Jump to content

Programs disappeared


Recommended Posts

Hello and welcome,

P2P/Piracy Warning:
 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Uninstall Kaspersky pure if you no longer use it....

 

Next,

 

Please download DeFogger to your desktop.
Double click DeFogger to run the tool.

  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

 

Do not re-enable these drivers until otherwise instructed.

 

Next,

 

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
 

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.

 

 

Next,

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

            'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.



To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…




If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....

 
Next,
 
Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on Scan
  • Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
  • You will get a prompt asking to close all programs. Click OK.
  • Click OK again to reboot your computer.
  • A text file will open after the restart. Please post the content of that logfile in your reply.
  • You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


 

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

 

Let me see those logs, also give an update on any remaining issues or concerns..

 

Thank you,

 

Kevin

 

 

Fixlist.txt

Link to post
Share on other sites

hi sorry for the delay. i made it through everything but now that im done malware bytes wont open, it shows up in task manager but doesnt open. here are the logs i can get:

 

rkill

Rkill 2.7.0 by Lawrence Abrams (Grinler)

Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/14/2015 12:11:17 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/14/2015 12:15:57 AM
Execution time: 0 hours(s), 4 minute(s), and 39 seconds(s)
 

fix

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015

Ran by Jason (2015-08-13 19:51:17) Run:2
Running from C:\Users\Jason\Desktop
Loaded Profiles: Jason (Available Profiles: Jason & UpdatusUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File not found
C:\PROGRA~2\SearchProtect
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File not found
SearchScopes: HKU\S-1-5-21-1919526134-189285257-3370074446-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
C:\Users\Jason\AppData\Roaming\BitTorrent
C:\Program Files (x86)\SearchProtect
C:\Users\Jason\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jason\AppData\Local\Temp\AppandoraDeviceService.exe
C:\Users\Jason\AppData\Local\Temp\AskSLib.dll
C:\Users\Jason\AppData\Local\Temp\avguidx.dll
C:\Users\Jason\AppData\Local\Temp\binkw32.dll
C:\Users\Jason\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Jason\AppData\Local\Temp\d2l_Install.exe
C:\Users\Jason\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\Jason\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Jason\AppData\Local\Temp\detectionui_r.exe
C:\Users\Jason\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Jason\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Jason\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Jason\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Jason\AppData\Local\Temp\esri32.exe
C:\Users\Jason\AppData\Local\Temp\ezvvh1pd.dll
C:\Users\Jason\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\Jason\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Jason\AppData\Local\Temp\ixoxpbmf.dll
C:\Users\Jason\AppData\Local\Temp\local.dll
C:\Users\Jason\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Jason\AppData\Local\Temp\mfc80.dll
C:\Users\Jason\AppData\Local\Temp\mfc80u.dll
C:\Users\Jason\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jason\AppData\Local\Temp\MSN42AC.exe
C:\Users\Jason\AppData\Local\Temp\msvcp80.dll
C:\Users\Jason\AppData\Local\Temp\msvcr80.dll
C:\Users\Jason\AppData\Local\Temp\npp.6.2.Installer.exe
C:\Users\Jason\AppData\Local\Temp\oi_{010F3803-03D7-4A0A-88B2-C54D17E89FAB}.exe
C:\Users\Jason\AppData\Local\Temp\QuickTimeInstaller.exe
C:\Users\Jason\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Jason\AppData\Local\Temp\Second Life Setup.exe
C:\Users\Jason\AppData\Local\Temp\sqlite-3.7.15-x86-sqlitejdbc.dll
C:\Users\Jason\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Jason\AppData\Local\Temp\uninstall.exe
C:\Users\Jason\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Jason\AppData\Local\Temp\_unps.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{201DF6C5-8EA4-42CA-AD65-522B6DF2C3D2}.exe <==== ATTENTION
C:\Windows\TEMP\{201DF6C5-8EA4-42CA-AD65-522B6DF2C3D2}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{D8B75418-42F2-42E8-8F96-CE490E56BF1E}.exe <==== ATTENTION
C:\Windows\TEMP\{D8B75418-42F2-42E8-8F96-CE490E56BF1E}.exe
AlternateDataStreams: C:\ProgramData\Temp:54D4173A
AlternateDataStreams: C:\Users\Jason\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Jason\Desktop\.DS_Store:AFP_AfpInfo
CloseProcesses:
Emptytemp:
End
*****************
 
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value data not found.
"C:\PROGRA~2\SearchProtect" => File/Folder not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value data not found.
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value not found.
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value not found.
"C:\Users\Jason\AppData\Roaming\BitTorrent" => File/Folder not found.
"C:\Program Files (x86)\SearchProtect" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\AcDeltree.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\AppandoraDeviceService.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\AskSLib.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\avguidx.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\binkw32.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\CommonInstaller.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\d2l_Install.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\d2l_PlayD2.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\detectionapi_rd.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\detectionui_r.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\directx10tests_rd.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\directx11tests_rd.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\directx9tests_rd.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\DWPUpgradeInstaller.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\esri32.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\ezvvh1pd.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\FreemakeVideoConverterFull.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\iGearedHelper.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\ixoxpbmf.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\local.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\MachineIdCreator.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\mfc80.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\mfc80u.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\MSETUP4.EXE" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\MSN42AC.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\msvcp80.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\msvcr80.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\npp.6.2.Installer.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\oi_{010F3803-03D7-4A0A-88B2-C54D17E89FAB}.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\QuickTimeInstaller.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\RSPUpgradeInstaller.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\Second Life Setup.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\sqlite-3.7.15-x86-sqlitejdbc.dll" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\ToolbarInstaller.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\uninstall.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\xmlUpdater.exe" => File/Folder not found.
"C:\Users\Jason\AppData\Local\Temp\_unps.exe" => File/Folder not found.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job not found.
"C:\Windows\TEMP\{201DF6C5-8EA4-42CA-AD65-522B6DF2C3D2}.exe" => File/Folder not found.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job not found.
"C:\Windows\TEMP\{D8B75418-42F2-42E8-8F96-CE490E56BF1E}.exe" => File/Folder not found.
"C:\ProgramData\Temp" => ":54D4173A" ADS not found.
"C:\Users\Jason\.DS_Store" => ":AFP_AfpInfo" ADS not found.
"C:\Users\Jason\Desktop\.DS_Store" => ":AFP_AfpInfo" ADS not found.
Processes closed successfully.
EmptyTemp: => 30.8 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 19:53:31 ====

adw

# AdwCleaner v4.208 - Logfile created 13/08/2015 at 22:35:48

# Updated 09/07/2015 by Xplode
# Database : 2015-08-12.1 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jason - JASONSBABYII
# Running from : C:\Users\Jason\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : vToolbarUpdater18.7.0
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Users\Jason\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Jason\AppData\Local\Babylon
Folder Found : C:\Users\Jason\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Jason\AppData\Roaming\Babylon
Folder Found : C:\Users\Jason\AppData\Roaming\Media Finder
 
***** [ Scheduled tasks ] *****
 
Task Found : AVG-Secure-Search-Update_JUNE2013_HP_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_TB_rmv
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Avg Secure Update
Key Found : HKCU\Software\Classes\MF
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\UpdateStar
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Avg Secure Update
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IGearSettings
Key Found : [x64] HKCU\Software\MediaFinder
Key Found : [x64] HKCU\Software\UpdateStar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\Avg Secure Update
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\Trymedia Systems
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKU\.DEFAULT\Software\AVG Secure Search
Key Found : HKU\.DEFAULT\Software\Avg Secure Update
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17937
 
 
-\\ Google Chrome v
 
[C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319434&octid=EB_ORIGINAL_CTID&ISID=M7876F525-EE22-4656-AD5E-E7A0EFCB5542&SearchSource=55&CUI=&UM=6&UP=SP386679C3-78E1-4DC6-A6AA-EF2FF61B0D4D&SSPV=
 
