Programs disappeared

kellj88 · August 10, 2015

Hi today after my laptop ran out of battery I plugged it in and started it up and after boot up the shortcuts to a bunch of my programs just say file missing or file path not found. I ran malware bytes and removed everything it found and still have the problem.

I've attached the logs from farbar

Addition.txt FRST.txt

kevinf80 · August 10, 2015

Hello and welcome,

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Uninstall Kaspersky pure if you no longer use it....

Next,

Please download DeFogger to your desktop.
Double click DeFogger to run the tool.

The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Next,

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7/8, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
If the tool does not run from any of the links provided, please let me know.

Next,

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.

On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
A Threat Scan will begin.
With some infections, you may or may not see this message box.

'Could not load DDA driver'
Click 'Yes' to this message, to allow the driver to load after a restart.
Allow the computer to restart. Continue with the rest of these instructions.
When the scan is complete, click Apply Actions.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:

Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click Export > From export you have three options:

Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

Double-click mbam-setup and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish. Follow the instructions above....

Next,

Download AdwCleaner by Xplode onto your Desktop.

Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

Next,

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

Let me see those logs, also give an update on any remaining issues or concerns..

Thank you,

Kevin

Fixlist.txt

kellj88 · August 14, 2015

hi sorry for the delay. i made it through everything but now that im done malware bytes wont open, it shows up in task manager but doesnt open. here are the logs i can get:

rkill

Rkill 2.7.0 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/14/2015 12:11:17 AM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 08/14/2015 12:15:57 AM

Execution time: 0 hours(s), 4 minute(s), and 39 seconds(s)

fix

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015

Ran by Jason (2015-08-13 19:51:17) Run:2

Running from C:\Users\Jason\Desktop

Loaded Profiles: Jason (Available Profiles: Jason & UpdatusUser)

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start

AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File not found

C:\PROGRA~2\SearchProtect

AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File not found

SearchScopes: HKU\S-1-5-21-1919526134-189285257-3370074446-1001 -> URL http://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPEB45CA2D-2A88-429D-B892-A44200E5DD2A&q={searchTerms}&SSPV=

SearchScopes: HKU\S-1-5-21-1919526134-189285257-3370074446-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}

C:\Users\Jason\AppData\Roaming\BitTorrent

C:\Program Files (x86)\SearchProtect

C:\Users\Jason\AppData\Local\Temp\AcDeltree.exe

C:\Users\Jason\AppData\Local\Temp\AppandoraDeviceService.exe

C:\Users\Jason\AppData\Local\Temp\AskSLib.dll

C:\Users\Jason\AppData\Local\Temp\avguidx.dll

C:\Users\Jason\AppData\Local\Temp\binkw32.dll

C:\Users\Jason\AppData\Local\Temp\CommonInstaller.exe

C:\Users\Jason\AppData\Local\Temp\d2l_Install.exe

C:\Users\Jason\AppData\Local\Temp\d2l_PlayD2.exe

C:\Users\Jason\AppData\Local\Temp\detectionapi_rd.dll

C:\Users\Jason\AppData\Local\Temp\detectionui_r.exe

C:\Users\Jason\AppData\Local\Temp\directx10tests_rd.dll

C:\Users\Jason\AppData\Local\Temp\directx11tests_rd.dll

C:\Users\Jason\AppData\Local\Temp\directx9tests_rd.dll

C:\Users\Jason\AppData\Local\Temp\DWPUpgradeInstaller.exe

C:\Users\Jason\AppData\Local\Temp\esri32.exe

C:\Users\Jason\AppData\Local\Temp\ezvvh1pd.dll

C:\Users\Jason\AppData\Local\Temp\FreemakeVideoConverterFull.exe

C:\Users\Jason\AppData\Local\Temp\iGearedHelper.dll

C:\Users\Jason\AppData\Local\Temp\ixoxpbmf.dll

C:\Users\Jason\AppData\Local\Temp\local.dll

C:\Users\Jason\AppData\Local\Temp\MachineIdCreator.exe

C:\Users\Jason\AppData\Local\Temp\mfc80.dll

C:\Users\Jason\AppData\Local\Temp\mfc80u.dll

C:\Users\Jason\AppData\Local\Temp\MSETUP4.EXE

C:\Users\Jason\AppData\Local\Temp\MSN42AC.exe

C:\Users\Jason\AppData\Local\Temp\msvcp80.dll

C:\Users\Jason\AppData\Local\Temp\msvcr80.dll

C:\Users\Jason\AppData\Local\Temp\npp.6.2.Installer.exe

C:\Users\Jason\AppData\Local\Temp\oi_{010F3803-03D7-4A0A-88B2-C54D17E89FAB}.exe

C:\Users\Jason\AppData\Local\Temp\QuickTimeInstaller.exe

C:\Users\Jason\AppData\Local\Temp\RSPUpgradeInstaller.exe

C:\Users\Jason\AppData\Local\Temp\Second Life Setup.exe

C:\Users\Jason\AppData\Local\Temp\sqlite-3.7.15-x86-sqlitejdbc.dll

C:\Users\Jason\AppData\Local\Temp\ToolbarInstaller.exe

C:\Users\Jason\AppData\Local\Temp\uninstall.exe

C:\Users\Jason\AppData\Local\Temp\xmlUpdater.exe

C:\Users\Jason\AppData\Local\Temp\_unps.exe

Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{201DF6C5-8EA4-42CA-AD65-522B6DF2C3D2}.exe <==== ATTENTION

C:\Windows\TEMP\{201DF6C5-8EA4-42CA-AD65-522B6DF2C3D2}.exe

Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{D8B75418-42F2-42E8-8F96-CE490E56BF1E}.exe <==== ATTENTION

C:\Windows\TEMP\{D8B75418-42F2-42E8-8F96-CE490E56BF1E}.exe

AlternateDataStreams: C:\ProgramData\Temp:54D4173A

AlternateDataStreams: C:\Users\Jason\.DS_Store:AFP_AfpInfo

AlternateDataStreams: C:\Users\Jason\Desktop\.DS_Store:AFP_AfpInfo

CloseProcesses:

Emptytemp:

End

*****************

"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value data not found.

"C:\PROGRA~2\SearchProtect" => File/Folder not found.

"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value data not found.

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value not found.

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value not found.

"C:\Users\Jason\AppData\Roaming\BitTorrent" => File/Folder not found.

"C:\Program Files (x86)\SearchProtect" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\AcDeltree.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\AppandoraDeviceService.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\AskSLib.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\avguidx.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\binkw32.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\CommonInstaller.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\d2l_Install.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\d2l_PlayD2.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\detectionapi_rd.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\detectionui_r.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\directx10tests_rd.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\directx11tests_rd.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\directx9tests_rd.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\DWPUpgradeInstaller.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\esri32.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\ezvvh1pd.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\FreemakeVideoConverterFull.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\iGearedHelper.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\ixoxpbmf.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\local.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\MachineIdCreator.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\mfc80.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\mfc80u.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\MSETUP4.EXE" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\MSN42AC.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\msvcp80.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\msvcr80.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\npp.6.2.Installer.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\oi_{010F3803-03D7-4A0A-88B2-C54D17E89FAB}.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\QuickTimeInstaller.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\RSPUpgradeInstaller.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\Second Life Setup.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\sqlite-3.7.15-x86-sqlitejdbc.dll" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\ToolbarInstaller.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\uninstall.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\xmlUpdater.exe" => File/Folder not found.

"C:\Users\Jason\AppData\Local\Temp\_unps.exe" => File/Folder not found.

C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job not found.

"C:\Windows\TEMP\{201DF6C5-8EA4-42CA-AD65-522B6DF2C3D2}.exe" => File/Folder not found.

C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job not found.

"C:\Windows\TEMP\{D8B75418-42F2-42E8-8F96-CE490E56BF1E}.exe" => File/Folder not found.

"C:\ProgramData\Temp" => ":54D4173A" ADS not found.

"C:\Users\Jason\.DS_Store" => ":AFP_AfpInfo" ADS not found.

"C:\Users\Jason\Desktop\.DS_Store" => ":AFP_AfpInfo" ADS not found.

Processes closed successfully.

EmptyTemp: => 30.8 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 19:53:31 ====

adw

# AdwCleaner v4.208 - Logfile created 13/08/2015 at 22:35:48

# Updated 09/07/2015 by Xplode

# Database : 2015-08-12.1 [server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Jason - JASONSBABYII

# Running from : C:\Users\Jason\Desktop\AdwCleaner.exe

# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.7.0

***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\Users\Jason\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Jason\AppData\Local\Babylon

Folder Found : C:\Users\Jason\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Jason\AppData\Roaming\Babylon

Folder Found : C:\Users\Jason\AppData\Roaming\Media Finder

***** [ Scheduled tasks ] *****

Task Found : AVG-Secure-Search-Update_JUNE2013_HP_rmv

Task Found : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

Key Found : HKCU\Software\AVG Secure Search

Key Found : HKCU\Software\Avg Secure Update

Key Found : HKCU\Software\Classes\MF

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\IGearSettings

Key Found : HKCU\Software\MediaFinder

Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\UpdateStar

Key Found : [x64] HKCU\Software\AVG Secure Search

Key Found : [x64] HKCU\Software\Avg Secure Update

Key Found : [x64] HKCU\Software\Conduit

Key Found : [x64] HKCU\Software\IGearSettings

Key Found : [x64] HKCU\Software\MediaFinder

Key Found : [x64] HKCU\Software\UpdateStar

Key Found : HKLM\SOFTWARE\AVG Secure Search

Key Found : HKLM\SOFTWARE\Avg Secure Update

Key Found : HKLM\SOFTWARE\AVG Security Toolbar

Key Found : HKLM\SOFTWARE\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : HKLM\SOFTWARE\Classes\MF

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Found : HKLM\SOFTWARE\Classes\S

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Found : HKLM\SOFTWARE\Trymedia Systems

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKU\.DEFAULT\Software\AVG Secure Search

