:\Program Files (x86)\Adobe\Fireworks\libpng.dll
2010-12-01 20:33 - 2007-03-15 16:37 - 00073728 _____ () E:\Program Files (x86)\Adobe\Fireworks\zlib.dll
2010-12-01 20:33 - 2007-03-15 16:37 - 00110592 _____ () E:\Program Files (x86)\Adobe\Fireworks\python.dll
2010-12-01 20:33 - 2007-03-15 16:38 - 00110592 _____ () E:\Program Files (x86)\Adobe\Fireworks\giflib.dll
2010-12-01 20:33 - 2007-03-15 16:37 - 00073728 _____ () E:\Program Files (x86)\Adobe\Fireworks\NetIO.dll
2010-12-01 20:33 - 2007-02-23 11:07 - 02781184 _____ () E:\Program Files (x86)\Adobe\Fireworks\Plug-Ins\authplay.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\dell.com -> dell.com

IE restricted site: HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\doubleclick.net -> doubleclick.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-81963032-649918307-2679247094-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bobby\AppData\Local\DisplayFusion\Wallpaper_2.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LightScribeService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk => C:\Windows\pss\Amazon Unbox.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Bobby^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NexDef Plug-in.lnk => C:\Windows\pss\NexDef Plug-in.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Verizon_McciTrayApp => "C:\Program Files\Verizon\McciTrayApp.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{9BFEBFB5-A7E4-4ECD-9E3C-1CE4353197AC}] => (Allow) svchost.exe
FirewallRules: [{E5212E13-B0EB-4CB0-B327-CC047FE35C38}] => (Allow) E:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [TCP Query User{325E49DD-CF56-4252-8067-319204856080}E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [uDP Query User{2AFF4B38-0F54-4D42-BF93-E1CC097169A3}E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7F1C3AA0-CFB2-4E70-B8D3-8D624BB35588}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{9C2A703D-F4DA-4CB7-9438-9271B607C0EC}E:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) E:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [uDP Query User{489D4D35-C8C0-4987-96D9-C7FD6D6C13B5}E:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) E:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{8D1D4F40-219D-49D1-B41B-7638909B8BBF}] => (Allow) LPort=50000
FirewallRules: [TCP Query User{033BA077-5C6D-45B1-A14D-8A4E19332602}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [uDP Query User{BDC81EC8-C1E4-42F8-A2A9-E70538959DB3}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{884CCB4E-D41A-4284-BAC0-C5D3F33F37FE}] => (Allow) LPort=50000
FirewallRules: [TCP Query User{6AD3988B-C71C-485F-87CA-9C58C1154DED}E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [uDP Query User{561DA085-BED1-45A8-B145-6AFC1F5FC059}E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) E:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [{EB92B920-D6AF-4887-BA70-0856A0803338}] => (Allow) C:\Windows\system32\LMabcoms.exe
FirewallRules: [TCP Query User{A564BE51-52EE-4F03-9026-DB47DEAA2D98}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [uDP Query User{85669F45-EC6C-4255-8843-05C449719B14}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [{594F7106-80B2-48E7-97BD-CB75F4CE6A40}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F95CBE56-8084-4A37-A301-A6BF231425E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F786970A-5E5F-404B-9D52-54F10E09A91B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B531DBC-B065-4918-8EDD-E8D5569C3EF3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{974AF2E5-EB96-4C7D-A85E-D12E19693FB6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B827A608-821F-4B3D-9C28-501D48814214}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C5950462-7BA0-446A-B878-BDB6275478E2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{F7680171-EA76-4273-B8CA-DD12E236BDCA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{3EC5686F-1EB2-4049-9A3D-8088C4854B7D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{122BCD44-873D-4C01-B5DD-8C9189CF5F82}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{D443C002-4A8F-420A-94E5-5D088B2C9F43}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2015 01:00:01 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location H:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (05/02/2015 03:23:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Dreamweaver.exe version 9.0.0.3453 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15c8

Start Time: 01d08509d63aa7fa

Termination Time: 10

Application Path: E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe

Report Id: a1e7aa33-f100-11e4-86df-f04da23a5cc2

Error: (05/02/2015 02:04:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (05/02/2015 02:04:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


System errors:
=============
Error: (05/03/2015 03:50:00 PM) (Source: WMPNetworkSvc) (EventID: 14370) (User: )
Description: 0xc00d28af192.168.1.201

Error: (05/02/2015 04:00:54 PM) (Source: DCOM) (EventID: 10009) (User: )
Description: KIRK

Error: (05/02/2015 04:00:44 PM) (Source: DCOM) (EventID: 10009) (User: )
Description: KIRK

Error: (05/02/2015 03:35:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (05/02/2015 02:50:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (05/02/2015 02:47:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (05/02/2015 02:31:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (05/02/2015 02:10:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (05/02/2015 02:06:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (05/02/2015 02:03:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 14 time(s).