*************************
 
AdwCleaner[R0].txt - [9446 bytes] - [13/08/2015 22:35:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9505 bytes] ##########
 

jrt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jason on 13/08/2015 at 22:46:07.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{00EF101D-2B9F-4C9C-8A85-592F816FD4E8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{014A74F4-C7E5-4285-BE88-6770B7567AD2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{02F13DDE-C60C-48A1-95CF-E38C1F9EC3FA}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{03417830-6D08-4052-BE18-87BDEEBFAF85}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{04243DFB-5B4B-4353-BFAE-7235D590D655}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{05C90A60-1642-422A-AB39-5335E2F6DF43}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{073BAA31-78A3-4317-BE33-19822E0A433A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{07B5551B-162A-4DB5-B9DC-D6A4555D26E0}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{07F81F53-C5CB-4895-9A28-43D861EFC3C8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{08BA88F5-9DA9-44F9-9834-0E4362284659}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0C5014AD-CC71-4A2B-9292-4B3DA4CEBDFE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0CB369C1-7AC8-400B-A350-CBB11DE1F17A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0F1A9B95-5C8B-4F69-A072-F5066AB05255}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0F9A9CDD-6E9D-4B9D-886C-536C88E71D91}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{0FE720CE-518B-4D2B-9DD1-2BB56352A487}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{1003129C-A282-48A6-BDEB-9EBC5E04A956}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{10615463-D1B6-4FD3-B436-F58FB8DE5924}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{14382F75-9F0E-431D-84C5-D61D63189CCE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{14EE2780-D4B2-4623-93F9-33F654CDFEEF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{15854859-F6FF-4EA0-A967-B0E322A34F2F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{182786F0-7A75-4543-89C0-BD2AC9432821}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{1ADA8A82-7511-414A-B8E0-A3D60ECC8EE8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{1CF6B0AA-940E-4681-9D56-78423198175B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{20927C9C-AD22-4575-9C9B-06BC68A399F3}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{22772215-BC7F-4E37-B453-87BFC18736F4}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{227DADE6-3D03-46AA-8F90-16C5007F6A80}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{233C8AD0-F9C7-47D9-85E5-8F99AE5EF668}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{24063AB5-412D-4192-B679-3AA38D52CDC9}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{26F9B38F-DA1D-41E4-95EF-AED3C8E7C464}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{271128D3-B1DB-4CC8-8C48-15C3741EAFE4}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2835C740-CA8B-4594-B726-949015CC034C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2AEBFD57-E996-4545-B805-B4DE9BBC5213}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2B1B59E7-DD3C-499B-BE42-71F2D6F09833}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{2B808313-BA11-49F4-8026-22BF611DE10B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3239EEA7-9798-40A4-AC78-FD42B94AC022}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3305834D-04DA-4E22-A3F5-2BC8B4A95794}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{33E366EB-4285-464E-9D1B-FB3B9D2AD92B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{34847ED0-D572-4E03-938E-386AC14A1018}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{39274188-1746-4DD7-BAA8-AF02A9B854CE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3B4A1B4C-D276-47E4-99FD-6C9099562154}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3C25B299-0543-4A66-9C42-7CCEB0303F7D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3E0CCE57-EBCF-4CAB-8C61-3C24D4C76B19}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3E46D881-142E-4D14-9D48-9EF297E885A9}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3EFD7FF1-DE6C-4B42-9696-C292BCA20ECA}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{3FD811E9-123B-4D34-A8C8-3D55220BC836}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{426C5E34-64C4-4C6D-ABC7-7A1B6FC05F10}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{431A9DCE-F074-445C-B707-555148BE0488}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{451C9383-7A52-484E-AA32-A498779CD1FE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{454304A8-F1D4-4640-B307-8D0236A47815}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{459696CA-BFAE-406A-B7D7-A01AA980311F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{468F3298-660E-4B77-8EA4-4D3667FD51A8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{473E16D3-2FF9-4C91-9FC2-1C0AC5494BCB}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{4782491D-4015-491A-8050-356C7F89EFCD}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{488A7113-C44F-4482-BC2F-DBF8EB719FEE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{49330779-9ECD-4F09-99BD-201360E07A13}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{4EACC240-904D-413F-9649-522A2000705F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{4EFBC7EE-07CA-45F1-8382-BC700B0A9A8B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{525097D0-CA1C-48BC-B97E-3D74F808C844}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{52B4D0DD-473F-4B35-B4C7-ACE4798095AF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5300256D-FF51-4E3A-9759-8FE2E97C6F6F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{54ACAE35-3694-4AA4-8BB7-E8DA929D43F9}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{54B22DD0-73D5-4280-960A-A6BC5DD5C56A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{55F4BC70-5AE1-4334-BF69-16BB1D935C65}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{57E19B27-C70C-4ABC-A609-F799BCD06042}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5821D8FA-3030-470B-8C0A-10E6E15105D7}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5935DEB4-CEC7-48E1-A2D1-6A74763AAA56}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{59F17217-ACF9-4E71-BE2D-5E413000ADAD}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5ACEC4FF-0108-46FD-9980-24C067C7B03E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5B1A2FD3-F4F6-4D79-BCD5-006AF4E4E58C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5C5809FB-EE57-43F1-9A10-8CB790D68447}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5D867049-12F6-4036-B65B-A9655F72DFC0}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{5E2F418D-3473-45DD-9D98-73058AFE3C5C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6024A5D2-5D0C-49BE-A7FA-267F82D03F6D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6084C180-A6C5-4778-8E25-49EAA196A6DB}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6259CFD2-201A-40E3-81C4-EFBB3FFFC892}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{626C2D04-F501-4745-B0A0-54A25A3A2D96}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{63ABF6F0-CCED-4BF0-A9BA-27E781FB02DD}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{63C05A52-1E5C-4A64-A51B-2C0900CD992D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{645E61CD-BC1A-4725-B78D-AF20F9370C73}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{64AB4779-2868-475C-B5B8-CC606EC96B25}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{64C16E59-1768-4079-B95D-9FADB965D2CD}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6501498F-74DF-46D6-9464-B5E8D3D4752E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{650B3CDA-EF2C-428D-BA2B-4D1519771E16}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{655EDEB4-1A09-499B-9D03-B20F6A1F81AC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{67F4483E-DE2E-4AEF-95BA-AEB4F4182814}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6935ABA6-1DD8-4249-8877-5FC8B8CCFEC7}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{696E622B-FC44-47BC-8AFE-0523AAA86BF1}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6B0E6364-939F-4632-BF48-95C4FF53F921}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6B59BE6B-B9B3-4890-BD8C-37599F96DD98}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6B77D14D-F27E-4CAC-A0C8-D28FA86410A9}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6BA07984-2B36-4F80-B411-7B0B41F4DD7B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6DFD9DCF-633C-43F7-A250-4944C85D731C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6E52BF2A-8D83-4443-836D-77D190582780}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6F5B2022-251E-41B1-98ED-44B1FACC183C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{6FADFEA8-7728-4F63-969D-16D65DE5B05E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7179C687-6546-448D-A17B-519EF405308A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{735ABF19-5879-49C3-803B-8FD6A8661F48}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{750A2BFB-5FA9-47A7-AF89-5121E309FB5E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{75CCB2CE-2B15-4B8C-85AF-DD027498CBB4}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{75E38D6C-9776-4320-A9FC-3905A90DD815}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{76C2534D-5BEC-4897-B5DC-20C8F4ED6B3D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{783EAB4A-A3A9-4A6E-BABF-00E2022E2280}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{789638E8-566B-47A7-A848-84D15071BA70}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{79774ED6-83B5-4B23-8896-CDC8953CADBF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7A48834A-0A54-424C-A32D-C9A524CF385C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7AD574D6-2B25-4922-B743-56BC74DC6BC4}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7B2725E6-E9CC-4616-85B3-9ACD4B3E8979}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7B6892DF-66E3-4BA9-B5E1-5546C6BABC6B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7BFA2D68-8B8D-46F4-B266-CB6E3BCE134E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{7DDBB5CA-FF71-4130-AC68-BECC57DFB46D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8003F74D-D155-414C-B8B6-64C1263744BC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8026A2FB-6033-451A-AC52-10EC3AE7814C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8070EF56-BBFA-4AD8-9347-460DBCEC23C6}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