Key Found : HKU\.DEFAULT\Software\Avg Secure Update

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17937

-\\ Google Chrome v

[C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319434&octid=EB_ORIGINAL_CTID&ISID=M7876F525-EE22-4656-AD5E-E7A0EFCB5542&SearchSource=55&CUI=&UM=6&UP=SP386679C3-78E1-4DC6-A6AA-EF2FF61B0D4D&SSPV=

*************************

AdwCleaner[R0].txt - [9446 bytes] - [13/08/2015 22:35:48]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9505 bytes] ##########

jrt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.5.6 (08.10.2015:1)

OS: Windows 7 Home Premium x64

Ran by Jason on 13/08/2015 at 22:46:07.11

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask

Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{00EF101D-2B9F-4C9C-8A85-592F816FD4E8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{014A74F4-C7E5-4285-BE88-6770B7567AD2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{02F13DDE-C60C-48A1-95CF-E38C1F9EC3FA}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{03417830-6D08-4052-BE18-87BDEEBFAF85}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{04243DFB-5B4B-4353-BFAE-7235D590D655}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{05C90A60-1642-422A-AB39-5335E2F6DF43}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{073BAA31-78A3-4317-BE33-19822E0A433A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{07B5551B-162A-4DB5-B9DC-D6A4555D26E0}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{07F81F53-C5CB-4895-9A28-43D861EFC3C8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{08BA88F5-9DA9-44F9-9834-0E4362284659}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0C5014AD-CC71-4A2B-9292-4B3DA4CEBDFE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0CB369C1-7AC8-400B-A350-CBB11DE1F17A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0F1A9B95-5C8B-4F69-A072-F5066AB05255}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0F9A9CDD-6E9D-4B9D-886C-536C88E71D91}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0FE720CE-518B-4D2B-9DD1-2BB56352A487}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{1003129C-A282-48A6-BDEB-9EBC5E04A956}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{10615463-D1B6-4FD3-B436-F58FB8DE5924}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{14382F75-9F0E-431D-84C5-D61D63189CCE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{14EE2780-D4B2-4623-93F9-33F654CDFEEF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{15854859-F6FF-4EA0-A967-B0E322A34F2F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{182786F0-7A75-4543-89C0-BD2AC9432821}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{1ADA8A82-7511-414A-B8E0-A3D60ECC8EE8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{1CF6B0AA-940E-4681-9D56-78423198175B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{20927C9C-AD22-4575-9C9B-06BC68A399F3}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{22772215-BC7F-4E37-B453-87BFC18736F4}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{227DADE6-3D03-46AA-8F90-16C5007F6A80}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{233C8AD0-F9C7-47D9-85E5-8F99AE5EF668}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{24063AB5-412D-4192-B679-3AA38D52CDC9}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{26F9B38F-DA1D-41E4-95EF-AED3C8E7C464}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{271128D3-B1DB-4CC8-8C48-15C3741EAFE4}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2835C740-CA8B-4594-B726-949015CC034C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2AEBFD57-E996-4545-B805-B4DE9BBC5213}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2B1B59E7-DD3C-499B-BE42-71F2D6F09833}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2B808313-BA11-49F4-8026-22BF611DE10B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3239EEA7-9798-40A4-AC78-FD42B94AC022}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3305834D-04DA-4E22-A3F5-2BC8B4A95794}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{33E366EB-4285-464E-9D1B-FB3B9D2AD92B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{34847ED0-D572-4E03-938E-386AC14A1018}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{39274188-1746-4DD7-BAA8-AF02A9B854CE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3B4A1B4C-D276-47E4-99FD-6C9099562154}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3C25B299-0543-4A66-9C42-7CCEB0303F7D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3E0CCE57-EBCF-4CAB-8C61-3C24D4C76B19}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3E46D881-142E-4D14-9D48-9EF297E885A9}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3EFD7FF1-DE6C-4B42-9696-C292BCA20ECA}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3FD811E9-123B-4D34-A8C8-3D55220BC836}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{426C5E34-64C4-4C6D-ABC7-7A1B6FC05F10}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{431A9DCE-F074-445C-B707-555148BE0488}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{451C9383-7A52-484E-AA32-A498779CD1FE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{454304A8-F1D4-4640-B307-8D0236A47815}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{459696CA-BFAE-406A-B7D7-A01AA980311F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{468F3298-660E-4B77-8EA4-4D3667FD51A8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{473E16D3-2FF9-4C91-9FC2-1C0AC5494BCB}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{4782491D-4015-491A-8050-356C7F89EFCD}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{488A7113-C44F-4482-BC2F-DBF8EB719FEE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{49330779-9ECD-4F09-99BD-201360E07A13}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{4EACC240-904D-413F-9649-522A2000705F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{4EFBC7EE-07CA-45F1-8382-BC700B0A9A8B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{525097D0-CA1C-48BC-B97E-3D74F808C844}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{52B4D0DD-473F-4B35-B4C7-ACE4798095AF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5300256D-FF51-4E3A-9759-8FE2E97C6F6F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{54ACAE35-3694-4AA4-8BB7-E8DA929D43F9}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{54B22DD0-73D5-4280-960A-A6BC5DD5C56A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{55F4BC70-5AE1-4334-BF69-16BB1D935C65}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{57E19B27-C70C-4ABC-A609-F799BCD06042}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5821D8FA-3030-470B-8C0A-10E6E15105D7}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5935DEB4-CEC7-48E1-A2D1-6A74763AAA56}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{59F17217-ACF9-4E71-BE2D-5E413000ADAD}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5ACEC4FF-0108-46FD-9980-24C067C7B03E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5B1A2FD3-F4F6-4D79-BCD5-006AF4E4E58C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5C5809FB-EE57-43F1-9A10-8CB790D68447}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5D867049-12F6-4036-B65B-A9655F72DFC0}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5E2F418D-3473-45DD-9D98-73058AFE3C5C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6024A5D2-5D0C-49BE-A7FA-267F82D03F6D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6084C180-A6C5-4778-8E25-49EAA196A6DB}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6259CFD2-201A-40E3-81C4-EFBB3FFFC892}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{626C2D04-F501-4745-B0A0-54A25A3A2D96}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{63ABF6F0-CCED-4BF0-A9BA-27E781FB02DD}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{63C05A52-1E5C-4A64-A51B-2C0900CD992D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{645E61CD-BC1A-4725-B78D-AF20F9370C73}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{64AB4779-2868-475C-B5B8-CC606EC96B25}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{64C16E59-1768-4079-B95D-9FADB965D2CD}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6501498F-74DF-46D6-9464-B5E8D3D4752E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{650B3CDA-EF2C-428D-BA2B-4D1519771E16}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{655EDEB4-1A09-499B-9D03-B20F6A1F81AC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{67F4483E-DE2E-4AEF-95BA-AEB4F4182814}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6935ABA6-1DD8-4249-8877-5FC8B8CCFEC7}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{696E622B-FC44-47BC-8AFE-0523AAA86BF1}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6B0E6364-939F-4632-BF48-95C4FF53F921}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6B59BE6B-B9B3-4890-BD8C-37599F96DD98}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6B77D14D-F27E-4CAC-A0C8-D28FA86410A9}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6BA07984-2B36-4F80-B411-7B0B41F4DD7B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6DFD9DCF-633C-43F7-A250-4944C85D731C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6E52BF2A-8D83-4443-836D-77D190582780}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6F5B2022-251E-41B1-98ED-44B1FACC183C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6FADFEA8-7728-4F63-969D-16D65DE5B05E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7179C687-6546-448D-A17B-519EF405308A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{735ABF19-5879-49C3-803B-8FD6A8661F48}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{750A2BFB-5FA9-47A7-AF89-5121E309FB5E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{75CCB2CE-2B15-4B8C-85AF-DD027498CBB4}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{75E38D6C-9776-4320-A9FC-3905A90DD815}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{76C2534D-5BEC-4897-B5DC-20C8F4ED6B3D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{783EAB4A-A3A9-4A6E-BABF-00E2022E2280}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{789638E8-566B-47A7-A848-84D15071BA70}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{79774ED6-83B5-4B23-8896-CDC8953CADBF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7A48834A-0A54-424C-A32D-C9A524CF385C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7AD574D6-2B25-4922-B743-56BC74DC6BC4}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7B2725E6-E9CC-4616-85B3-9ACD4B3E8979}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7B6892DF-66E3-4BA9-B5E1-5546C6BABC6B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7BFA2D68-8B8D-46F4-B266-CB6E3BCE134E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7DDBB5CA-FF71-4130-AC68