Microsoft Office Sessions:
=========================
Error: (09/22/2014 01:47:21 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/22/2014 01:46:55 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3311 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (06/09/2014 02:15:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 211 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (06/09/2014 10:16:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/08/2014 00:59:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/27/2013 11:57:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 72922 seconds with 1020 seconds of active time.  This session ended with a crash.

Error: (04/10/2013 01:58:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 58827 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (06/06/2012 00:40:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/25/2012 02:41:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 77 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (11/24/2011 10:19:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 209762 seconds with 3120 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-05-05 21:37:44.420
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-05 21:37:44.296
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 14:57:59.989
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 14:57:59.878
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 14:57:59.765
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 14:57:59.653
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-07-01 22:33:09.794
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-07-01 22:33:09.743
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-02 20:26:15.213
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\jraid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-02 20:26:15.182
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\jraid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 61%
Total physical RAM: 24566.93 MB
Available physical RAM: 9496.21 MB
Total Pagefile: 24581.12 MB
Available Pagefile: 9485.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Operating System) (Fixed) (Total:105 GB) (Free:50.41 GB) NTFS
Drive e: (Programs (SSD)) (Fixed) (Total:73.84 GB) (Free:49.64 GB) NTFS
Drive f: (Local Disk) (Fixed) (Total:596.17 GB) (Free:526.94 GB) NTFS
Drive g: (RAMDRIVE) (Fixed) (Total:9.99 GB) (Free:9.97 GB) FAT32
Drive h: (Video) (Fixed) (Total:1863.01 GB) (Free:1546.54 GB) NTFS
Drive p: (64GB) (Removable) (Total:57.66 GB) (Free:40.02 GB) NTFS
Drive t: (Temporary & Paging Files (SSD)) (Fixed) (Total:3.05 GB) (Free:1.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: B72BC311)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 83.8 GB) (Disk ID: 1DC3253B)
Partition 1: (Not Active) - (Size=73.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=3 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: 6052FF4B)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=42)

========================================================
Disk: 3 (Size: 10 GB) (Disk ID: 2B6D6B05)
Partition 1: (Active) - (Size=10 GB) - (Type=0B)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 57.7 GB) (Disk ID: 783C45B8)
Partition 1: (Not Active) - (Size=57.7 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 21966352)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Thanks in advance!

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 5/4/2015 2:56:50 AM, SYSTEM, BOBBY-PC, Scheduler, Malware Database, 2015.5.1.1, 2015.5.3.6,
Protection, 5/4/2015 2:56:51 AM, SYSTEM, BOBBY-PC, Protection, Refresh, Starting,
Protection, 5/4/2015 2:56:51 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopping,
Protection, 5/4/2015 2:56:51 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopped,
Protection, 5/4/2015 2:56:57 AM, SYSTEM, BOBBY-PC, Protection, Refresh, Success,
Protection, 5/4/2015 2:56:57 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Starting,
Protection, 5/4/2015 2:56:57 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Started,
Scan, 5/4/2015 3:06:23 AM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 2:56:51 AM, Duration:9 min 31 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Scan, 5/4/2015 3:17:51 AM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 3:09:34 AM, Duration:8 min 15 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Detection, 5/4/2015 10:38:02 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53291, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:38:02 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53291, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:38:29 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53301, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:39:26 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53302, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:41:38 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53441, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 12:05:54 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50265, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Update, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Manual, Malware Database, 2015.5.3.6, 2015.5.4.4,
Protection, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Starting,
Protection, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopping,
Protection, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopped,
Protection, 5/4/2015 12:09:56 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Success,
Protection, 5/4/2015 12:09:56 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Starting,
Protection, 5/4/2015 12:09:57 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Started,
Scan, 5/4/2015 12:10:06 PM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 12:09:51 PM, Duration:0 min 13 sec, Threat Scan, Cancelled, 0 Malware Detections, 0 Non-Malware Detections,
Detection, 5/4/2015 12:12:22 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50471, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 12:12:22 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50471, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 12:13:00 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50473, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Scan, 5/4/2015 12:17:33 PM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 12:10:52 PM, Duration:6 min 40 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Manual, Malware Database, 2015.5.4.4, 2015.5.4.5,
Protection, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Starting,
Protection, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopping,
Protection, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopped,
Protection, 5/4/2015 1:33:53 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Success,
Protection, 5/4/2015 1:33:53 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Starting,
Protection, 5/4/2015 1:33:54 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Started,
Scan, 5/4/2015 1:43:01 PM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 1:33:48 PM, Duration:9 min 12 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

(end)

 

Yesterdays had some attempted FF outbounds to the same place.