{81590F27-3E66-4D60-8CB5-1215A4ADB430}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{82208616-4B88-4F94-8E81-F72750345C92}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8240007E-C74C-4071-96BB-5F1FB6FEEF07}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8338E246-8EDE-4FC8-8D2D-E8ADA0D58D55}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8370DC12-F9DD-40CE-B032-F5C72E502082}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{83D1D440-325B-4F05-99B9-6C3FC4566ADA}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8853AF04-8AA2-420E-A334-89207602135C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{88CFFEBB-B813-439D-9963-5D80544D0549}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8A7A7403-BC13-47F5-B859-3B2A12872426}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8ADD6173-27A4-4A01-899A-F7A6CBCD02F7}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8B1DFB6F-FB62-42C1-B3D5-7BDB0440BCEC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8B3CB0E0-CE6D-4C17-B495-B3F7EABBA5B7}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8BCE76D3-2335-4816-AC41-45E8F9048F8A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8CA93633-6473-4412-BCBA-071F9F3CADB2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8CBFB757-8672-429D-85CA-E2952366989A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8D7BC685-47CC-4EEC-866B-715451DBA29F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8DE7FA60-8FA7-488F-A126-E43C61861959}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8E38BB32-51FB-47FF-8DFA-10EECEB93D40}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8E4262D4-7ED1-4F70-A559-217E7007FE90}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{8ECCD4E4-D2F7-49D4-A5E8-5F6E79051105}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{90A91B5F-9A4C-43C4-BF60-1A4213DB22CF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{91B019CF-3348-463A-A74E-E0A2207F0205}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{9207D900-3B61-4563-B37D-2E169768FC39}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{92454510-CA3F-4D53-B471-C05A1EB81534}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{94F982F0-C937-46B0-B82F-FFF42A236B29}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{960C63B4-5734-409C-9721-F2B2D887A538}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{973803D8-D7C3-4E64-90D4-8158660D52E2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{97AEE5D7-66E2-4758-B82E-4C053265374A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{98DC9709-BCD6-4B20-A730-24F450CA9F81}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{9B61C9C3-77B5-4E97-B8BD-FA8783136190}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A0D88FF1-C2D2-4D47-A8D8-A655CDAC6080}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A1695B41-61ED-4A20-BD79-E83608DBCCEB}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A1A246EB-BB90-4BD3-B925-99C8B4BE3FD3}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A324B27F-E28E-4E41-8C04-A6C3D2DD3B6E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A4E4AF79-85D7-4D2F-AE0D-1FBA7AED43C8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A5AC4467-2651-49A1-9E6C-6392B8163411}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{A687E599-F225-4EA8-9258-62CADB334CD3}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ABC1588F-3E23-4BED-AA40-25B9D782FEED}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ACFDBF90-DF62-46E1-AD91-3BA5799D92A5}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AD41F4EE-02E7-4D61-A42D-3B43CF8AC9F8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AD5459AB-9F51-43E0-A8C8-BE6565B30509}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AE017C9C-34ED-48E4-B4E5-B4208056677E}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{AE32328A-4E14-4900-AF10-0C399636F3D1}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B0926967-6635-4764-8999-2BE3E2357C56}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B09D5E57-A93D-49F4-8845-C46BFA5DB331}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B2A8D558-1DF8-4A0C-A2F9-C9354F4E747F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B3C07C3B-B1D2-4CF9-920C-92F0EBE89093}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B44EACAC-6956-4B0D-B51E-5A17651B51F2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B4F045C6-337D-4100-915D-77D14BCA7515}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B5F04CCB-9A81-419D-8F92-4EF4F3374FC9}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B826C9F4-D90A-4E6D-8AEF-A075C99E4B04}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B94F6EDD-D099-479F-A932-B202310C0135}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B957D454-7FC4-4977-8831-921068887BEE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B9C473CE-ED97-4CBF-A6AB-2EB37F598B84}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{B9DDE366-996B-48D2-8293-817E3142CD66}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{BBD8BDA7-A9D2-43D4-9033-1EDA53FD125D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{BC596B36-CDCE-46A2-9B71-660D741B264A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{BF222795-D72E-46CC-BF4F-68F2FD9BABD6}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C1FC68E6-F604-4D82-9B59-DBF1597CA49D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C2B9B7DE-1F78-4C62-A824-0AE6C430B966}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C61B2358-2A6E-48B2-AB50-0B8D447994CF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C80740AD-7E2F-4000-89E3-4CA72FFC03B4}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C8E88555-9667-41C9-8A0D-3EE1F2E30869}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C901D744-BE20-4B44-8A0D-5F0E03635F00}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{C95A3542-BA6D-4CE1-B76D-C565E7CD3FC0}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CA05A124-1E9F-4524-A49D-1AB63EEBE1D3}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CADEBAD3-D03A-4333-9B04-B5FA7534B845}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CB74F58B-D03D-4695-8983-8C46B9EF8A1C}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{CFA9C644-3A2B-44D8-BF2F-9EAE1F75C655}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D05A5886-3679-4688-8AF4-54336B91703A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D1811558-9825-4698-BF91-E02C17E498D7}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D264D48E-C736-4A82-A014-AAA83998F0F0}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D44AB542-29C2-4891-BDF0-15ECCF1010AC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D56EB2E1-EAEE-4217-ADC9-A06B5A957BA6}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{D9284BBD-759F-4C0F-86A3-B54F5AD6B012}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DAB6601F-4FD1-4E66-9744-4CFF43A1E0EC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DC922646-9698-4DF3-A6DA-FAC8E10358AF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DEC0DFE4-6D05-480C-8253-D9A2CF5E2EFA}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DF0438B6-8F97-4E0F-833C-3B85FE681A1F}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{DF2B9666-6EFF-40BA-9F84-1E336257792D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E1DBB7B8-D4A9-442E-A816-13AF2421A1DC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E2D38968-D011-4CF7-A0C4-A8FE209E613A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E307B1FE-0801-431F-BF77-BD5345291F8A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E4FC0F8A-6941-4472-9DA9-A524899A43EF}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E50EC0C4-34EB-497F-8729-9A631AF67D60}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E6B14CE4-9552-44CD-86B7-0AAEFDD5908D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E703BC31-7A06-4D13-B40A-F4E96BB80D71}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E93A60D4-A8F4-4037-A8AA-5CDE15E0D95B}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E95CC46F-73C2-42DB-B2F8-C9A4F2115FE8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E9CB9C27-74A6-45C8-B167-306813A03DC4}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{E9F6F435-0E35-4AAD-A335-06A0F9C9B7C0}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EA7D34F3-8529-4800-9AD3-479572B2F8DC}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EB0693B6-4DCE-448E-989F-E4A0EF4312BE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EC56D98C-4D3C-435A-A7B6-3A964AC54256}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ECE1E662-D324-48FF-A873-2D9BD782DC74}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{ED8FDF04-FC38-4F8F-A865-DB9D3909066D}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EDF17D85-33C7-4C55-BD6E-1B47D9D15E68}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{EE86C768-6EAF-47C8-8ADB-EF90198ACEA2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F0C04C6D-61A6-4659-91F8-5B297C6DFABE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F21EACEC-890A-4557-8052-25ACCB268392}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F24E2CD5-472B-4B5A-B5AF-AE344AD7EA52}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F2DCA2CD-5D37-42A4-B65E-67470D51CAA6}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F3928D41-0676-4F10-ABC5-452349EB18AE}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F3AB8FCF-D347-430C-A000-E625D2580BB8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F4694E30-A6FB-4E58-8916-91F2A05BA6E2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F5962BC0-F12C-4751-9BB6-273F06E48993}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F60710D7-5078-427E-AD05-00294C9D6799}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F6591341-DCC3-4753-B1B1-EEA4AB140BDD}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{F8350659-5968-47C5-A939-7D1B6A4A912A}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FB6B7EAF-E2AF-474C-BA90-C9382A10E2C2}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FC29FD14-DC5F-408B-A8E3-DFBEE127D278}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FC637EF1-32AA-4EED-ADEA-D5707E9F4A37}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FD23C0C4-2003-448F-8798-8ACA6C00E566}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FE5DC64C-8BEC-43DC-AF9A-8BC8FE81BACA}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FE6377D4-8C96-4C92-9A26-02C37797EFF8}
Successfully deleted: [Empty Folder] C:\Users\Jason\Appdata\Local\{FFB26EF7-3E9B-4898-B1CD-C6165C2062A5}
Successfully deleted: [Folder] C:\Users\Jason\Appdata\Local\crashrpt
 