-BECC57DFB46D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8003F74D-D155-414C-B8B6-64C1263744BC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8026A2FB-6033-451A-AC52-10EC3AE7814C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8070EF56-BBFA-4AD8-9347-460DBCEC23C6}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{81590F27-3E66-4D60-8CB5-1215A4ADB430}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{82208616-4B88-4F94-8E81-F72750345C92}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8240007E-C74C-4071-96BB-5F1FB6FEEF07}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8338E246-8EDE-4FC8-8D2D-E8ADA0D58D55}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8370DC12-F9DD-40CE-B032-F5C72E502082}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{83D1D440-325B-4F05-99B9-6C3FC4566ADA}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8853AF04-8AA2-420E-A334-89207602135C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{88CFFEBB-B813-439D-9963-5D80544D0549}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8A7A7403-BC13-47F5-B859-3B2A12872426}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8ADD6173-27A4-4A01-899A-F7A6CBCD02F7}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8B1DFB6F-FB62-42C1-B3D5-7BDB0440BCEC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8B3CB0E0-CE6D-4C17-B495-B3F7EABBA5B7}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8BCE76D3-2335-4816-AC41-45E8F9048F8A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8CA93633-6473-4412-BCBA-071F9F3CADB2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8CBFB757-8672-429D-85CA-E2952366989A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8D7BC685-47CC-4EEC-866B-715451DBA29F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8DE7FA60-8FA7-488F-A126-E43C61861959}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8E38BB32-51FB-47FF-8DFA-10EECEB93D40}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8E4262D4-7ED1-4F70-A559-217E7007FE90}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8ECCD4E4-D2F7-49D4-A5E8-5F6E79051105}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{90A91B5F-9A4C-43C4-BF60-1A4213DB22CF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{91B019CF-3348-463A-A74E-E0A2207F0205}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{9207D900-3B61-4563-B37D-2E169768FC39}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{92454510-CA3F-4D53-B471-C05A1EB81534}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{94F982F0-C937-46B0-B82F-FFF42A236B29}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{960C63B4-5734-409C-9721-F2B2D887A538}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{973803D8-D7C3-4E64-90D4-8158660D52E2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{97AEE5D7-66E2-4758-B82E-4C053265374A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{98DC9709-BCD6-4B20-A730-24F450CA9F81}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{9B61C9C3-77B5-4E97-B8BD-FA8783136190}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A0D88FF1-C2D2-4D47-A8D8-A655CDAC6080}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A1695B41-61ED-4A20-BD79-E83608DBCCEB}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A1A246EB-BB90-4BD3-B925-99C8B4BE3FD3}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A324B27F-E28E-4E41-8C04-A6C3D2DD3B6E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A4E4AF79-85D7-4D2F-AE0D-1FBA7AED43C8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A5AC4467-2651-49A1-9E6C-6392B8163411}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A687E599-F225-4EA8-9258-62CADB334CD3}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ABC1588F-3E23-4BED-AA40-25B9D782FEED}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ACFDBF90-DF62-46E1-AD91-3BA5799D92A5}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AD41F4EE-02E7-4D61-A42D-3B43CF8AC9F8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AD5459AB-9F51-43E0-A8C8-BE6565B30509}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AE017C9C-34ED-48E4-B4E5-B4208056677E}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AE32328A-4E14-4900-AF10-0C399636F3D1}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B0926967-6635-4764-8999-2BE3E2357C56}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B09D5E57-A93D-49F4-8845-C46BFA5DB331}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B2A8D558-1DF8-4A0C-A2F9-C9354F4E747F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B3C07C3B-B1D2-4CF9-920C-92F0EBE89093}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B44EACAC-6956-4B0D-B51E-5A17651B51F2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B4F045C6-337D-4100-915D-77D14BCA7515}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B5F04CCB-9A81-419D-8F92-4EF4F3374FC9}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B826C9F4-D90A-4E6D-8AEF-A075C99E4B04}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B94F6EDD-D099-479F-A932-B202310C0135}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B957D454-7FC4-4977-8831-921068887BEE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B9C473CE-ED97-4CBF-A6AB-2EB37F598B84}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B9DDE366-996B-48D2-8293-817E3142CD66}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{BBD8BDA7-A9D2-43D4-9033-1EDA53FD125D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{BC596B36-CDCE-46A2-9B71-660D741B264A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{BF222795-D72E-46CC-BF4F-68F2FD9BABD6}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C1FC68E6-F604-4D82-9B59-DBF1597CA49D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C2B9B7DE-1F78-4C62-A824-0AE6C430B966}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C61B2358-2A6E-48B2-AB50-0B8D447994CF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C80740AD-7E2F-4000-89E3-4CA72FFC03B4}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C8E88555-9667-41C9-8A0D-3EE1F2E30869}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C901D744-BE20-4B44-8A0D-5F0E03635F00}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C95A3542-BA6D-4CE1-B76D-C565E7CD3FC0}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CA05A124-1E9F-4524-A49D-1AB63EEBE1D3}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CADEBAD3-D03A-4333-9B04-B5FA7534B845}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CB74F58B-D03D-4695-8983-8C46B9EF8A1C}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CFA9C644-3A2B-44D8-BF2F-9EAE1F75C655}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D05A5886-3679-4688-8AF4-54336B91703A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D1811558-9825-4698-BF91-E02C17E498D7}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D264D48E-C736-4A82-A014-AAA83998F0F0}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D44AB542-29C2-4891-BDF0-15ECCF1010AC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D56EB2E1-EAEE-4217-ADC9-A06B5A957BA6}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D9284BBD-759F-4C0F-86A3-B54F5AD6B012}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DAB6601F-4FD1-4E66-9744-4CFF43A1E0EC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DC922646-9698-4DF3-A6DA-FAC8E10358AF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DEC0DFE4-6D05-480C-8253-D9A2CF5E2EFA}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DF0438B6-8F97-4E0F-833C-3B85FE681A1F}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DF2B9666-6EFF-40BA-9F84-1E336257792D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E1DBB7B8-D4A9-442E-A816-13AF2421A1DC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E2D38968-D011-4CF7-A0C4-A8FE209E613A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E307B1FE-0801-431F-BF77-BD5345291F8A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E4FC0F8A-6941-4472-9DA9-A524899A43EF}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E50EC0C4-34EB-497F-8729-9A631AF67D60}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E6B14CE4-9552-44CD-86B7-0AAEFDD5908D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E703BC31-7A06-4D13-B40A-F4E96BB80D71}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E93A60D4-A8F4-4037-A8AA-5CDE15E0D95B}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E95CC46F-73C2-42DB-B2F8-C9A4F2115FE8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E9CB9C27-74A6-45C8-B167-306813A03DC4}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E9F6F435-0E35-4AAD-A335-06A0F9C9B7C0}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EA7D34F3-8529-4800-9AD3-479572B2F8DC}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EB0693B6-4DCE-448E-989F-E4A0EF4312BE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EC56D98C-4D3C-435A-A7B6-3A964AC54256}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ECE1E662-D324-48FF-A873-2D9BD782DC74}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ED8FDF04-FC38-4F8F-A865-DB9D3909066D}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EDF17D85-33C7-4C55-BD6E-1B47D9D15E68}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EE86C768-6EAF-47C8-8ADB-EF90198ACEA2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F0C04C6D-61A6-4659-91F8-5B297C6DFABE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F21EACEC-890A-4557-8052-25ACCB268392}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F24E2CD5-472B-4B5A-B5AF-AE344AD7EA52}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F2DCA2CD-5D37-42A4-B65E-67470D51CAA6}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F3928D41-0676-4F10-ABC5-452349EB18AE}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F3AB8FCF-D347-430C-A000-E625D2580BB8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F4694E30-A6FB-4E58-8916-91F2A05BA6E2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F5962BC0-F12C-4751-9BB6-273F06E48993}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F60710D7-5078-427E-AD05-00294C9D6799}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F6591341-DCC3-4753-B1B1-EEA4AB140BDD}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F8350659-5968-47C5-A939-7D1B6A4A912A}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FB6B7EAF-E2AF-474C-BA90-C9382A10E2C2}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FC29FD14-DC5F-408B-A8E3-DFBEE127D278}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FC637EF1-32AA-4EED-ADEA-D5707E9F4A37}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FD23C0C4-2003-448F-8798-8ACA6C00E566}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FE5DC64C-8BEC-43DC-AF9A-8BC8FE81BACA}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FE6377D4-8C96-4C92-9A26-02C37797EFF8}

Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FFB26EF7-3E9B-4898-B1CD-C6165C2062A5}

Successfully deleted: [Folder] C:\Users\Jason\Appdata\Local\crashrpt

~~~ Chrome

[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 13/08/2015 at 22:50:28.38

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

microsoft

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0)

Started On Thu Aug 13 22:52:16 2015

Engine: 1.1.11903.0

Signatures: 1.203.693.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 13 23:17:28 2015

Return code: 0 (0x0)

kevinf80 · August 14, 2015

You`ve ran the fix for FRST twice, I guess that is why the log you`ve posted does shows entries not found....

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by Jason (2015-08-13 19:51:17) Run:2

Regarding Malwarebytes, do a clean install and see if it will now run a threat scan, follow instructions at this link:

https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/

Thanks...

Kevin

kellj88 · August 14, 2015

hi sorry i did run it twice as the first time it froze for about 2 hours so i restarted it. I got the malware bytes working and it didnt find anything, but it appears i am losing more of my programs from my desktop.

here is the log for the malware bytes

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 14/08/2015

Scan Time: 11:36 AM

Logfile: log.txt

Administrator: Yes

Version: 2.1.8.1057

Malware Database: v2015.08.14.05

Rootkit Database: v2015.08.06.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Jason

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 505156

Time Elapsed: 34 min, 3 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

kellj88 · August 14, 2015

it also seems i'm loosing more programs

kevinf80 · August 14, 2015

but it appears i am losing more of my programs from my desktop.

What programs can you lose from your Desktop? do you mean program shortcuts?

kellj88 · August 14, 2015

the shortcuts lose their images and then the program files are either gone or won't open

kevinf80 · August 15, 2015

Download and save to your Desktop "Shortcut Cleaner" from here: http://www.bleepingcomputer.com/download/shortcut-cleaner/

Right click on "Shortcut Cleaner" select "Run as Administrator" a Black box will open as the scan begins

When complete a log file will open, it will also be saved on your desktop and be named sc-cleaner.txt let me see that log....

Thank you,

Kevin...

kellj88 · August 15, 2015

sc cleaner didnt seem to find anything. ive attached an image of some of the shortcuts that are messed up.

Log:

Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

More Information about Shortcut Cleaner can be found at this link:

http://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1

Program started at: 08/15/2015 01:49:31 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Jason\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Jason\Desktop\

Searching C:\Users\Public\Desktop\

0 bad shortcuts found.

Program finished at: 08/15/2015 01:50:29 PM

Execution time: 0 hours(s), 0 minute(s), and 57 seconds(s)

kevinf80 · August 15, 2015

Those appear to broken short cuts, this MS link has info on that subject: https://support.microsoft.com/en-us/kb/978980

Personally I would delete the short cuts as they do not work, then simply create a new shortcut.. http://www.7tutorials.com/how-create-shortcuts

Does that help?

kellj88 · August 15, 2015

i would love to just create new shortcuts but the actual program files are missing from C:\program files.

kevinf80 · August 15, 2015

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

kellj88 · August 15, 2015

frst:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015

Ran by Jason (administrator) on JASONSBABYII (15-08-2015 15:24:58)

Running from C:\Users\Jason\Desktop

Loaded Profiles: Jason & UpdatusUser (Available Profiles: Jason & UpdatusUser)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Absolute Software) C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe

(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe

(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe

() C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe

(RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)

HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()

HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-11-01] (Intel® Corporation)

HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [RoxWatchTray] => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.)

HKLM-x32\...\Run: [Appandora device service] => C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe [815104 2015-05-25] ()

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Run: [Google Update] => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.)

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation)

HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

HKU\S-1-5-18\...\Run: [] => [X]

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-08-14]

ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-08-14]

ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)

Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2012-02-09]

ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-07-08]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)

ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-05] (Autodesk, Inc.)

BootExecute: autocheck autochk /p \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/23

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

SearchScopes: HKLM -> {59353EE1-AE22-4A4C-A68C-D357D58B166B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {59353EE1-AE22-4A4C-A68C-D357D58B166B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1919526134-189285257-3370074446-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll No File

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll No File

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL No File

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll No File

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll No File

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File

Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File

Tcpip\Parameters: [DhcpNameServer] 64.59.160.13 64.59.161.68

Tcpip\..\Interfaces\{603208F3-FE17-4619-9D83-943B516F4C88}: [DhcpNameServer] 64.59.160.13 64.59.161.68

FireFox:

========

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [No File]

FF Plugin: @java.com/DTPlugin,version=10.2.1 -> C:\Windows\system32\npDeployJava1.dll [2011-11-08] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.2.1 -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll [No File]

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [No File]

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [No File]

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [No File]

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [No File]

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [No File]

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [No File]

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [No File]

FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [No File]

FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [No File]

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [No File]

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [No File]

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [No File]

FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)

FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @talk.google.com/O1DPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)

FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2

Chrome:

=======

CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-17]

CHR Extension: (Entanglement Web App) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-10-08]

CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-17]

CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-02]

CHR Extension: (LibreOffice Impress on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aphkpmfcmpjnlnfilmgokeohlbealone [2015-01-27]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]

CHR Extension: (Geo Fever) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdhogkfhcejcnbdkcbmcpglkamhbgbl [2014-10-08]

CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-17]

CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-17]

CHR Extension: (Google Sheets) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-17]

CHR Extension: (XML Tree) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb [2014-10-08]

CHR Extension: (AdBlock) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-08]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]

CHR Extension: (Poppit!) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-10-08]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]

CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-17]

StartMenuInternet: Google Chrome - C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AbsoluteNotifier; C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [10920 2011-05-10] (Absolute Software) [File not signed]

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-04] (Autodesk Inc.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)

R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)

S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)

S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Ltd.)

S2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [X]

S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [X]

S2 Autodesk Content Service; "C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]

S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]

S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X]

S2 DellDataVaultWiz; "C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe" [X]

S3 FLEXnet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]

S3 FlexNet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe" [X]

S2 Garmin Core Update Service; "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" [X]

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]

S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]

S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]

S2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]

S4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]

S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]

S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]

S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]

S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]

S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]

S3 RoxMediaDB12OEM; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe" [X]

S2 RoxWatch12; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe" [X]

S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]

S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)

R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-09] (DT Soft Ltd)

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)

R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [639280 2012-03-26] (Kaspersky Lab)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)

S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [16896 2007-03-20] (http://libusb-win32.sourceforge.net)

R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-15] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)

S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()

S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)

S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

S2 Sentinel64; \SystemRoot\System32\Drivers\Sentinel64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-15 15:24 - 2015-08-15 15:25 - 00027024 _____ C:\Users\Jason\Desktop\FRST.txt

2015-08-15 15:24 - 2015-08-15 15:25 - 00000000 ____D C:\FRST

2015-08-15 15:23 - 2015-08-15 15:23 - 00003426 _____ C:\Users\Jason\Downloads\Fixlist (1).txt

2015-08-15 15:23 - 2015-08-15 15:23 - 00003426 _____ C:\Users\Jason\Desktop\Fixlist.txt

2015-08-15 13:49 - 2015-08-15 13:50 - 00001876 _____ C:\Users\Jason\Desktop\sc-cleaner.txt

2015-08-15 13:49 - 2015-08-15 13:49 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\sc-cleaner.exe

2015-08-15 13:49 - 2015-08-15 13:49 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Jason\Desktop\sc-cleaner.exe

2015-08-14 16:33 - 2015-08-14 16:33 - 00000000 ____D C:\459c6c87a0880a6b930688db7015

2015-08-14 15:26 - 2015-08-14 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-08-14 15:14 - 2015-08-14 15:14 - 01959672 _____ C:\Users\Jason\Downloads\winrar-x64-53b2.exe

2015-08-14 12:52 - 2015-08-14 12:52 - 00000000 _____ C:\Windows\SysWOW64\sho4403.tmp