Link to post
Share on other sites

  • Root Admin

Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology


    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Link to post
Share on other sites

Running step 7 now... if I remember correctly it takes 3 or 4 hours.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Professional x64
Ran by Bobby on Sun 05/10/2015 at 12:40:47.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 05/10/2015 at 12:43:33.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v4.203 - Logfile created 10/05/2015 at 12:49:18
# Updated 30/04/2015 by Xplode
# Database : 2015-05-09.1 [server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Bobby - BOBBY-PC
# Running from : E:\Tools\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 en-US)


-\\ Google Chrome v42.0.2311.135


*************************

AdwCleaner[R0].txt - [3392 bytes] - [05/05/2015 10:55:36]
AdwCleaner[R1].txt - [901 bytes] - [10/05/2015 12:46:58]
AdwCleaner[s0].txt - [3407 bytes] - [05/05/2015 10:59:21]
AdwCleaner[s1].txt - [827 bytes] - [10/05/2015 12:49:18]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [885  bytes] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/10/2015
Scan Time: 12:56:42 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.10.05
Rootkit Database: v2015.04.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bobby

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 435076
Time Elapsed: 7 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Enabled
Heuristics: Disabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • Root Admin

The following files though not necessarily a threat do not belong in the root of these folders.
Basically most parent folders and often 1st folder of Parent folder should not have files in them.

This can often be due to poorly written programs or from installations that did not run correctly initially when the software was installed.

==================== Files in the root of some directories =======

2014-05-25 11:06 - 2014-05-25 11:06 - 14936064 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-02-19 23:22 - 2013-02-19 23:27 - 0000576 _____ () C:\Users\Bobby\AppData\Roaming\All CPU MeterV3_Settings.ini
2011-12-22 09:56 - 2011-12-22 09:56 - 0000412 _____ () C:\Users\Bobby\AppData\Roaming\All CPU Meter_Settings.ini
2013-05-26 22:29 - 2013-05-26 22:31 - 0000096 _____ () C:\Users\Bobby\AppData\Roaming\Camdata.ini
2013-05-26 22:29 - 2013-05-26 22:31 - 0000408 _____ () C:\Users\Bobby\AppData\Roaming\CamLayout.ini
2013-05-26 22:29 - 2013-05-26 22:31 - 0000408 _____ () C:\Users\Bobby\AppData\Roaming\CamShapes.ini
2013-05-26 22:31 - 2013-05-26 22:31 - 0004416 _____ () C:\Users\Bobby\AppData\Roaming\CamStudio.cfg
2011-12-22 10:02 - 2011-12-23 11:27 - 0000128 _____ () C:\Users\Bobby\AppData\Roaming\Earthquakes Meter_Settings.ini
2011-12-22 10:00 - 2011-12-22 10:00 - 0000352 _____ () C:\Users\Bobby\AppData\Roaming\Network Meter_Settings.ini
2011-06-03 04:00 - 2014-04-11 01:39 - 0008704 _____ () C:\Users\Bobby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-01 02:08 - 2014-09-26 21:29 - 0007613 _____ () C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg
2010-12-26 15:01 - 2011-03-10 08:25 - 0000125 ___SH () C:\ProgramData\.zreglib
2013-01-15 21:39 - 2013-01-27 16:40 - 0001303 _____ () C:\ProgramData\lmab.log
2011-08-31 17:06 - 2011-08-31 17:06 - 0000100 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

 

 

 

 

 

 

STEP 1

Please click on START --- RUN -- and type in CMD.EXE and click OK

 

Then type in the following exactly. The system will say it cannot lock the drive and ask if you want to run it after a restart. Press the Y key and then the Enter key, then restart the computer and let the disk check run. It can take a long time so just leave it alone and let it run.

CHKDSK   C:  /R

On Windows XP the disk check log is in the Event Logs under Application with a heading source of  Winlogon

How to view and manage event logs in Event Viewer in Windows XP

 

Copy/Paste back the results of that log on your next reply.

 

 

 

STEP 2

Your Windows Search database is corrupt and needs to be repaired.
 

Error: (05/08/2015 03:54:34 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

 

Please visit the following site and run the fixit tool from Microsoft.
Fix Windows Desktop Search when it crashes or not showing results
 

 

 

 

STEP 3

You're also having issues with other services that need to be repaired. But we'll address them a little later on.