 
 
~~~ Chrome
 
 
[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Jason\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/08/2015 at 22:50:28.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

microsoft

 

 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0)
Started On Thu Aug 13 22:52:16 2015
 
Engine: 1.1.11903.0
Signatures: 1.203.693.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 13 23:17:28 2015
 
 
Return code: 0 (0x0)
Link to post
Share on other sites

You`ve ran the fix for FRST twice, I guess that is why the log you`ve posted does shows entries not found....

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015

Ran by Jason (2015-08-13 19:51:17) Run:2

 

Regarding Malwarebytes, do a clean install and see if it will now run a threat scan, follow instructions at this link:

 

https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/

 

Thanks...

 

Kevin

Link to post
Share on other sites

hi sorry i did run it twice as the first time it froze for about 2 hours so i restarted it. I got the malware bytes working and it didnt find anything, but it appears i am losing more of my programs from my desktop.

 

here is the log for the malware bytes

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 14/08/2015
Scan Time: 11:36 AM
Logfile: log.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.14.05
Rootkit Database: v2015.08.06.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jason
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 505156
Time Elapsed: 34 min, 3 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Download and save to your Desktop "Shortcut Cleaner" from here: http://www.bleepingcomputer.com/download/shortcut-cleaner/

 

Right click on "Shortcut Cleaner" select "Run as Administrator" a Black box will open as the scan begins

 

When complete a log file will open, it will also be saved on your desktop and be named sc-cleaner.txt let me see that log....

 

Thank you,

 

Kevin...

Link to post
Share on other sites

sc cleaner didnt seem to find anything. ive attached an image of some of the shortcuts that are messed up.

 

Log:

Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 
Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 08/15/2015 01:49:31 PM.
 
Scanning for registry hijacks:
 
 * No issues found in the Registry.
 
Searching for Hijacked Shortcuts:
 
Searching C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\
 
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
 
Searching C:\Users\Jason\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
 
Searching C:\Users\Public\Desktop\
 
Searching C:\Users\Jason\Desktop\
 
Searching C:\Users\Public\Desktop\
 
 
0 bad shortcuts found.
 
Program finished at: 08/15/2015 01:50:29 PM
Execution time: 0 hours(s), 0 minute(s), and 57 seconds(s)
 

post-191206-0-65646700-1439672239_thumb.

Link to post
Share on other sites

frst:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015
Ran by Jason (administrator) on JASONSBABYII (15-08-2015 15:24:58)
Running from C:\Users\Jason\Desktop
Loaded Profiles: Jason & UpdatusUser (Available Profiles: Jason & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Absolute Software) C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
() C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe
(RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-11-01] (Intel® Corporation)
HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.)
HKLM-x32\...\Run: [Appandora device service] => C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe [815104 2015-05-25] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Run: [Google Update] => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.)
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
HKU\S-1-5-18\...\Run: [] => [X]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-08-14]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-08-14]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2012-02-09]
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-07-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-05] (Autodesk, Inc.)
BootExecute: autocheck autochk /p \??\C:autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/23
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {59353EE1-AE22-4A4C-A68C-D357D58B166B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {59353EE1-AE22-4A4C-A68C-D357D58B166B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1919526134-189285257-3370074446-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll No File
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Tcpip\Parameters: [DhcpNameServer] 64.59.160.13 64.59.161.68
Tcpip\..\Interfaces\{603208F3-FE17-4619-9D83-943B516F4C88}: [DhcpNameServer] 64.59.160.13 64.59.161.68
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.2.1 -> C:\Windows\system32\npDeployJava1.dll [2011-11-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.2.1 -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [No File]
FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @talk.google.com/O1DPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1919526134-189285257-3370074446-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2
 
Chrome: 
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-17]
CHR Extension: (Entanglement Web App) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-10-08]
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-17]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-02]
CHR Extension: (LibreOffice Impress on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aphkpmfcmpjnlnfilmgokeohlbealone [2015-01-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]
CHR Extension: (Geo Fever) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdhogkfhcejcnbdkcbmcpglkamhbgbl [2014-10-08]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-17]
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-17]
CHR Extension: (Google Sheets) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-17]
CHR Extension: (XML Tree) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb [2014-10-08]
CHR Extension: (AdBlock) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Poppit!) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-17]
StartMenuInternet: Google Chrome - C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AbsoluteNotifier; C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [10920 2011-05-10] (Absolute Software) [File not signed]
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-04] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Ltd.)
S2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [X]
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [X]
S2 Autodesk Content Service; "C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X]
S2 DellDataVaultWiz; "C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe" [X]
S3 FLEXnet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S3 FlexNet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe" [X]
S2 Garmin Core Update Service; "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]
S2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]
S3 RoxMediaDB12OEM; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe" [X]
S2 RoxWatch12; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe" [X]
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-09] (DT Soft Ltd)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [639280 2012-03-26] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [16896 2007-03-20] (http://libusb-win32.sourceforge.net)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S2 Sentinel64; \SystemRoot\System32\Drivers\Sentinel64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-15 15:24 - 2015-08-15 15:25 - 00027024 _____ C:\Users\Jason\Desktop\FRST.txt
2015-08-15 15:24 - 2015-08-15 15:25 - 00000000 ____D C:\FRST
2015-08-15 15:23 - 2015-08-15 15:23 - 00003426 _____ C:\Users\Jason\Downloads\Fixlist (1).txt
2015-08-15 15:23 - 2015-08-15 15:23 - 00003426 _____ C:\Users\Jason\Desktop\Fixlist.txt
2015-08-15 13:49 - 2015-08-15 13:50 - 00001876 _____ C:\Users\Jason\Desktop\sc-cleaner.txt
2015-08-15 13:49 - 2015-08-15 13:49 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\sc-cleaner.exe
2015-08-15 13:49 - 2015-08-15 13:49 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Jason\Desktop\sc-cleaner.exe
2015-08-14 16:33 - 2015-08-14 16:33 - 00000000 ____D C:\459c6c87a0880a6b930688db7015
2015-08-14 15:26 - 2015-08-14 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-14 15:14 - 2015-08-14 15:14 - 01959672 _____ C:\Users\Jason\Downloads\winrar-x64-53b2.exe
2015-08-14 12:52 - 2015-08-14 12:52 - 00000000 _____ C:\Windows\SysWOW64\sho4403.tmp
2015-08-14 11:35 - 2015-08-15 15:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-14 11:35 - 2015-08-14 11:35 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-14 11:35 - 2015-08-14 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-14 11:35 - 2015-08-14 11:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-14 11:35 - 2015-08-14 11:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-14 11:35 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-14 11:35 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-14 11:35 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-14 11:34 - 2015-08-14 11:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jason\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-14 11:33 - 2015-08-14 11:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jason\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-14 11:29 - 2015-08-14 14:07 - 00014408 _____ C:\Windows\PFRO.log
2015-08-14 11:27 - 2015-08-14 11:27 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jason\Downloads\mbam-clean-2.1.1.1001.exe
2015-08-14 11:27 - 2015-08-14 11:27 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jason\Desktop\mbam-clean-2.1.1.1001.exe
2015-08-14 11:13 - 2015-08-14 11:09 - 00176967 _____ C:\Users\Jason\Desktop\msvcp100.zip
2015-08-14 11:12 - 2015-08-14 11:13 - 00000000 ____D C:\Users\Jason\AppData\Local\WinZip
2015-08-14 11:12 - 2015-08-14 11:12 - 00002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-08-14 11:12 - 2015-08-14 11:12 - 00002239 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\Users\Jason\Desktop\geog 314
2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\ProgramData\WinZip
2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\Program Files\WinZip
2015-08-14 11:10 - 2015-08-14 11:11 - 00000000 ____D C:\Users\Jason\Desktop\Anth 302
2015-08-14 11:09 - 2015-08-15 15:23 - 00000000 ____D C:\Users\Jason\Desktop\Logs and fixes
2015-08-14 11:08 - 2015-08-14 11:09 - 00176967 _____ C:\Users\Jason\Downloads\msvcp100.zip
2015-08-14 11:08 - 2015-08-14 11:08 - 00000000 ____D C:\ProgramData\UniqueId
2015-08-14 11:07 - 2015-08-14 11:08 - 00714368 _____ (WinZip Computing, S.L.) C:\Users\Jason\Downloads\winzip19-home.exe
2015-08-14 02:09 - 2015-08-14 02:09 - 07186992 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\vcredist_x64.exe
2015-08-14 02:09 - 2015-08-14 02:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 00:47 - 2015-08-14 00:47 - 00000000 ____D C:\ProgramData\.mono
2015-08-14 00:10 - 2015-08-14 00:10 - 00083960 _____ C:\Users\Jason\Downloads\mbam-chameleon.zip
2015-08-13 23:16 - 2015-08-14 00:03 - 00000000 ____D C:\Windows\Panther
2015-08-13 22:51 - 2015-08-13 22:52 - 51076312 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\Windows-KB890830-x64-V5.27.exe