2015-08-14 11:35 - 2015-08-15 15:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-08-14 11:35 - 2015-08-14 11:35 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-08-14 11:35 - 2015-08-14 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-08-14 11:35 - 2015-08-14 11:35 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-08-14 11:35 - 2015-08-14 11:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-08-14 11:35 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-08-14 11:35 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-08-14 11:35 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-08-14 11:34 - 2015-08-14 11:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jason\Desktop\mbam-setup-2.1.8.1057.exe

2015-08-14 11:33 - 2015-08-14 11:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jason\Downloads\mbam-setup-2.1.8.1057.exe

2015-08-14 11:29 - 2015-08-14 14:07 - 00014408 _____ C:\Windows\PFRO.log

2015-08-14 11:27 - 2015-08-14 11:27 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jason\Downloads\mbam-clean-2.1.1.1001.exe

2015-08-14 11:27 - 2015-08-14 11:27 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jason\Desktop\mbam-clean-2.1.1.1001.exe

2015-08-14 11:13 - 2015-08-14 11:09 - 00176967 _____ C:\Users\Jason\Desktop\msvcp100.zip

2015-08-14 11:12 - 2015-08-14 11:13 - 00000000 ____D C:\Users\Jason\AppData\Local\WinZip

2015-08-14 11:12 - 2015-08-14 11:12 - 00002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk

2015-08-14 11:12 - 2015-08-14 11:12 - 00002239 _____ C:\Users\Public\Desktop\WinZip.lnk

2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\Users\Jason\Desktop\geog 314

2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\ProgramData\WinZip

2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip

2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\Program Files\WinZip

2015-08-14 11:10 - 2015-08-14 11:11 - 00000000 ____D C:\Users\Jason\Desktop\Anth 302

2015-08-14 11:09 - 2015-08-15 15:23 - 00000000 ____D C:\Users\Jason\Desktop\Logs and fixes

2015-08-14 11:08 - 2015-08-14 11:09 - 00176967 _____ C:\Users\Jason\Downloads\msvcp100.zip

2015-08-14 11:08 - 2015-08-14 11:08 - 00000000 ____D C:\ProgramData\UniqueId

2015-08-14 11:07 - 2015-08-14 11:08 - 00714368 _____ (WinZip Computing, S.L.) C:\Users\Jason\Downloads\winzip19-home.exe

2015-08-14 02:09 - 2015-08-14 02:09 - 07186992 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\vcredist_x64.exe

2015-08-14 02:09 - 2015-08-14 02:09 - 00000000 ____D C:\ProgramData\Package Cache

2015-08-14 00:47 - 2015-08-14 00:47 - 00000000 ____D C:\ProgramData\.mono

2015-08-14 00:10 - 2015-08-14 00:10 - 00083960 _____ C:\Users\Jason\Downloads\mbam-chameleon.zip

2015-08-13 23:16 - 2015-08-14 00:03 - 00000000 ____D C:\Windows\Panther

2015-08-13 22:51 - 2015-08-13 22:52 - 51076312 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\Windows-KB890830-x64-V5.27.exe

2015-08-13 22:43 - 2015-08-13 22:43 - 00000000 ____D C:\ProgramData\Apple

2015-08-13 22:43 - 2015-08-13 22:43 - 00000000 ____D C:\Program Files (x86)\dumps

2015-08-13 22:42 - 2015-08-14 22:19 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-08-13 22:42 - 2015-08-13 22:42 - 00000000 ____D C:\Windows\SysWOW64\NV

2015-08-13 22:42 - 2015-08-13 22:42 - 00000000 ____D C:\ProgramData\Intel

2015-08-13 22:42 - 2015-08-13 22:42 - 00000000 _____ C:\Windows\setuperr.log

2015-08-13 22:41 - 2015-08-14 22:19 - 00000672 _____ C:\Windows\setupact.log

2015-08-13 22:37 - 2015-08-13 22:37 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Jason\Downloads\JRT.exe

2015-08-13 22:35 - 2015-08-13 22:40 - 00000000 ____D C:\AdwCleaner

2015-08-13 22:28 - 2015-08-14 15:36 - 00000000 ____D C:\ProgramData\Hi-Rez Studios

2015-08-13 22:28 - 2015-08-14 15:36 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios

2015-08-13 22:28 - 2015-08-13 22:28 - 00000000 ____D C:\ProgramData\SupportAssistAgent

2015-08-13 22:26 - 2015-08-13 22:27 - 47544592 _____ (Hi-Rez Studios) C:\Users\Jason\Downloads\InstallSmite.exe

2015-08-13 22:20 - 2015-08-13 22:20 - 00000000 ____D C:\Users\Jason\AppData\Local\Steam

2015-08-13 22:20 - 2015-08-13 22:20 - 00000000 ____D C:\Users\Jason\AppData\Local\CEF

2015-08-13 22:18 - 2015-08-13 22:18 - 00000965 _____ C:\Users\Public\Desktop\Steam.lnk

2015-08-13 22:17 - 2015-08-14 22:21 - 00000000 ____D C:\Program Files (x86)\Steam

2015-08-13 22:16 - 2015-08-13 22:16 - 01476720 _____ C:\Users\Jason\Downloads\SteamSetup.exe

2015-08-13 20:02 - 2015-08-13 20:02 - 02248704 _____ C:\Users\Jason\Downloads\AdwCleaner.exe

2015-08-13 14:33 - 2015-08-13 14:33 - 00000000 ____D C:\Users\Jason\Desktop\FRST-OlderVersion

2015-08-13 14:32 - 2015-08-13 14:32 - 00003426 _____ C:\Users\Jason\Downloads\Fixlist.txt

2015-08-13 14:23 - 2015-08-13 14:23 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill.exe

2015-08-13 14:23 - 2015-08-13 14:23 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill64.exe

2015-08-13 14:22 - 2015-08-13 14:22 - 00000168 _____ C:\Users\Jason\defogger_reenable

2015-08-13 03:06 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-08-13 03:06 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-08-11 10:54 - 2015-07-28 13:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-08-11 10:54 - 2015-07-28 13:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-08-11 10:54 - 2015-07-28 13:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-08-11 10:54 - 2015-07-28 13:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-08-11 10:54 - 2015-07-28 13:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-08-11 10:54 - 2015-07-28 13:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-08-11 10:54 - 2015-07-28 13:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-08-11 10:54 - 2015-07-28 12:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-08-11 10:54 - 2015-07-15 11:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-08-11 10:54 - 2015-07-15 11:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-08-11 10:54 - 2015-07-15 11:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-08-11 10:54 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2015-08-11 10:54 - 2015-07-15 11:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-08-11 10:54 - 2015-07-15 11:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-08-11 10:54 - 2015-07-15 11:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-08-11 10:54 - 2015-07-15 11:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-08-11 10:54 - 2015-07-15 11:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-08-11 10:54 - 2015-07-15 11:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-08-11 10:54 - 2015-07-15 11:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-08-11 10:54 - 2015-07-15 11:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-08-11 10:54 - 2015-07-15 11:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-08-11 10:54 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll

2015-08-11 10:54 - 2015-07-15 11:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-08-11 10:54 - 2015-07-15 11:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-08-11 10:54 - 2015-07-15 11:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-08-11 10:54 - 2015-07-15 11:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-08-11 10:54 - 2015-07-15 10:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-08-11 10:54 - 2015-07-15 10:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-08-11 10:54 - 2015-07-15 10:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-08-11 10:54 - 2015-07-15 10:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-08-11 10:54 - 2015-07-15 10:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-08-11 10:54 - 2015-07-15 10:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-08-11 10:54 - 2015-07-15 10:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-08-11 10:54 - 2015-07-15 10:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-08-11 10:54 - 2015-07-15 10:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-08-11 10:54 - 2015-07-15 10:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-08-11 10:54 - 2015-07-15 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-08-11 10:54 - 2015-07-15 10:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-08-11 10:54 - 2015-07-15 10:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-08-11 10:54 - 2015-07-15 10:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-08-11 10:54 - 2015-07-15 10:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-08-11 10:54 - 2015-07-15 10:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-08-11 10:54 - 2015-07-15 10:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-08-11 10:54 - 2015-07-15 10:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-08-11 10:54 - 2015-07-15 10:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-08-11 10:54 - 2015-07-15 10:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-08-11 10:54 - 2015-07-15 10:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-08-11 10:54 - 2015-07-15 10:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 09:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-08-11 10:54 - 2015-07-15 09:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-08-11 10:54 - 2015-07-15 09:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-08-11 10:54 - 2015-07-15 09:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-08-11 10:54 - 2015-07-15 09:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-08-11 10:54 - 2015-07-15 09:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 09:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 09:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-08-11 10:54 - 2015-07-15 09:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-08-11 10:54 - 2015-07-14 20:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll

2015-08-11 10:54 - 2015-07-10 10:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-08-11 10:54 - 2015-07-10 10:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2015-08-11 10:54 - 2015-07-10 10:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-08-11 10:54 - 2015-07-10 10:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-08-11 10:54 - 2015-07-10 10:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-08-11 10:54 - 2015-07-10 10:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-08-11 10:53 - 2015-07-30 11:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-08-11 10:53 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2015-08-11 10:53 - 2015-07-30 10:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2015-08-11 10:53 - 2015-07-30 10:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-08-11 10:53 - 2015-07-30 10:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-08-11 10:53 - 2015-07-30 10:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-08-11 10:53 - 2015-07-30 10:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-08-11 10:53 - 2015-07-30 09:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-08-11 10:53 - 2015-07-30 09:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-08-11 10:53 - 2015-07-30 09:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-08-11 10:53 - 2015-07-20 17:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-08-11 10:53 - 2015-07-20 17:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-08-11 10:53 - 2015-07-16 14:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-08-11 10:53 - 2015-07-16 13:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-08-11 10:53 - 2015-07-16 13:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-08-11 10:53 - 2015-07-16 13:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-08-11 10:53 - 2015-07-16 13:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-08-11 10:53 - 2015-07-16 13:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-08-11 10:53 - 2015-07-16 13:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-08-11 10:53 - 2015-07-16 13:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-08-11 10:53 - 2015-07-16 13:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-08-11 10:53 - 2015-07-16 13:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-08-11 10:53 - 2015-07-16 13:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-08-11 10:53 - 2015-07-16 13:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-08-11 10:53 - 2015-07-16 13:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-08-11 10:53 - 2015-07-16 13:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-08-11 10:53 - 2015-07-16 13:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-08-11 10:53 - 2015-07-16 13:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-08-11 10:53 - 2015-07-16 13:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-08-11 10:53 - 2015-07-16 13:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-08-11 10:53 - 2015-07-16 13:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-08-11 10:53 - 2015-07-16 13:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-08-11 10:53 - 2015-07-16 13:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-08-11 10:53 - 2015-07-16 13:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-08-11 10:53 - 2015-07-16 12:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-08-11 10:53 - 2015-07-16 12:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-08-11 10:53 - 2015-07-16 12:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-08-11 10:53 - 2015-07-16 12:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-08-11 10:53 - 2015-07-16 12:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-08-11 10:53 - 2015-07-16 12:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-08-11 10:53 - 2015-07-16 12:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-08-11 10:53 - 2015-07-16 12:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-08-11 10:53 - 2015-07-16 12:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-08-11 10:53 - 2015-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-08-11 10:53 - 2015-07-16 12:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-08-11 10:53 - 2015-07-16 12:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-08-11 10:53 - 2015-07-16 12:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-08-11 10:53 - 2015-07-16 12:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-08-11 10:53 - 2015-07-16 12:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-08-11 10:53 - 2015-07-16 12:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-08-11 10:53 - 2015-07-16 12:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-08-11 10:53 - 2015-07-16 12:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-08-11 10:53 - 2015-07-16 12:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-08-11 10:53 - 2015-07-16 12:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-08-11 10:53 - 2015-07-16 12:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-08-11 10:53 - 2015-07-16 12:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-08-11 10:53 - 2015-07-16 12:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-08-11 10:53 - 2015-07-16 12:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-08-11 10:53 - 2015-07-16 12:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-08-11 10:53 - 2015-07-16 12:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-08-11 10:53 - 2015-07-16 12:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-08-11 10:53 - 2015-07-16 12:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-08-11 10:53 - 2015-07-16 12:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-08-11 10:53 - 2015-07-16 12:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-08-11 10:53 - 2015-07-16 12:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-08-11 10:53 - 2015-07-16 12:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-08-11 10:53 - 2015-07-16 11:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-08-11 10:53 - 2015-07-16 11:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-08-11 10:53 - 2015-07-16 11:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-08-11 10:53 - 2015-07-16 11:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-08-11 10:53 - 2015-07-14 20:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2015-08-11 10:53 - 2015-07-14 20:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-08-11 10:53 - 2015-07-14 20:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2015-08-11 10:53 - 2015-07-14 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-08-11 10:53 - 2015-07-14 19:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2015-08-11 10:53 - 2015-07-14 19:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-08-11 10:53 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2015-08-11 10:53 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-08-11 10:53 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe

2015-08-11 10:53 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe

2015-08-11 10:53 - 2015-07-09 10:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

2015-08-11 10:53 - 2015-07-01 13:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2015-08-11 10:53 - 2015-07-01 13:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2015-08-11 10:53 - 2015-07-01 13:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2015-08-11 10:53 - 2015-07-01 13:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-08-11 10:52 - 2015-07-20 11:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-08-11 10:52 - 2015-07-20 11:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-08-11 10:52 - 2015-07-20 11:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-08-11 10:52 - 2015-07-20 10:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-08-11 10:52 - 2015-07-20 10:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-08-11 10:52 - 2015-07-20 10:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-08-11 10:52 - 2015-07-20 10:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-08-11 10:52 - 2015-07-20 10:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-08-11 10:52 - 2015-07-10 10:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-08-11 10:52 - 2015-07-10 10:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-08-11 10:52 - 2015-05-09 11:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

2015-08-10 10:47 - 2015-08-10 10:47 - 00050477 _____ C:\Users\Jason\Downloads\Defogger.exe

2015-08-10 10:47 - 2015-08-10 10:47 - 00050477 _____ C:\Users\Jason\Desktop\Defogger.exe

2015-08-10 00:52 - 2015-08-10 00:52 - 00063982 _____ C:\Users\Jason\Downloads\Addition.txt

2015-08-10 00:51 - 2015-08-10 00:52 - 00086827 _____ C:\Users\Jason\Downloads\FRST.txt

2015-08-10 00:49 - 2015-08-13 14:33 - 02173952 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe

2015-08-09 20:48 - 2015-08-09 20:48 - 00000000 ____D C:\Users\Jason\Documents\Duels of the Planeswalkers Dumps

2015-08-09 20:05 - 2015-08-09 20:37 - 05634368 _____ (Swearware) C:\Users\Jason\Downloads\ComboFix.exe

2015-08-09 20:04 - 2015-08-09 20:04 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\unhide.exe

2015-08-09 19:51 - 2015-08-09 19:51 - 01097400 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\setuponenotefreeretail.x86.en-us_ (2).exe

2015-08-09 11:15 - 2015-08-09 11:15 - 00000000 ____D C:\Users\Jason\AppData\Local\SquirrelTemp

2015-08-05 21:00 - 2015-08-05 21:00 - 00077695 _____ C:\Users\Jason\Downloads\Snes9xGX Cheats.zip

2015-08-05 21:00 - 2001-10-17 12:22 - 00000196 _____ C:\Users\Jason\Desktop\Super Star Wars.cht

2015-08-05 21:00 - 2001-10-17 12:06 - 00000112 _____ C:\Users\Jason\Desktop\Super Star Wars - Return Of The Jedi.cht

2015-08-05 21:00 - 2001-10-17 11:47 - 00000168 _____ C:\Users\Jason\Desktop\Super Star Wars - The Empire .cht

2015-08-04 19:58 - 2015-08-04 20:09 - 923512243 _____ C:\Users\Jason\Downloads\SNES Master Set Shrunken Spine (797).rar

2015-07-30 00:41 - 2015-07-30 00:41 - 00000462 _____ C:\Users\Jason\Documents\OS © - Shortcut.lnk

2015-07-24 21:39 - 2015-07-24 21:39 - 00000000 ____D C:\Users\Jason\AppData\Roaming\.mono

2015-07-24 21:37 - 2015-07-24 21:37 - 00001566 _____ C:\Users\Jason\Desktop\Pokémon Trading Card Game Online.lnk

2015-07-24 21:37 - 2015-07-24 21:37 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Pokémon Trading Card Game Online

2015-07-24 21:37 - 2015-07-24 21:37 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online

2015-07-24 21:35 - 2015-07-24 21:37 - 228685824 _____ C:\Users\Jason\Downloads\PokemonInstaller.msi

2015-07-22 16:01 - 2015-07-22 16:04 - 00000000 ____D C:\Users\Jason\.opencards

2015-07-22 16:01 - 2015-07-22 16:01 - 00000000 ____D C:\Users\Jason\OpenCards Examples

2015-07-22 15:59 - 2015-07-22 16:00 - 17294350 _____ C:\Users\Jason\Downloads\opencards-2.2-windows.zip

2015-07-21 10:23 - 2015-07-21 10:23 - 00055305 _____ C:\Users\Jason\Documents\Resume Jason Hydrographic Service.odt

2015-07-21 10:23 - 2015-07-21 10:23 - 00046873 _____ C:\Users\Jason\Documents\Cover letter Jason Canadian Forest Research.odt

2015-07-18 01:43 - 2015-07-18 01:43 - 00000041 _____ C:\Users\Jason\Downloads\northok.m3u

2015-07-18 01:20 - 2015-07-18 01:20 - 00000043 _____ C:\Users\Jason\Downloads\crfireems.m3u

2015-07-18 01:19 - 2015-07-18 01:19 - 00000039 _____ C:\Users\Jason\Downloads\crest.m3u

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-15 14:46 - 2012-02-01 04:04 - 01761542 _____ C:\Windows\WindowsUpdate.log

2015-08-15 13:53 - 2009-07-13 21:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-08-15 13:53 - 2009-07-13 21:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-08-14 22:19 - 2012-02-01 04:05 - 00000000 ____D C:\ProgramData\NVIDIA

2015-08-14 16:53 - 2015-05-24 13:13 - 00000000 ____D C:\Users\UpdatusUser.JasonsbabyII

2015-08-14 16:47 - 2014-03-21 01:15 - 00000000 ____D C:\Program Files\WinRAR

2015-08-14 15:36 - 2012-02-01 02:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-08-14 15:26 - 2014-03-21 01:15 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-08-14 15:01 - 2015-07-08 22:22 - 00000000 ___RD C:\Users\Jason\OneDrive

2015-08-13 23:57 - 2015-07-10 06:39 - 00000000 ___HD C:\$Windows.~BT

2015-08-13 22:42 - 2015-05-25 12:23 - 00000000 ____D C:\Windows\system32\NV

2015-08-13 22:40 - 2015-07-08 22:15 - 00000000 ____D C:\Program Files\Microsoft Office 15

2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media

2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PLA

2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Help

2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Cursors

2015-08-13 22:25 - 2015-06-21 21:27 - 00000000 ____D C:\Program Files (x86)\Appandora

2015-08-13 22:25 - 2015-05-24 13:10 - 00000000 ____D C:\Program Files\Microsoft Security Client

2015-08-13 22:25 - 2015-05-24 13:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2015-08-13 22:25 - 2015-04-26 11:23 - 00000000 ____D C:\ProgramData\Autodesk

2015-08-13 22:25 - 2015-04-17 03:05 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-08-13 22:25 - 2015-03-18 10:53 - 00000000 ____D C:\Program Files (x86)\Bonjour

2015-08-13 22:25 - 2014-09-11 20:23 - 00000000 ____D C:\Program Files (x86)\Canon

2015-08-13 22:25 - 2013-01-17 21:32 - 00000000 ____D C:\Program Files (x86)\ArcGIS

2015-08-13 22:25 - 2012-03-16 20:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client

2015-08-13 22:25 - 2012-02-01 04:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2015-08-13 22:25 - 2012-02-01 04:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2015-08-13 22:25 - 2012-02-01 04:02 - 00000000 ____D C:\Program Files (x86)\Intel

2015-08-13 22:25 - 2012-02-01 03:10 - 00000000 ____D C:\Program Files (x86)\Nero

2015-08-13 22:25 - 2012-02-01 03:02 - 00000000 ____D C:\ProgramData\Sonic

2015-08-13 22:25 - 2012-02-01 03:00 - 00000000 ____D C:\Program Files (x86)\Roxio

2015-08-13 22:25 - 2012-02-01 02:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2015-08-13 22:25 - 2012-02-01 02:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage

2015-08-13 22:25 - 2012-02-01 02:47 - 00000000 ____D C:\Program Files (x86)\Dell

2015-08-13 22:25 - 2012-02-01 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

2015-08-13 22:25 - 2012-02-01 02:40 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup

2015-08-13 22:25 - 2012-02-01 02:39 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-08-13 22:25 - 2012-02-01 02:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar

2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Microsoft Games

2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

2015-08-13 22:25 - 2009-07-13 20:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-08-13 22:25 - 2009-07-13 20:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-08-13 22:24 - 2015-06-10 16:39 - 00000000 ____D C:\Program Files\IIS

2015-08-13 22:24 - 2015-04-26 11:37 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared

2015-08-13 22:24 - 2015-04-26 11:37 - 00000000 ____D C:\Program Files\Autodesk

2015-08-13 22:24 - 2015-03-18 10:53 - 00000000 ____D C:\Program Files\Bonjour

2015-08-13 22:24 - 2014-09-11 20:28 - 00000000 ____D C:\Program Files\CanonBJ

2015-08-13 22:24 - 2012-03-26 14:57 - 00000000 ___RD C:\Backup

2015-08-13 22:24 - 2012-03-25 00:52 - 00000000 ____D C:\Program Files\Common Files\Apple

2015-08-13 22:24 - 2012-02-01 04:03 - 00000000 ____D C:\Program Files\Common Files\Intel

2015-08-13 22:24 - 2012-02-01 02:37 - 00000000 ____D C:\Program Files\Dell

2015-08-13 22:24 - 2012-02-01 02:26 - 00000000 ____D C:\Program Files\Java

2015-08-13 22:24 - 2011-02-10 07:01 - 00000000 ____D C:\DELL

2015-08-13 22:24 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-08-13 14:22 - 2012-02-09 17:41 - 00000000 ____D C:\Users\Jason

2015-08-13 03:33 - 2009-07-13 22:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI

2015-08-13 03:26 - 2009-07-13 21:45 - 00571240 _____ C:\Windows\system32\FNTCACHE.DAT

2015-08-13 03:23 - 2014-12-10 14:27 - 00000000 ____D C:\Windows\system32\appraiser

2015-08-13 03:23 - 2014-05-12 13:18 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-08-13 03:22 - 2015-07-08 22:36 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Audacity

2015-08-13 02:55 - 2012-02-09 18:00 - 00002372 _____ C:\Users\Jason\Desktop\Google Chrome.lnk

2015-08-09 13:52 - 2015-04-06 03:02 - 00000000 ___SD C:\Windows\system32\GWX