Example of some:

System errors:=============Error: (05/10/2015 00:49:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The Acronis Scheduler2 Service service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.Error: (05/10/2015 00:49:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.Error: (05/10/2015 00:49:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

STEP 4

 

Please do the following.

 

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 
 

 

 

STEP 5

 

Please do the following.

 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

I'll review the logs and we'll continue repairing other items at that time.

 

Thanks

 

fixlist.txt

Link to post
Share on other sites

No idea why the date is wonky in the javara log. The Windows system date is correct.

 

 


Checking file system on C:
The type of the file system is NTFS.
Volume label is Operating System.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  285440 file records processed.                                          File verification completed.
  1025 large file records processed.                                      0 bad file records processed.                                        0 EA records processed.                                              62 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
  386884 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
  285440 file SDs/SIDs processed.                                         Cleaning up 115 unused index entries from index $SII of file 0x9.
Cleaning up 115 unused index entries from index $SDH of file 0x9.
Cleaning up 115 unused security descriptors.
Security descriptor verification completed.
  50723 data files processed.                                            CHKDSK is verifying Usn Journal...
  36560984 USN bytes processed.                                             Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  285424 files processed.                                                 File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  13522458 free clusters processed.                                         Free space verification is complete.
Windows has checked the file system and found no problems.

 110099452 KB total disk space.
  55474016 KB in 190491 files.
    138292 KB in 50724 indexes.
         0 KB in bad sectors.
    397312 KB in use by the system.
     65536 KB occupied by the log file.
  54089832 KB available on disk.

      4096 bytes in each allocation unit.
  27524863 total allocation units on disk.
  13522458 allocation units available on disk.

Internal Info:
00 5b 04 00 49 ae 03 00 3c e0 06 00 00 00 00 00  .[..I...<.......
6a 02 00 00 3e 00 00 00 00 00 00 00 00 00 00 00  j...>...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
 

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Fri Jun 29 11:00:37 2012

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\JavaSoft

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

------------------------------------

Finished reporting.



Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

Found and removed: Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}

Found and removed: Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}

There was an error removing \Mozilla Firefox\extensions\jre7. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\Qm|u^–|u. The error returned was 124.

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun May 10 19:17:54 2015

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\6C5ADB75C34456D42B338232391207FF

Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

Found and removed: SOFTWARE\JavaSoft

Found and removed: SOFTWARE\JreMetrics

------------------------------------

Finished reporting.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Bobby at 2015-05-10 19:27:23 Run:1
Running from C:\Users\Bobby\Desktop
Loaded Profiles: Bobby (Available profiles: Bobby & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-81963032-649918307-2679247094-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-81963032-649918307-2679247094-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKLM -> {F532A5DA-0013-4CE1-BFEB-4A280AD829E7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {3FFC994E-18C0-4818-BD04-55311417924A} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> {3FFC994E-18C0-4818-BD04-55311417924A} URL =
SearchScopes: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> {F532A5DA-0013-4CE1-BFEB-4A280AD829E7} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-08-16] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-08-16] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> E:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-81963032-649918307-2679247094-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93}
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} https://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-08-16] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
Task: {4D34EDE2-6423-40EA-8B0B-D8EDF918BBC7} - System32\Tasks\{72542618-5868-4811-897C-462811BCE66B} => pcalua.exe -a I:\setup.exe -d I:\
Task: {A557A309-49B3-4520-B29F-165B49628D6A} - System32\Tasks\{C307FFE5-45A5-43E4-93F0-74C5B09A2E07} => pcalua.exe -a C:\Users\Bobby\Downloads\msicuu2.exe -d C:\Users\Bobby\Downloads
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
EmptyTemp:
Reboot:

*****************

HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
"HKU\S-1-5-21-81963032-649918307-2679247094-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F532A5DA-0013-4CE1-BFEB-4A280AD829E7}" => Key deleted successfully.
HKCR\CLSID\{F532A5DA-0013-4CE1-BFEB-4A280AD829E7} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3FFC994E-18C0-4818-BD04-55311417924A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3FFC994E-18C0-4818-BD04-55311417924A} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-81963032-649918307-2679247094-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3FFC994E-18C0-4818-BD04-55311417924A}" => Key deleted successfully.
HKCR\CLSID\{3FFC994E-18C0-4818-BD04-55311417924A} => Key not found.
"HKU\S-1-5-21-81963032-649918307-2679247094-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F532A5DA-0013-4CE1-BFEB-4A280AD829E7}" => Key deleted successfully.
HKCR\CLSID\{F532A5DA-0013-4CE1-BFEB-4A280AD829E7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} => Key not found.
"HKCR\Wow6432Node\CLSID\{53707962-6F74-2D53-2644-206D7942484F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKU\S-1-5-21-81963032-649918307-2679247094-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{0E5F0222-96B9-11D3-8997-00104BD12D94}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{49312E18-AA92-4CC2-BB97-55DEA7BCADD6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{49312E18-AA92-4CC2-BB97-55DEA7BCADD6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6C269571-C6D7-4818-BCA4-32A035E8C884}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{6C269571-C6D7-4818-BCA4-32A035E8C884}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} => Key not found.
HKCR\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}" => Key Deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D4B68B83-8710-488B-A692-D74B50BA558E}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D4B68B83-8710-488B-A692-D74B50BA558E}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{F6ACF75C-C32C-447B-9BEF-46B766368D29}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{F6ACF75C-C32C-447B-9BEF-46B766368D29}" => Key deleted successfully.
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2 => Key not found.
"C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll" => not found.
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2 => Key not found.
"C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2 => Key not found.
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2 => Key not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D34EDE2-6423-40EA-8B0B-D8EDF918BBC7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D34EDE2-6423-40EA-8B0B-D8EDF918BBC7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{72542618-5868-4811-897C-462811BCE66B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{72542618-5868-4811-897C-462811BCE66B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A557A309-49B3-4520-B29F-165B49628D6A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A557A309-49B3-4520-B29F-165B49628D6A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C307FFE5-45A5-43E4-93F0-74C5B09A2E07} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C307FFE5-45A5-43E4-93F0-74C5B09A2E07}" => Key deleted successfully.
C:\ProgramData\TEMP => ":07BF512B" ADS removed successfully.
EmptyTemp: => Removed 38 MB temporary data.


The system needed a reboot.

==== End of Fixlog 19:27:24 ====

Link to post
Share on other sites

  • Root Admin

Please look in the following folder

 

"C:\Program Files (x86)\Malwarebytes Anti-Malware\Plugins"

 

There should be a file called "fixdamage.exe" - please right click over that file and choose "Run as administrator"

Then restart the computer after it runs.

 

Then do the following.

 

Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome
Start by disabling Sync
How To Delete Your Google Chrome Browser Sync Data
Chrome - Reset browser settings
If that fails then Uninstall Google Chrome and do not reinstall until sure the system is clean.
 

 

Then restart the computer one more time and run a new FRST scan and make sure you place a check mark in the Addition.txt check box and post back both new logs.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.
Link to post
Share on other sites

  • Root Admin

Those logs still show that Java is installed. Are those old logs or are there still Java entries left?

 

That IP should not show up except in a couple cases.

 

1. Your ISP is somehow linked to them (if so nothing we can do except do as you've done in hosts file)

2. Your router has possibly been compromised (do a factory reset)

3. Firefox or other browsers were not fully factory reset (reset including all proxy and other connections, FF probably has / had a proxy enabled possibly)

 

Please run a full disk check on your drive as this is showing in the log.

 

Error: (05/11/2015 00:00:00 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume .

Link to post
Share on other sites

JavaRa was not generating a new file, it was showing an old one. I had to delete the old one, then run it. The files that it says are not removed are not there. There isn't even an extensions folder. I have it set to show hidden files. There are several reports of this, here's one, so I'm guessing a problem with JavaRa maybe? Note the errors are exactly the same.

 

I did a factory reset on the router.

 

Which Volume? I've run chkdsk on drive C 3 times in the last 24 hours and everything is fine. Could the erros be because its an SSD?

 

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Mon May 11 16:59:54 2015

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

------------------------------------

Finished reporting.
 

Link to post
Share on other sites

  • Root Admin

I doesn't say in that log which one. Here are the drives/partitions that are listed.

 

Disk: 0 (Size: 119.2 GB) (Disk ID: B72BC311)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 83.8 GB) (Disk ID: 1DC3253B)
Partition 1: (Not Active) - (Size=73.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=3 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: 6052FF4B)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=42)

========================================================
Disk: 3 (Size: 10 GB) (Disk ID: 2B6D6B05)
Partition 1: (Active) - (Size=10 GB) - (Type=0B)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 57.7 GB) (Disk ID: 783C45B8)
Partition 1: (Not Active) - (Size=57.7 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 21966352)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

 

 

 

Might need to run against all of them

 

 

Please do the reset on Firefox again

 

Then reboot and let me know if you're still getting this block or not.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.