2015-08-13 22:43 - 2015-08-13 22:43 - 00000000 ____D C:\ProgramData\Apple
2015-08-13 22:43 - 2015-08-13 22:43 - 00000000 ____D C:\Program Files (x86)\dumps
2015-08-13 22:42 - 2015-08-14 22:19 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 22:42 - 2015-08-13 22:42 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-08-13 22:42 - 2015-08-13 22:42 - 00000000 ____D C:\ProgramData\Intel
2015-08-13 22:42 - 2015-08-13 22:42 - 00000000 _____ C:\Windows\setuperr.log
2015-08-13 22:41 - 2015-08-14 22:19 - 00000672 _____ C:\Windows\setupact.log
2015-08-13 22:37 - 2015-08-13 22:37 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Jason\Downloads\JRT.exe
2015-08-13 22:35 - 2015-08-13 22:40 - 00000000 ____D C:\AdwCleaner
2015-08-13 22:28 - 2015-08-14 15:36 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-08-13 22:28 - 2015-08-14 15:36 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-08-13 22:28 - 2015-08-13 22:28 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2015-08-13 22:26 - 2015-08-13 22:27 - 47544592 _____ (Hi-Rez Studios) C:\Users\Jason\Downloads\InstallSmite.exe
2015-08-13 22:20 - 2015-08-13 22:20 - 00000000 ____D C:\Users\Jason\AppData\Local\Steam
2015-08-13 22:20 - 2015-08-13 22:20 - 00000000 ____D C:\Users\Jason\AppData\Local\CEF
2015-08-13 22:18 - 2015-08-13 22:18 - 00000965 _____ C:\Users\Public\Desktop\Steam.lnk
2015-08-13 22:17 - 2015-08-14 22:21 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-13 22:16 - 2015-08-13 22:16 - 01476720 _____ C:\Users\Jason\Downloads\SteamSetup.exe
2015-08-13 20:02 - 2015-08-13 20:02 - 02248704 _____ C:\Users\Jason\Downloads\AdwCleaner.exe
2015-08-13 14:33 - 2015-08-13 14:33 - 00000000 ____D C:\Users\Jason\Desktop\FRST-OlderVersion
2015-08-13 14:32 - 2015-08-13 14:32 - 00003426 _____ C:\Users\Jason\Downloads\Fixlist.txt
2015-08-13 14:23 - 2015-08-13 14:23 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill.exe
2015-08-13 14:23 - 2015-08-13 14:23 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill64.exe
2015-08-13 14:22 - 2015-08-13 14:22 - 00000168 _____ C:\Users\Jason\defogger_reenable
2015-08-13 03:06 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 03:06 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 10:54 - 2015-07-28 13:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 10:54 - 2015-07-28 13:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 10:54 - 2015-07-28 13:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 10:54 - 2015-07-28 13:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 10:54 - 2015-07-28 13:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 10:54 - 2015-07-28 13:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 10:54 - 2015-07-28 13:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 10:54 - 2015-07-28 12:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 10:54 - 2015-07-15 11:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 10:54 - 2015-07-15 11:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 10:54 - 2015-07-15 11:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 10:54 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 10:54 - 2015-07-15 11:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 10:54 - 2015-07-15 11:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 10:54 - 2015-07-15 11:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 10:54 - 2015-07-15 11:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 10:54 - 2015-07-15 11:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 10:54 - 2015-07-15 11:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 10:54 - 2015-07-15 11:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 10:54 - 2015-07-15 11:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 10:54 - 2015-07-15 11:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 10:54 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 10:54 - 2015-07-15 11:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 10:54 - 2015-07-15 11:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 10:54 - 2015-07-15 11:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 10:54 - 2015-07-15 11:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 11:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 10:54 - 2015-07-15 10:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 10:54 - 2015-07-15 10:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 10:54 - 2015-07-15 10:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 10:54 - 2015-07-15 10:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 10:54 - 2015-07-15 10:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 10:54 - 2015-07-15 10:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 10:54 - 2015-07-15 10:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 10:54 - 2015-07-15 10:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 10:54 - 2015-07-15 10:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 10:54 - 2015-07-15 10:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 10:54 - 2015-07-15 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 10:54 - 2015-07-15 10:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 10:54 - 2015-07-15 10:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 10:54 - 2015-07-15 10:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 10:54 - 2015-07-15 10:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 10:54 - 2015-07-15 10:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 10:54 - 2015-07-15 10:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 10:54 - 2015-07-15 10:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 10:54 - 2015-07-15 10:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 10:54 - 2015-07-15 10:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 10:54 - 2015-07-15 10:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 10:54 - 2015-07-15 10:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 10:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 09:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 10:54 - 2015-07-15 09:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 10:54 - 2015-07-15 09:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 10:54 - 2015-07-15 09:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 10:54 - 2015-07-15 09:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 10:54 - 2015-07-15 09:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 09:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 09:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 10:54 - 2015-07-15 09:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 10:54 - 2015-07-14 20:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 10:54 - 2015-07-10 10:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 10:54 - 2015-07-10 10:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 10:54 - 2015-07-10 10:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 10:54 - 2015-07-10 10:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 10:54 - 2015-07-10 10:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 10:54 - 2015-07-10 10:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 10:53 - 2015-07-30 11:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 10:53 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 10:53 - 2015-07-30 10:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 10:53 - 2015-07-30 10:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 10:53 - 2015-07-30 10:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 10:53 - 2015-07-30 10:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 10:53 - 2015-07-30 10:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 10:53 - 2015-07-30 09:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 10:53 - 2015-07-30 09:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 10:53 - 2015-07-30 09:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 10:53 - 2015-07-20 17:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 10:53 - 2015-07-20 17:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 10:53 - 2015-07-16 14:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-11 10:53 - 2015-07-16 13:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-11 10:53 - 2015-07-16 13:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 10:53 - 2015-07-16 13:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 10:53 - 2015-07-16 13:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 10:53 - 2015-07-16 13:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 10:53 - 2015-07-16 13:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 10:53 - 2015-07-16 13:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 10:53 - 2015-07-16 13:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 10:53 - 2015-07-16 13:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 10:53 - 2015-07-16 13:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 10:53 - 2015-07-16 13:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 10:53 - 2015-07-16 13:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 10:53 - 2015-07-16 13:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 10:53 - 2015-07-16 13:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 10:53 - 2015-07-16 13:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 10:53 - 2015-07-16 13:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 10:53 - 2015-07-16 13:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-11 10:53 - 2015-07-16 13:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 10:53 - 2015-07-16 13:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 10:53 - 2015-07-16 13:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-11 10:53 - 2015-07-16 13:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 10:53 - 2015-07-16 12:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 10:53 - 2015-07-16 12:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 10:53 - 2015-07-16 12:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 10:53 - 2015-07-16 12:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 10:53 - 2015-07-16 12:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 10:53 - 2015-07-16 12:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 10:53 - 2015-07-16 12:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 10:53 - 2015-07-16 12:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 10:53 - 2015-07-16 12:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 10:53 - 2015-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 10:53 - 2015-07-16 12:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 10:53 - 2015-07-16 12:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 10:53 - 2015-07-16 12:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 10:53 - 2015-07-16 12:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 10:53 - 2015-07-16 12:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 10:53 - 2015-07-16 12:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 10:53 - 2015-07-16 12:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 10:53 - 2015-07-16 12:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 10:53 - 2015-07-16 12:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 10:53 - 2015-07-16 12:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 10:53 - 2015-07-16 12:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 10:53 - 2015-07-16 12:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 10:53 - 2015-07-16 12:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 10:53 - 2015-07-16 12:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 