2015-08-09 13:52 - 2014-12-10 14:34 - 00000000 ____D C:\Users\TEMP

2015-08-09 13:37 - 2012-02-01 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero

2015-08-09 13:35 - 2015-06-10 16:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server

2015-08-09 13:29 - 2015-06-10 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server

2015-08-09 13:28 - 2014-09-16 18:24 - 00000000 ____D C:\Program Files (x86)\ITT

2015-08-09 13:28 - 2012-02-23 17:28 - 00000000 ____D C:\Program Files (x86)\Java

2015-08-09 13:26 - 2015-06-21 21:27 - 00000000 ____D C:\Program Files (x86)\Decipher Media

2015-08-09 13:22 - 2015-07-09 10:32 - 00000000 ___RD C:\MSOCache

2015-08-09 11:13 - 2012-02-09 17:42 - 00053448 _____ C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT

2015-08-09 01:33 - 2012-02-01 03:01 - 00000000 ____D C:\ProgramData\Roxio

2015-08-06 22:03 - 2015-07-08 22:27 - 00004990 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JasonsbabyII-Jason JasonsbabyII

2015-08-05 19:15 - 2012-02-01 02:44 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks

2015-08-05 19:15 - 2012-02-01 02:44 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks

2015-07-31 14:31 - 2015-05-19 09:43 - 00000000 __SHD C:\Users\Jason\AppData\Local\EmieBrowserModeList

2015-07-31 14:31 - 2014-10-02 11:52 - 00000000 __SHD C:\Users\Jason\AppData\Local\EmieUserList

2015-07-31 14:31 - 2014-10-02 11:52 - 00000000 __SHD C:\Users\Jason\AppData\Local\EmieSiteList

2015-07-28 10:59 - 2012-03-21 20:12 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-07-27 18:10 - 2015-07-08 22:22 - 00002164 _____ C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

==================== Files in the root of some directories =======

2012-05-16 01:55 - 2012-05-29 19:42 - 0000230 _____ () C:\Users\Jason\AppData\Roaming\AbsoluteReminder.xml

2012-11-09 13:55 - 2012-11-09 14:04 - 0000197 _____ () C:\Users\Jason\AppData\Roaming\burnaware.ini

2012-05-29 19:41 - 2012-05-29 19:42 - 5947928 _____ (Absolute Software Corp. ) C:\Users\Jason\AppData\Roaming\LoJackSetup.exe

2012-07-04 23:40 - 2012-07-04 23:46 - 0000077 _____ () C:\Users\Jason\AppData\Roaming\Rim.Desktop.Exception.log

2012-07-04 23:39 - 2013-01-22 15:10 - 0002021 _____ () C:\Users\Jason\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

2012-07-04 23:40 - 2012-07-04 23:46 - 0000077 _____ () C:\Users\Jason\AppData\Roaming\Rim.DesktopHelper.Exception.log

2012-07-04 23:41 - 2012-07-04 23:46 - 0000077 _____ () C:\Users\Jason\AppData\Roaming\Rim.Transcoder.Exception.log

2012-09-26 13:59 - 2012-11-24 00:19 - 0000600 _____ () C:\Users\Jason\AppData\Roaming\winscp.rnd

2012-02-09 20:18 - 2012-10-15 20:34 - 0003584 _____ () C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2012-09-16 00:25 - 2013-04-12 22:34 - 0000600 _____ () C:\Users\Jason\AppData\Local\PUTTY.RND

2012-03-26 14:57 - 2012-03-26 14:57 - 0017408 _____ () C:\Users\Jason\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-04 16:53

==================== End of log ============================

kellj88 · August 15, 2015

addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015

Ran by Jason (2015-08-15 15:26:09)

Running from C:\Users\Jason\Desktop

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1919526134-189285257-3370074446-500 - Administrator - Disabled)

Guest (S-1-5-21-1919526134-189285257-3370074446-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1919526134-189285257-3370074446-1003 - Limited - Enabled)

Jason (S-1-5-21-1919526134-189285257-3370074446-1001 - Administrator - Enabled) => C:\Users\Jason

UpdatusUser (S-1-5-21-1919526134-189285257-3370074446-1004 - Limited - Enabled) => C:\Users\UpdatusUser.JasonsbabyII

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}

AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)

abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )

Absolute Notifier (HKLM-x32\...\{EBE939ED-4612-45FD-A39E-77AC199C4273}) (Version: 1.4.3.10 - Absolute Software)

ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden

ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)

Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)

Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Akamai NetSession Interface (HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Akamai) (Version: - Akamai Technologies, Inc)

ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden

Appandora version 2.1.4 (HKLM-x32\...\{3BA67286-845D-46A7-9A58-FA8B7897BC34}_is1) (Version: 2.1.4 - Appandora, Inc.)

Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcGIS 10.1 for Desktop (HKLM-x32\...\ArcGIS 10.1 for Desktop) (Version: 10.1.3035 - Environmental Systems Research Institute, Inc.)

ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.) Hidden

ArcGIS 10.1 License Manager (HKLM-x32\...\ArcGIS 10.1 License Manager) (Version: 10.1.2891 - Environmental Systems Research Institute, Inc.)

ArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Research Institute, Inc.) Hidden

Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)

AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden

AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden

AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden

Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)

Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)

Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)

Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)

Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)

Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)

Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)

Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)

Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)

Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)

Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden

Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.1.4 - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.4.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.)

Canon MX530 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX530_series) (Version: 1.00 - Canon Inc.)

Canon MX530 series On-screen Manual (HKLM-x32\...\Canon MX530 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)

Decipher TextMessage (HKLM-x32\...\{FB313042-11A8-46BA-AA53-0886FDB3778D}) (Version: 8.4.0 - Decipher Media)

Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)

Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)

Dell Stage (HKLM-x32\...\{39D06E77-8921-4056-8901-36D0035BAECA}) (Version: 1.5.420.0 - Fingertapps)

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)

Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)

Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)

Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)

Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)

DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )

Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden

eMule (HKLM-x32\...\eMule) (Version: - )

ENVI 4.7.01 (HKLM-x32\...\InstallShield_{B731A2E4-3C92-4B8F-ABB6-D6DB291FA87D}) (Version: 4.7.01 - ITT Visual Information Solutions)

ENVI 4.7.01 (x32 Version: 4.7.01 - ITT Visual Information Solutions) Hidden

FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)

Free Voice Recorder (HKLM-x32\...\{A0BBDFF2-B562-4E9A-9BD2-029A60E93E38}) (Version: 4 - Free Voice Recorder)

Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.59.1.WIN.FullTilt.COM - )

Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)

Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden

Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden

Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)

Geomatica 2014 (HKLM-x32\...\{1F522C55-6E3F-32A7-9F2A-A3576B177F59}) (Version: 2014.0 - PCI Geomatics)

Google Chrome (HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden

High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden

HighGrow Freeware Version 4.20 (HKLM-x32\...\HighGrow Freeware Version 4.20) (Version: 4.20 - Slick Software)

iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Intel PROSet Wireless (x32 Version: - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)

Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )

iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)

Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)

Java SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)

JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)

JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)

JCreator Pro 5.00 (HKLM-x32\...\JCreator Pro_is1) (Version: - Xinox Software)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Kaspersky PURE 2.0 (HKLM-x32\...\InstallWIX_{2D270A67-B7CD-4281-B2FE-60DF18D19B8E}) (Version: 12.0.1.288 - Kaspersky Lab)

Kaspersky PURE 2.0 (x32 Version: 12.0.1.288 - Kaspersky Lab) Hidden

LibreOffice 4.3.1.2 (HKLM-x32\...\{303C2B0D-03AF-4C25-A443-E62DE8AA36A8}) (Version: 4.3.1.2 - The Document Foundation)

Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)

Magic 2015 (HKLM-x32\...\Magic 2015_is1) (Version: - )

Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)

Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)

Microsoft WebMatrix 3 (HKLM-x32\...\{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}) (Version: 2.0.1932 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )

NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden

PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Pokémon Trading Card Game Online (HKLM-x32\...\{0D9304CD-1C83-4703-AFEF-0C46D1DB21F2}) (Version: 2.27.0 - The Pokémon Company International)

PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)

Python 2.7.5 (64-bit) (HKLM\...\{DBDD570E-0952-475f-9453-AB88F3DD565a}) (Version: 2.7.5150 - Python Software Foundation)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)

Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)

Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)

Roxio File Backup (Version: 1.3.2 - Roxio) Hidden

Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)

SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Sleep# (HKLM-x32\...\{8A263D44-CD57-4222-BD02-E4CFD64DF859}) (Version: 2.3.2 - CJS)

Slide Ninja (HKLM-x32\...\{C5062D7B-2C10-4B90-A974-6D20E637698D}_is1) (Version: 0.9.6.0 - Heledux)

Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)

SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)

SyncUP (x32 Version: 1.12.11200.10.102 - Nero AG) Hidden

Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.02.00000 - Ubisoft)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)

VNC Free Edition 4.1.3 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.3 - RealVNC Ltd.)

WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)

WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)

Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinRAR 5.30 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.2 - win.rar GmbH)

WinSCP 5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.1 - Martin Prikryl)

WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )

Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll No File

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

12-08-2015 19:38:31 Windows Update

13-08-2015 03:00:14 Windows Update

13-08-2015 22:27:57 Installed Hi-Rez Studios Games

13-08-2015 22:32:15 Configured Hi-Rez Studios Games

13-08-2015 22:34:22 Removed Hi-Rez Studios Games

13-08-2015 22:46:18 JRT Pre-Junkware Removal

14-08-2015 02:05:26 Installed Hi-Rez Studios Games

14-08-2015 02:09:52 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

14-08-2015 11:06:17 Windows Update

14-08-2015 12:51:10 Windows Update

14-08-2015 14:57:07 Windows Update

14-08-2015 15:36:30 Removed Hi-Rez Studios Games

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0435CDFF-6CEF-4B17-8B2D-ECA48A507CB6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe

Task: {11720222-D29A-460B-917F-754DDAE4F124} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

Task: {16CD596A-946B-4F14-9A83-134D41F21805} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe

Task: {1A8FF082-4C36-41E5-A90F-2E2F998D9671} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe

Task: {1B77DF89-9465-492B-91F1-220505E13D74} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1919526134-189285257-3370074446-1001Core => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)

Task: {250E92C1-8B88-4F15-BC0E-7BE641720199} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe

Task: {2673C739-BBAF-49E9-BA28-3267A7C38A18} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JasonsbabyII-Jason JasonsbabyII => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe

Task: {48CDC8EC-9368-46A5-A1DC-DC6481ED3ECB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {9FB64B5B-5D9E-4E34-8AEE-71E51EA0FA91} - System32\Tasks\{0B5174E5-13BD-4F8D-B36A-BFF4FA9B1678} => C:\Users\Jason\Downloads\crack_arcgis_101\License Manager (Pre-Release Version)\License Manager (Pre-Release Version)\Setup.exe

Task: {FAD7D9E3-49FC-4CCD-9D3D-FEA4A938F811} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Loaded Modules (Whitelisted) ==============

2015-05-24 13:12 - 2013-10-23 01:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2011-11-01 11:58 - 2011-11-01 11:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2006-12-04 01:26 - 2006-12-04 01:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-07-08 22:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2012-02-01 03:29 - 2011-07-20 06:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-02-01 02:28 - 2010-12-17 09:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

2011-11-01 11:58 - 2011-11-01 11:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2015-06-21 21:27 - 2015-05-25 14:31 - 00815104 _____ () C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe

2015-04-26 11:54 - 2014-12-04 19:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll

2015-04-26 11:54 - 2014-12-04 19:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll

2015-08-13 02:55 - 2015-08-07 17:13 - 01405768 _____ () C:\Users\Jason\AppData\Local\Google\Chrome\Application\44.0.2403.155\libglesv2.dll

2015-08-13 02:55 - 2015-08-07 17:13 - 00081224 _____ () C:\Users\Jason\AppData\Local\Google\Chrome\Application\44.0.2403.155\libegl.dll

2015-06-21 21:27 - 2015-05-25 14:31 - 00397824 _____ () C:\Program Files (x86)\Appandora\DuiLib.dll

2015-06-21 21:27 - 2013-05-31 14:53 - 00059904 _____ () C:\Program Files (x86)\Appandora\zlib.dll

2015-06-21 21:27 - 2013-05-31 14:53 - 00526848 _____ () C:\Program Files (x86)\Appandora\sqlite3.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2015-06-21 21:27 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Appandora\hashab.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 64.59.160.13 - 64.59.161.68

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Jason^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sleep#.lnk => C:\Windows\pss\Sleep#.lnk.Startup

MSCONFIG\startupreg: Absolute Notifier => "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe"

MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

MSCONFIG\startupreg: Google Update => "C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray

MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{278456CB-AC7C-491B-9137-F13DCE40B902}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

FirewallRules: [{70D8558F-D8B7-40E4-AD4B-5BB352C472ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

FirewallRules: [{2DDC2FFE-6435-48C8-BB33-CADA27CAAB50}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{C6C6D385-336C-49D2-B3DB-1FE677C12390}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{0032466A-1306-496E-A276-7B2B9477DC52}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe

FirewallRules: [{DA14A0CC-C654-4280-B07B-2CC5430921C2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{3AD5A04E-363B-4EAF-A9FE-3DD1220968D7}] => (Allow) LPort=2869

FirewallRules: [{6B8DA0D0-41B6-4944-8E2C-6B2B20895973}] => (Allow) LPort=1900

FirewallRules: [{6E2A5D06-3367-4211-9DC4-1EFC0E07AF8E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{496A6DFA-13D2-4FA0-84D3-A93CB5C96CE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{C9701EAD-E787-4C52-8F07-5C8B7FD329FF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

FirewallRules: [{4030703A-D3C5-498A-A84E-03F90022E66F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

FirewallRules: [{A21361A8-2966-46AF-B10D-3013FAE481D8}] => (Allow) LPort=9700

FirewallRules: [{DAA6C593-4DA8-4875-84CB-29657F8C8113}] => (Allow) LPort=9701

FirewallRules: [{5B6E278A-5BC8-438F-9A63-902A5D3D3FE2}] => (Allow) LPort=9702

FirewallRules: [{007A1AB8-4042-4789-9104-1FB9343247EC}] => (Allow) LPort=9700

FirewallRules: [{049AF6A6-0DCC-4968-9A79-74B482E788B0}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe

FirewallRules: [{410B3A06-561A-493D-A615-66AA35F849F0}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe

FirewallRules: [{F61EFAF2-7438-4B2E-BBF4-EA91B706284B}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe

FirewallRules: [{FEC1EF45-D4A0-4909-840E-824A8503D4C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe

FirewallRules: [{EED00DFB-8AD0-4C43-9F19-9E8149DC409B}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe

FirewallRules: [{7BE624A2-F1DF-440E-A5A1-29F04CFF9602}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe

FirewallRules: [{060F65BF-9695-4FED-9E5C-7FE8B98F89D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe

FirewallRules: [{8677446E-BB73-490C-BC59-38726009F18F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe

FirewallRules: [{D3568EEF-35B6-4DF1-AE65-615340CF9B2B}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe

FirewallRules: [TCP Query User{D447A847-1C8B-41EF-A459-AC543CF85CD7}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [uDP Query User{2085B9AB-32C7-494F-9EC6-962DCA863731}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [{12E1B37A-8490-4639-BDDD-6836BCD02E3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{3F957DAA-B1E2-453B-9EA8-8714AA4622B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{F0F8D391-091A-4B5A-978A-DB65A88F843A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe

FirewallRules: [{528C67D9-F18C-45A5-94D8-A6DC95D096B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe

FirewallRules: [{882726A1-EFF4-4B68-8038-0350CAA5FC95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe

FirewallRules: [{64ADEB8F-77E2-4D55-AC85-4037BE8EDCAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe

FirewallRules: [{E4423745-D4E4-4333-A03D-841B4B2CCFE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{522D74A3-C00B-4E29-9279-5095B6F1A941}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{B0A4B942-6D5B-400B-A040-1D25ABD45C14}] => (Allow) support inRosettaStoneLtdServices.exe

FirewallRules: [{AA9D1437-F961-41B6-9852-983C6D42103B}] => (Allow) RosettaStoneVersion3.exe

FirewallRules: [{39212217-B394-46C5-B9E4-4E6A6EE50548}] => (Allow) support inRosettaStoneLtdServices.exe

FirewallRules: [{FA77A442-FB1E-4C27-8944-5AB08D4113BD}] => (Allow) RosettaStoneVersion3.exe

FirewallRules: [TCP Query User{83A50AA0-AFA7-4769-B134-68175C4FFE4B}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe

FirewallRules: [uDP Query User{4A528353-E1ED-45D7-B9B9-F2ABA040AF23}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe

FirewallRules: [{5B4A6BFC-9D5E-470D-AEB0-BABE5DB68316}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe

FirewallRules: [{9D60E234-3441-46DC-A10C-16528A0ABADD}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe

FirewallRules: [{D7DB0107-3786-40C9-8D0F-9E39092E7B4C}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe

FirewallRules: [{41A8001C-00A2-4AC5-8BCB-73D98C9F5D5C}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe

FirewallRules: [TCP Query User{BE1B5EC3-D20D-4BFA-8664-4D4B6A77BE7A}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin

FirewallRules: [uDP Query User{5E6519B7-97CB-4C8E-AAF1-2FA8FBECA9E3}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin

FirewallRules: [TCP Query User{34CE8582-F97C-46F5-BE2B-6E36F75CB133}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin

FirewallRules: [uDP Query User{3EDFA2FB-99CB-4F16-BABC-0D68B407FEA9}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin

FirewallRules: [{95430D12-1068-4564-8356-5A95FAC17CA8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{E7179316-61A7-4F77-9E54-D7BA74FAC267}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

FirewallRules: [{B2D377FF-4BED-4E10-B9F4-D9A9CFACCF93}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

FirewallRules: [{8FD1A1A6-CDBD-4C2B-8974-1E5D13352C31}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe

FirewallRules: [{9FCA7D9A-6FF2-4DBB-AFA3-D48365A90C90}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe

FirewallRules: [{F63FB785-4A3D-49F7-989C-9ACC945F7C61}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

FirewallRules: [{A31F8B33-4491-494D-A213-C5671BC278EB}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

FirewallRules: [TCP Query User{8CEDA98F-C383-4FE6-9AB5-998C6DACAB02}C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe] => (Allow) C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe

FirewallRules: [uDP Query User{B72A4573-83DE-4DB2-A959-08CFB82BF0FC}C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe] => (Allow) C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe

FirewallRules: [{C1746897-C7BE-4023-AB34-E2F5E83EC99F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7F39E8B5-2EA0-49C4-ACB4-3DCE8027FE5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{3E8BBDD0-D7EB-4DA2-95F0-C46E07632CBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{4EAB07C1-2428-4ED2-BE74-541859042316}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{0DC11479-66A4-477F-8C2B-38C99032A28A}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [TCP Query User{D22A8B1E-71C2-43D0-8EA0-18BABF0FC5C6}C:\pci geomatics\geomatica 2014\exe\focus.exe] => (Allow) C:\pci geomatics\geomatica 2014\exe\focus.exe

FirewallRules: [uDP Query User{65105FA8-7045-41CE-BD5F-F1DA002115CC}C:\pci geomatics\geomatica 2014\exe\focus.exe] => (Allow) C:\pci geomatics\geomatica 2014\exe\focus.exe

FirewallRules: [TCP Query User{C1D64423-6E0B-43D8-A633-5AB5109695F7}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe

FirewallRules: [uDP Query User{811CCBCC-199F-43D1-A77A-202EE538BA58}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe

FirewallRules: [{1180A5FD-670A-4596-BEF6-181256D48248}] => (Allow) LPort=50248

FirewallRules: [TCP Query User{91BEAFE8-F469-4124-86CB-C03D259B4B4E}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe

FirewallRules: [uDP Query User{50F54E90-77AC-49BA-A9ED-0A940E9EB81C}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe

FirewallRules: [{146A0016-AE9A-4634-A760-76DEEAA73188}] => (Allow) LPort=49171

FirewallRules: [{E9277371-1608-4E59-BB37-CC9BADDC3CAB}] => (Allow) LPort=5000

FirewallRules: [{071038B3-64A5-49E4-B2FF-909AC5899416}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{499E5D39-FED1-40BD-8FCB-6EF202A8D509}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [TCP Query User{6026C19A-E37B-420E-8389-B5FBA3598F33}C:\program files (x86)\magic 2015\dotp_d15.exe] => (Allow) C:\program files (x86)\magic 2015\dotp_d15.exe

FirewallRules: [uDP Query User{DEB5E904-D4C9-4DC9-82A7-3AB27A5722C9}C:\program files (x86)\magic 2015\dotp_d15.exe] => (Allow) C:\program files (x86)\magic 2015\dotp_d15.exe

FirewallRules: [{3A69A90A-6312-4B87-BA12-6931502DAABC}] => (Allow) C:\Users\Jason\AppData\Local\Microsoft\OneDrive\OneDrive.exe

FirewallRules: [{BB94DF59-E14E-4E33-9FC2-ECE8AE7178A9}] => (Allow) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Sentinel64

Description: Sentinel64

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: Sentinel64

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:

==================

Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 10265

Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 10265

Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 9251

Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 9251

Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8253

Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8253

Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/15/2015 04:55:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7254

System errors:

=============

Error: (08/15/2015 01:57:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.

Error: (08/14/2015 11:37:08 PM) (Source: BROWSER) (EventID: 8032) (User: )

Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{603208F3-FE17-4619-9D83-943B516F4C88}.

The backup browser is stopping.

Error: (08/14/2015 10:29:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for FailureCommand with the following error:

%%5

Error: (08/14/2015 10:29:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for Start with the following error:

%%5

Error: (08/14/2015 10:22:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Dell Data Vault Wizard service failed to start due to the following error:

%%2

Error: (08/14/2015 10:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Google Update Service (gupdate) service failed to start due to the following error:

%%2

Error: (08/14/2015 10:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Dell Data Vault Wizard service failed to start due to the following error:

%%2

Error: (08/14/2015 10:20:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for Start with the following error:

%%5

Error: (08/14/2015 10:20:43 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )

Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%886

Error Code: 0x80070005

Error description: Access is denied.

Reason: %%892

Error: (08/14/2015 10:20:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office:

=========================