10:53 - 2015-07-16 12:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 10:53 - 2015-07-16 12:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 10:53 - 2015-07-16 12:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 10:53 - 2015-07-16 12:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 10:53 - 2015-07-16 12:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 10:53 - 2015-07-16 12:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 10:53 - 2015-07-16 12:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 10:53 - 2015-07-16 12:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 10:53 - 2015-07-16 11:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 10:53 - 2015-07-16 11:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 10:53 - 2015-07-16 11:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 10:53 - 2015-07-16 11:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 10:53 - 2015-07-14 20:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 10:53 - 2015-07-14 20:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 10:53 - 2015-07-14 20:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 10:53 - 2015-07-14 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 10:53 - 2015-07-14 19:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 10:53 - 2015-07-14 19:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 10:53 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 10:53 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 10:53 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 10:53 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 10:53 - 2015-07-09 10:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 10:53 - 2015-07-01 13:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 10:53 - 2015-07-01 13:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 10:53 - 2015-07-01 13:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 10:53 - 2015-07-01 13:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 10:52 - 2015-07-20 11:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 10:52 - 2015-07-20 11:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 10:52 - 2015-07-20 11:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 10:52 - 2015-07-20 10:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 10:52 - 2015-07-20 10:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 10:52 - 2015-07-20 10:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 10:52 - 2015-07-20 10:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 10:52 - 2015-07-20 10:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 10:52 - 2015-07-10 10:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 10:52 - 2015-07-10 10:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 10:52 - 2015-05-09 11:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-10 10:47 - 2015-08-10 10:47 - 00050477 _____ C:\Users\Jason\Downloads\Defogger.exe
2015-08-10 10:47 - 2015-08-10 10:47 - 00050477 _____ C:\Users\Jason\Desktop\Defogger.exe
2015-08-10 00:52 - 2015-08-10 00:52 - 00063982 _____ C:\Users\Jason\Downloads\Addition.txt
2015-08-10 00:51 - 2015-08-10 00:52 - 00086827 _____ C:\Users\Jason\Downloads\FRST.txt
2015-08-10 00:49 - 2015-08-13 14:33 - 02173952 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe
2015-08-09 20:48 - 2015-08-09 20:48 - 00000000 ____D C:\Users\Jason\Documents\Duels of the Planeswalkers Dumps
2015-08-09 20:05 - 2015-08-09 20:37 - 05634368 _____ (Swearware) C:\Users\Jason\Downloads\ComboFix.exe
2015-08-09 20:04 - 2015-08-09 20:04 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\unhide.exe
2015-08-09 19:51 - 2015-08-09 19:51 - 01097400 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\setuponenotefreeretail.x86.en-us_ (2).exe
2015-08-09 11:15 - 2015-08-09 11:15 - 00000000 ____D C:\Users\Jason\AppData\Local\SquirrelTemp
2015-08-05 21:00 - 2015-08-05 21:00 - 00077695 _____ C:\Users\Jason\Downloads\Snes9xGX Cheats.zip
2015-08-05 21:00 - 2001-10-17 12:22 - 00000196 _____ C:\Users\Jason\Desktop\Super Star Wars.cht
2015-08-05 21:00 - 2001-10-17 12:06 - 00000112 _____ C:\Users\Jason\Desktop\Super Star Wars - Return Of The Jedi.cht
2015-08-05 21:00 - 2001-10-17 11:47 - 00000168 _____ C:\Users\Jason\Desktop\Super Star Wars - The Empire .cht
2015-08-04 19:58 - 2015-08-04 20:09 - 923512243 _____ C:\Users\Jason\Downloads\SNES Master Set Shrunken Spine (797).rar
2015-07-30 00:41 - 2015-07-30 00:41 - 00000462 _____ C:\Users\Jason\Documents\OS © - Shortcut.lnk
2015-07-24 21:39 - 2015-07-24 21:39 - 00000000 ____D C:\Users\Jason\AppData\Roaming\.mono
2015-07-24 21:37 - 2015-07-24 21:37 - 00001566 _____ C:\Users\Jason\Desktop\Pokémon Trading Card Game Online.lnk
2015-07-24 21:37 - 2015-07-24 21:37 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Pokémon Trading Card Game Online
2015-07-24 21:37 - 2015-07-24 21:37 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2015-07-24 21:35 - 2015-07-24 21:37 - 228685824 _____ C:\Users\Jason\Downloads\PokemonInstaller.msi
2015-07-22 16:01 - 2015-07-22 16:04 - 00000000 ____D C:\Users\Jason\.opencards
2015-07-22 16:01 - 2015-07-22 16:01 - 00000000 ____D C:\Users\Jason\OpenCards Examples
2015-07-22 15:59 - 2015-07-22 16:00 - 17294350 _____ C:\Users\Jason\Downloads\opencards-2.2-windows.zip
2015-07-21 10:23 - 2015-07-21 10:23 - 00055305 _____ C:\Users\Jason\Documents\Resume Jason Hydrographic Service.odt
2015-07-21 10:23 - 2015-07-21 10:23 - 00046873 _____ C:\Users\Jason\Documents\Cover letter Jason Canadian Forest Research.odt
2015-07-18 01:43 - 2015-07-18 01:43 - 00000041 _____ C:\Users\Jason\Downloads\northok.m3u
2015-07-18 01:20 - 2015-07-18 01:20 - 00000043 _____ C:\Users\Jason\Downloads\crfireems.m3u
2015-07-18 01:19 - 2015-07-18 01:19 - 00000039 _____ C:\Users\Jason\Downloads\crest.m3u
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-15 14:46 - 2012-02-01 04:04 - 01761542 _____ C:\Windows\WindowsUpdate.log
2015-08-15 13:53 - 2009-07-13 21:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-15 13:53 - 2009-07-13 21:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-14 22:19 - 2012-02-01 04:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-14 16:53 - 2015-05-24 13:13 - 00000000 ____D C:\Users\UpdatusUser.JasonsbabyII
2015-08-14 16:47 - 2014-03-21 01:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-14 15:36 - 2012-02-01 02:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-14 15:26 - 2014-03-21 01:15 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-14 15:01 - 2015-07-08 22:22 - 00000000 ___RD C:\Users\Jason\OneDrive
2015-08-13 23:57 - 2015-07-10 06:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-13 22:42 - 2015-05-25 12:23 - 00000000 ____D C:\Windows\system32\NV
2015-08-13 22:40 - 2015-07-08 22:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media
2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PLA
2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Help
2015-08-13 22:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Cursors
2015-08-13 22:25 - 2015-06-21 21:27 - 00000000 ____D C:\Program Files (x86)\Appandora
2015-08-13 22:25 - 2015-05-24 13:10 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-08-13 22:25 - 2015-05-24 13:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-08-13 22:25 - 2015-04-26 11:23 - 00000000 ____D C:\ProgramData\Autodesk
2015-08-13 22:25 - 2015-04-17 03:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-13 22:25 - 2015-03-18 10:53 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-13 22:25 - 2014-09-11 20:23 - 00000000 ____D C:\Program Files (x86)\Canon
2015-08-13 22:25 - 2013-01-17 21:32 - 00000000 ____D C:\Program Files (x86)\ArcGIS
2015-08-13 22:25 - 2012-03-16 20:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-08-13 22:25 - 2012-02-01 04:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-13 22:25 - 2012-02-01 04:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-13 22:25 - 2012-02-01 04:02 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-13 22:25 - 2012-02-01 03:10 - 00000000 ____D C:\Program Files (x86)\Nero
2015-08-13 22:25 - 2012-02-01 03:02 - 00000000 ____D C:\ProgramData\Sonic
2015-08-13 22:25 - 2012-02-01 03:00 - 00000000 ____D C:\Program Files (x86)\Roxio
2015-08-13 22:25 - 2012-02-01 02:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-13 22:25 - 2012-02-01 02:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage
2015-08-13 22:25 - 2012-02-01 02:47 - 00000000 ____D C:\Program Files (x86)\Dell
2015-08-13 22:25 - 2012-02-01 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-08-13 22:25 - 2012-02-01 02:40 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-08-13 22:25 - 2012-02-01 02:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-13 22:25 - 2012-02-01 02:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-08-13 22:25 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-08-13 22:25 - 2009-07-13 20:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-13 22:25 - 2009-07-13 20:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 22:24 - 2015-06-10 16:39 - 00000000 ____D C:\Program Files\IIS
2015-08-13 22:24 - 2015-04-26 11:37 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-08-13 22:24 - 2015-04-26 11:37 - 00000000 ____D C:\Program Files\Autodesk
2015-08-13 22:24 - 2015-03-18 10:53 - 00000000 ____D C:\Program Files\Bonjour
2015-08-13 22:24 - 2014-09-11 20:28 - 00000000 ____D C:\Program Files\CanonBJ
2015-08-13 22:24 - 2012-03-26 14:57 - 00000000 ___RD C:\Backup
2015-08-13 22:24 - 2012-03-25 00:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-13 22:24 - 2012-02-01 04:03 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-08-13 22:24 - 2012-02-01 02:37 - 00000000 ____D C:\Program Files\Dell
2015-08-13 22:24 - 2012-02-01 02:26 - 00000000 ____D C:\Program Files\Java
2015-08-13 22:24 - 2011-02-10 07:01 - 00000000 ____D C:\DELL
2015-08-13 22:24 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-13 14:22 - 2012-02-09 17:41 - 00000000 ____D C:\Users\Jason
2015-08-13 03:33 - 2009-07-13 22:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-13 03:26 - 2009-07-13 21:45 - 00571240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 03:23 - 2014-12-10 14:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 03:23 - 2014-05-12 13:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 03:22 - 2015-07-08 22:36 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Audacity
2015-08-13 02:55 - 2012-02-09 18:00 - 00002372 _____ C:\Users\Jason\Desktop\Google Chrome.lnk
2015-08-09 13:52 - 2015-04-06 03:02 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-09 13:52 - 2014-12-10 14:34 - 00000000 ____D C:\Users\TEMP
2015-08-09 13:37 - 2012-02-01 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-08-09 13:35 - 2015-06-10 16:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-08-09 13:29 - 2015-06-10 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-08-09 13:28 - 2014-09-16 18:24 - 00000000 ____D C:\Program Files (x86)\ITT
2015-08-09 13:28 - 2012-02-23 17:28 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-09 13:26 - 2015-06-21 21:27 - 00000000 ____D C:\Program Files (x86)\Decipher Media
2015-08-09 13:22 - 2015-07-09 10:32 - 00000000 ___RD C:\MSOCache
2015-08-09 11:13 - 2012-02-09 17:42 - 00053448 _____ C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-09 01:33 - 2012-02-01 03:01 - 00000000 ____D C:\ProgramData\Roxio
2015-08-06 22:03 - 2015-07-08 22:27 - 00004990 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JasonsbabyII-Jason JasonsbabyII
2015-08-05 19:15 - 2012-02-01 02:44 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-08-05 19:15 - 2012-02-01 02:44 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-07-31 14:31 - 2015-05-19 09:43 - 00000000 __SHD C:\Users\Jason\AppData\Local\EmieBrowserModeList
2015-07-31 14:31 - 2014-10-02 11:52 - 00000000 __SHD C:\Users\Jason\AppData\Local\EmieUserList
2015-07-31 14:31 - 2014-10-02 11:52 - 00000000 __SHD C:\Users\Jason\AppData\Local\EmieSiteList
2015-07-28 10:59 - 2012-03-21 20:12 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-27 18:10 - 2015-07-08 22:22 - 00002164 _____ C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
 
==================== Files in the root of some directories =======
 
2012-05-16 01:55 - 2012-05-29 19:42 - 0000230 _____ () C:\Users\Jason\AppData\Roaming\AbsoluteReminder.xml
2012-11-09 13:55 - 2012-11-09 14:04 - 0000197 _____ () C:\Users\Jason\AppData\Roaming\burnaware.ini
2012-05-29 19:41 - 2012-05-29 19:42 - 5947928 _____ (Absolute Software Corp.                                      ) C:\Users\Jason\AppData\Roaming\LoJackSetup.exe
2012-07-04 23:40 - 2012-07-04 23:46 - 0000077 _____ () C:\Users\Jason\AppData\Roaming\Rim.Desktop.Exception.log
2012-07-04 23:39 - 2013-01-22 15:10 - 0002021 _____ () C:\Users\Jason\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-07-04 23:40 - 2012-07-04 23:46 - 0000077 _____ () C:\Users\Jason\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-07-04 23:41 - 2012-07-04 23:46 - 0000077 _____ () C:\Users\Jason\AppData\Roaming\Rim.Transcoder.Exception.log
2012-09-26 13:59 - 2012-11-24 00:19 - 0000600 _____ () C:\Users\Jason\AppData\Roaming\winscp.rnd
2012-02-09 20:18 - 2012-10-15 20:34 - 0003584 _____ () C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-16 00:25 - 2013-04-12 22:34 - 0000600 _____ () C:\Users\Jason\AppData\Local\PUTTY.RND
2012-03-26 14:57 - 2012-03-26 14:57 - 0017408 _____ () C:\Users\Jason\AppData\Local\WebpageIcons.db
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-04 16:53
 
==================== End of log ============================
Link to post
Share on other sites

addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by Jason (2015-08-15 15:26:09)
Running from C:\Users\Jason\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1919526134-189285257-3370074446-500 - Administrator - Disabled)
Guest (S-1-5-21-1919526134-189285257-3370074446-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1919526134-189285257-3370074446-1003 - Limited - Enabled)
Jason (S-1-5-21-1919526134-189285257-3370074446-1001 - Administrator - Enabled) => C:\Users\Jason
UpdatusUser (S-1-5-21-1919526134-189285257-3370074446-1004 - Limited - Enabled) => C:\Users\UpdatusUser.JasonsbabyII
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Absolute Notifier (HKLM-x32\...\{EBE939ED-4612-45FD-A39E-77AC199C4273}) (Version: 1.4.3.10 - Absolute Software)
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Appandora version 2.1.4 (HKLM-x32\...\{3BA67286-845D-46A7-9A58-FA8B7897BC34}_is1) (Version: 2.1.4 - Appandora, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcGIS 10.1 for Desktop (HKLM-x32\...\ArcGIS 10.1 for Desktop) (Version: 10.1.3035 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.1 License Manager (HKLM-x32\...\ArcGIS 10.1 License Manager) (Version: 10.1.2891 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Research Institute, Inc.) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.1.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.4.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.)
Canon MX530 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX530_series) (Version: 1.00 - Canon Inc.)
Canon MX530 series On-screen Manual (HKLM-x32\...\Canon MX530 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Decipher TextMessage (HKLM-x32\...\{FB313042-11A8-46BA-AA53-0886FDB3778D}) (Version: 8.4.0 - Decipher Media)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{39D06E77-8921-4056-8901-36D0035BAECA}) (Version: 1.5.420.0 - Fingertapps)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
ENVI 4.7.01 (HKLM-x32\...\InstallShield_{B731A2E4-3C92-4B8F-ABB6-D6DB291FA87D}) (Version: 4.7.01 - ITT Visual Information Solutions)
ENVI 4.7.01 (x32 Version: 4.7.01 - ITT Visual Information Solutions) Hidden
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Free Voice Recorder (HKLM-x32\...\{A0BBDFF2-B562-4E9A-9BD2-029A60E93E38}) (Version: 4 - Free Voice Recorder)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.59.1.WIN.FullTilt.COM - )
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Geomatica 2014 (HKLM-x32\...\{1F522C55-6E3F-32A7-9F2A-A3576B177F59}) (Version: 2014.0 - PCI Geomatics)
Google Chrome (HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden
HighGrow Freeware Version 4.20 (HKLM-x32\...\HighGrow Freeware Version 4.20) (Version: 4.20 - Slick Software)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JCreator Pro 5.00 (HKLM-x32\...\JCreator Pro_is1) (Version:  - Xinox Software)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky PURE 2.0 (HKLM-x32\...\InstallWIX_{2D270A67-B7CD-4281-B2FE-60DF18D19B8E}) (Version: 12.0.1.288 - Kaspersky Lab)
Kaspersky PURE 2.0 (x32 Version: 12.0.1.288 - Kaspersky Lab) Hidden
LibreOffice 4.3.1.2 (HKLM-x32\...\{303C2B0D-03AF-4C25-A443-E62DE8AA36A8}) (Version: 4.3.1.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Magic 2015 (HKLM-x32\...\Magic 2015_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1919526134-189285257-3370074446-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft WebMatrix 3 (HKLM-x32\...\{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}) (Version: 2.0.1932 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Pokémon Trading Card Game Online (HKLM-x32\...\{0D9304CD-1C83-4703-AFEF-0C46D1DB21F2}) (Version: 2.27.0 - The Pokémon Company International)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Python 2.7.5 (64-bit) (HKLM\...\{DBDD570E-0952-475f-9453-AB88F3DD565a}) (Version: 2.7.5150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sleep# (HKLM-x32\...\{8A263D44-CD57-4222-BD02-E4CFD64DF859}) (Version: 2.3.2 - CJS)
Slide Ninja (HKLM-x32\...\{C5062D7B-2C10-4B90-A974-6D20E637698D}_is1) (Version: 0.9.6.0 - Heledux)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)
SyncUP (x32 Version: 1.12.11200.10.102 - Nero AG) Hidden
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.02.00000 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VNC Free Edition 4.1.3 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.3 - RealVNC Ltd.)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.30 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.2 - win.rar GmbH)
WinSCP 5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.1 - Martin Prikryl)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll No File
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1919526134-189285257-3370074446-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points =========================
 
12-08-2015 19:38:31 Windows Update
13-08-2015 03:00:14 Windows Update
13-08-2015 22:27:57 Installed Hi-Rez Studios Games
13-08-2015 22:32:15 Configured Hi-Rez Studios Games
13-08-2015 22:34:22 Removed Hi-Rez Studios Games
13-08-2015 22:46:18 JRT Pre-Junkware Removal
14-08-2015 02:05:26 Installed Hi-Rez Studios Games
14-08-2015 02:09:52 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
14-08-2015 11:06:17 Windows Update
14-08-2015 12:51:10 Windows Update
14-08-2015 14:57:07 Windows Update
14-08-2015 15:36:30 Removed Hi-Rez Studios Games
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0435CDFF-6CEF-4B17-8B2D-ECA48A507CB6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {11720222-D29A-460B-917F-754DDAE4F124} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {16CD596A-946B-4F14-9A83-134D41F21805} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: {1A8FF082-4C36-41E5-A90F-2E2F998D9671} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe
Task: {1B77DF89-9465-492B-91F1-220505E13D74} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1919526134-189285257-3370074446-1001Core => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {250E92C1-8B88-4F15-BC0E-7BE641720199} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe
Task: {2673C739-BBAF-49E9-BA28-3267A7C38A18} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JasonsbabyII-Jason JasonsbabyII => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
Task: {48CDC8EC-9368-46A5-A1DC-DC6481ED3ECB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9FB64B5B-5D9E-4E34-8AEE-71E51EA0FA91} - System32\Tasks\{0B5174E5-13BD-4F8D-B36A-BFF4FA9B1678} => C:\Users\Jason\Downloads\crack_arcgis_101\License Manager (Pre-Release Version)\License Manager (Pre-Release Version)\Setup.exe
Task: {FAD7D9E3-49FC-4CCD-9D3D-FEA4A938F811} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-24 13:12 - 2013-10-23 01:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-01 11:58 - 2011-11-01 11:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2006-12-04 01:26 - 2006-12-04 01:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-08 22:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-02-01 03:29 - 2011-07-20 06:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-01 02:28 - 2010-12-17 09:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2011-11-01 11:58 - 2011-11-01 11:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2015-06-21 21:27 - 2015-05-25 14:31 - 00815104 _____ () C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe
2015-04-26 11:54 - 2014-12-04 19:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-04-26 11:54 - 2014-12-04 19:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-08-13 02:55 - 2015-08-07 17:13 - 01405768 _____ () C:\Users\Jason\AppData\Local\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 02:55 - 2015-08-07 17:13 - 00081224 _____ () C:\Users\Jason\AppData\Local\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-06-21 21:27 - 2015-05-25 14:31 - 00397824 _____ () C:\Program Files (x86)\Appandora\DuiLib.dll
2015-06-21 21:27 - 2013-05-31 14:53 - 00059904 _____ () C:\Program Files (x86)\Appandora\zlib.dll
2015-06-21 21:27 - 2013-05-31 14:53 - 00526848 _____ () C:\Program Files (x86)\Appandora\sqlite3.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-21 21:27 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Appandora\hashab.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1919526134-189285257-3370074446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.59.160.13 - 64.59.161.68
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Jason^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sleep#.lnk => C:\Windows\pss\Sleep#.lnk.Startup
MSCONFIG\startupreg: Absolute Notifier => "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{278456CB-AC7C-491B-9137-F13DCE40B902}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{70D8558F-D8B7-40E4-AD4B-5BB352C472ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{2DDC2FFE-6435-48C8-BB33-CADA27CAAB50}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{C6C6D385-336C-49D2-B3DB-1FE677C12390}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0032466A-1306-496E-A276-7B2B9477DC52}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{DA14A0CC-C654-4280-B07B-2CC5430921C2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3AD5A04E-363B-4EAF-A9FE-3DD1220968D7}] => (Allow) LPort=2869
FirewallRules: [{6B8DA0D0-41B6-4944-8E2C-6B2B20895973}] => (Allow) LPort=1900
FirewallRules: [{6E2A5D06-3367-4211-9DC4-1EFC0E07AF8E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{496A6DFA-13D2-4FA0-84D3-A93CB5C96CE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C9701EAD-E787-4C52-8F07-5C8B7FD329FF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4030703A-D3C5-498A-A84E-03F90022E66F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A21361A8-2966-46AF-B10D-3013FAE481D8}] => (Allow) LPort=9700
FirewallRules: [{DAA6C593-4DA8-4875-84CB-29657F8C8113}] => (Allow) LPort=9701
FirewallRules: [{5B6E278A-5BC8-438F-9A63-902A5D3D3FE2}] => (Allow) LPort=9702
FirewallRules: [{007A1AB8-4042-4789-9104-1FB9343247EC}] => (Allow) LPort=9700
FirewallRules: [{049AF6A6-0DCC-4968-9A79-74B482E788B0}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{410B3A06-561A-493D-A615-66AA35F849F0}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{F61EFAF2-7438-4B2E-BBF4-EA91B706284B}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{FEC1EF45-D4A0-4909-840E-824A8503D4C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe
FirewallRules: [{EED00DFB-8AD0-4C43-9F19-9E8149DC409B}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe
FirewallRules: [{7BE624A2-F1DF-440E-A5A1-29F04CFF9602}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe
FirewallRules: [{060F65BF-9695-4FED-9E5C-7FE8B98F89D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe
FirewallRules: [{8677446E-BB73-490C-BC59-38726009F18F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{D3568EEF-35B6-4DF1-AE65-615340CF9B2B}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [TCP Query User{D447A847-1C8B-41EF-A459-AC543CF85CD7}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [uDP Query User{2085B9AB-32C7-494F-9EC6-962DCA863731}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{12E1B37A-8490-4639-BDDD-6836BCD02E3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F957DAA-B1E2-453B-9EA8-8714AA4622B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0F8D391-091A-4B5A-978A-DB65A88F843A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe
FirewallRules: [{528C67D9-F18C-45A5-94D8-A6DC95D096B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2.exe
FirewallRules: [{882726A1-EFF4-4B68-8038-0350CAA5FC95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe
FirewallRules: [{64ADEB8F-77E2-4D55-AC85-4037BE8EDCAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's HAWX 2 - NCSA\HAWX2_DX11.exe
FirewallRules: [{E4423745-D4E4-4333-A03D-841B4B2CCFE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{522D74A3-C00B-4E29-9279-5095B6F1A941}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B0A4B942-6D5B-400B-A040-1D25ABD45C14}] => (Allow) support inRosettaStoneLtdServices.exe
FirewallRules: [{AA9D1437-F961-41B6-9852-983C6D42103B}] => (Allow) RosettaStoneVersion3.exe
FirewallRules: [{39212217-B394-46C5-B9E4-4E6A6EE50548}] => (Allow) support inRosettaStoneLtdServices.exe
FirewallRules: [{FA77A442-FB1E-4C27-8944-5AB08D4113BD}] => (Allow) RosettaStoneVersion3.exe
FirewallRules: [TCP Query User{83A50AA0-AFA7-4769-B134-68175C4FFE4B}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [uDP Query User{4A528353-E1ED-45D7-B9B9-F2ABA040AF23}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [{5B4A6BFC-9D5E-470D-AEB0-BABE5DB68316}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{9D60E234-3441-46DC-A10C-16528A0ABADD}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{D7DB0107-3786-40C9-8D0F-9E39092E7B4C}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{41A8001C-00A2-4AC5-8BCB-73D98C9F5D5C}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [TCP Query User{BE1B5EC3-D20D-4BFA-8664-4D4B6A77BE7A}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [uDP Query User{5E6519B7-97CB-4C8E-AAF1-2FA8FBECA9E3}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{34CE8582-F97C-46F5-BE2B-6E36F75CB133}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [uDP Query User{3EDFA2FB-99CB-4F16-BABC-0D68B407FEA9}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{95430D12-1068-4564-8356-5A95FAC17CA8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E7179316-61A7-4F77-9E54-D7BA74FAC267}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{B2D377FF-4BED-4E10-B9F4-D9A9CFACCF93}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{8FD1A1A6-CDBD-4C2B-8974-1E5D13352C31}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{9FCA7D9A-6FF2-4DBB-AFA3-D48365A90C90}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{F63FB785-4A3D-49F7-989C-9ACC945F7C61}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{A31F8B33-4491-494D-A213-C5671BC278EB}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [TCP Query User{8CEDA98F-C383-4FE6-9AB5-998C6DACAB02}C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe] => (Allow) C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe
FirewallRules: [uDP Query User{B72A4573-83DE-4DB2-A959-08CFB82BF0FC}C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe] => (Allow) C:\program files (x86)\itt\idl71\products\envi47\help\eclipse\envihelp.exe
FirewallRules: [{C1746897-C7BE-4023-AB34-E2F5E83EC99F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7F39E8B5-2EA0-49C4-ACB4-3DCE8027FE5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3E8BBDD0-D7EB-4DA2-95F0-C46E07632CBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4EAB07C1-2428-4ED2-BE74-541859042316}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0DC11479-66A4-477F-8C2B-38C99032A28A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{D22A8B1E-71C2-43D0-8EA0-18BABF0FC5C6}C:\pci geomatics\geomatica 2014\exe\focus.exe] => (Allow) C:\pci geomatics\geomatica 2014\exe\focus.exe
FirewallRules: [uDP Query User{65105FA8-7045-41CE-BD5F-F1DA002115CC}C:\pci geomatics\geomatica 2014\exe\focus.exe] => (Allow) C:\pci geomatics\geomatica 2014\exe\focus.exe
FirewallRules: [TCP Query User{C1D64423-6E0B-43D8-A633-5AB5109695F7}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe
FirewallRules: [uDP Query User{811CCBCC-199F-43D1-A77A-202EE538BA58}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1180A5FD-670A-4596-BEF6-181256D48248}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{91BEAFE8-F469-4124-86CB-C03D259B4B4E}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe
FirewallRules: [uDP Query User{50F54E90-77AC-49BA-A9ED-0A940E9EB81C}C:\users\jason\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jason\appdata\local\akamai\netsession_win.exe
FirewallRules: [{146A0016-AE9A-4634-A760-76DEEAA73188}] => (Allow) LPort=49171
FirewallRules: [{E9277371-1608-4E59-BB37-CC9BADDC3CAB}] => (Allow) LPort=5000
FirewallRules: [{071038B3-64A5-49E4-B2FF-909AC5899416}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{499E5D39-FED1-40BD-8FCB-6EF202A8D509}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{6026C19A-E37B-420E-8389-B5FBA3598F33}C:\program files (x86)\magic 2015\dotp_d15.exe] => (Allow) C:\program files (x86)\magic 2015\dotp_d15.exe
FirewallRules: [uDP Query User{DEB5E904-D4C9-4DC9-82A7-3AB27A5722C9}C:\program files (x86)\magic 2015\dotp_d15.exe] => (Allow) C:\program files (x86)\magic 2015\dotp_d15.exe
FirewallRules: [{3A69A90A-6312-4B87-BA12-6931502DAABC}] => (Allow) C:\Users\Jason\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{BB94DF59-E14E-4E33-9FC2-ECE8AE7178A9}] => (Allow) C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Sentinel64
Description: Sentinel64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Sentinel64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10265
 
Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10265
 
Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9251
 
Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9251
 
Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8253
 
Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8253
 
Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/15/2015 04:55:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7254
 
 
System errors:
=============
Error: (08/15/2015 01:57:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
 
Error: (08/14/2015 11:37:08 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{603208F3-FE17-4619-9D83-943B516F4C88}.
The backup browser is stopping.
 
Error: (08/14/2015 10:29:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (08/14/2015 10:29:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (08/14/2015 10:22:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Data Vault Wizard service failed to start due to the following error: 
%%2
 
Error: (08/14/2015 10:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (08/14/2015 10:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Data Vault Wizard service failed to start due to the following error: 
%%2
 
Error: (08/14/2015 10:20:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (08/14/2015 10:20:43 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
 
Feature: %%886
 
Error Code: 0x80070005
 
Error description: Access is denied. 
 
Reason: %%892
 
Error: (08/14/2015 10:20:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
 
Microsoft Office:
=========================
Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10265
 
Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10265
 
Error: (08/15/2015 04:55:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9251
 
Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9251
 
Error: (08/15/2015 04:55:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8253
 
Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8253
 
Error: (08/15/2015 04:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/15/2015 04:55:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7254
 
 
CodeIntegrity:
===================================
  Date: 2015-08-09 20:03:59.068
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:59.061
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:59.055
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:58.450
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:58.433
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:58.416
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:57.958
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:57.951
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:57.945
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-09 20:03:57.303
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8086.17 MB
Available physical RAM: 4895.14 MB
Total Virtual: 16170.54 MB
Available Virtual: 12443.32 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:679 GB) (Free:229.97 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=679 GB) - (Type=07 NTFS)
 
==================== End of log ============================
Link to post
Share on other sites

so i updated to windows ten and tried reinstalling some of the programs i lost and i keep getting an error for msvcp100.dll missing, when i try to install the visual c++ 2010 redistributable i get an error saying i cannot install it until a newer version is removed. i removed all version of visual c++ and im still getting this error any ideas??  

Link to post
Share on other sites

Please download SystemLook from the following link below and save it to your Desktop. Use the correct version 32bit or 64bit.

http://jpshortstuff.247fixes.com/SystemLook_x64.exe     <<-   64 bit….

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe   <<-  32 bit

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :filefindmsvcp100.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.



Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.