Windows 7 - tons of popups google chrome.

[jjacobs]

Hello, Getting tons of popups while using google chrome. looking for a bit of help. malware scan not finding issue.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe
(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_286_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [uMonit] => C:\windows\SysWOW64\UMonit.exe [40960 2010-01-21] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [instaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Run: [EPSON NX330 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2012-03-07] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Run: [Google Update] => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-3958090444-189681475-763219053-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2010-10-09]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2010-10-09]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BB605AB8-9FAD-4E4A-8C47-8BA5C92C8714}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3958090444-189681475-763219053-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3958090444-189681475-763219053-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2009-11-13] (Dassault Systèmes)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @nsroblox.roblox.com/launcher -> C:\Users\jerry jacobs\AppData\Local\Roblox\Versions\version-4f0396924dd349d9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\jerry jacobs\AppData\Local\Roblox\Versions\version-4f0396924dd349d9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\jerry jacobs\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [No File]
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jerry jacobs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-16] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.cnn.com/
CHR StartupUrls: Default -> "hxxp://www.cnn.com/"
CHR Profile: C:\Users\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-03]
CHR Extension: (Google Search) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Pinterest Tool) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegmeooiiociboieconicbgmnpolceoe [2012-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [168448 2012-03-07] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [131072 2012-03-07] (SEIKO EPSON CORPORATION) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] ()
R3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-21] (Genesys Logic)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-07 15:42 - 2016-02-07 15:42 - 00000000 ____D C:\FRST
2016-02-07 15:32 - 2016-02-07 15:32 - 00062176 _____ C:\Users\jerry jacobs\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-07 14:53 - 2016-02-07 14:53 - 00041134 _____ C:\Users\jerry jacobs\Desktop\malabam.txt
2016-02-06 10:47 - 2016-02-06 10:47 - 00003038 _____ C:\windows\System32\Tasks\{E1A9768A-4956-43F8-94BF-192392345FF4}
2016-02-06 10:42 - 2016-02-06 10:42 - 00003038 _____ C:\windows\System32\Tasks\{FCF7272A-44DA-4792-92CC-8ED356E19DD3}
2016-02-06 10:42 - 2016-02-06 10:42 - 00003038 _____ C:\windows\System32\Tasks\{950F7CDC-A2B3-42D3-8840-EE48F6E3E740}
2016-01-19 17:18 - 2016-01-19 17:18 - 04499648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-12 12:41 - 2015-12-23 17:13 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-12 12:41 - 2015-12-23 16:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-01-12 12:41 - 2015-12-12 12:54 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-12 12:41 - 2015-12-12 12:31 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-12 12:41 - 2015-12-12 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-12 12:41 - 2015-12-12 12:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-12 12:41 - 2015-12-12 12:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-12 12:41 - 2015-12-12 12:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-12 12:41 - 2015-12-12 12:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-12 12:41 - 2015-12-12 12:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-12 12:41 - 2015-12-12 12:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-12 12:41 - 2015-12-12 12:07 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-12 12:41 - 2015-12-12 12:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-12 12:41 - 2015-12-12 12:07 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-12 12:41 - 2015-12-12 12:03 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 20367360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-12 12:41 - 2015-12-12 12:02 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-12 12:41 - 2015-12-12 11:55 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-12 12:41 - 2015-12-12 11:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-12 12:41 - 2015-12-12 11:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-01-12 12:41 - 2015-12-12 11:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-12 12:41 - 2015-12-12 11:40 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-12 12:41 - 2015-12-12 11:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-01-12 12:41 - 2015-12-12 11:36 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-01-12 12:41 - 2015-12-12 11:36 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-01-12 12:41 - 2015-12-12 11:35 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-12 12:41 - 2015-12-12 11:33 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-01-12 12:41 - 2015-12-12 11:31 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-01-12 12:41 - 2015-12-12 11:30 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-01-12 12:41 - 2015-12-12 11:28 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-01-12 12:41 - 2015-12-12 11:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-01-12 12:41 - 2015-12-12 11:27 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-01-12 12:41 - 2015-12-12 11:27 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-01-12 12:41 - 2015-12-12 11:25 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-12 12:41 - 2015-12-12 11:23 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-12 12:41 - 2015-12-12 11:22 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-12 12:41 - 2015-12-12 11:21 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-12 12:41 - 2015-12-12 11:20 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-12 12:41 - 2015-12-12 11:19 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-01-12 12:41 - 2015-12-12 11:18 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-12 12:41 - 2015-12-12 11:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-12 12:41 - 2015-12-12 11:12 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-01-12 12:41 - 2015-12-12 11:10 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-01-12 12:41 - 2015-12-12 11:10 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-01-12 12:41 - 2015-12-12 11:09 - 04610560 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-01-12 12:41 - 2015-12-12 11:08 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-01-12 12:41 - 2015-12-12 11:06 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-12 12:41 - 2015-12-12 11:02 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-01-12 12:41 - 2015-12-12 11:00 - 12856320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-01-12 12:41 - 2015-12-12 11:00 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-01-12 12:41 - 2015-12-12 11:00 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-01-12 12:41 - 2015-12-12 11:00 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-01-12 12:41 - 2015-12-12 10:54 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-12 12:41 - 2015-12-12 10:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-12 12:41 - 2015-12-12 10:41 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-01-12 12:41 - 2015-12-12 10:38 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-01-12 12:41 - 2015-12-12 10:36 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-01-12 12:41 - 2015-12-11 12:57 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-12 12:41 - 2015-12-08 15:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-01-12 12:41 - 2015-12-08 15:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-01-12 12:41 - 2015-12-08 15:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-01-12 12:41 - 2015-12-08 15:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-01-12 12:41 - 2015-12-08 15:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-01-12 12:41 - 2015-12-08 15:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-01-12 12:41 - 2015-12-08 15:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-12 12:41 - 2015-12-08 13:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-12 12:41 - 2015-12-08 13:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-12 12:41 - 2015-12-08 13:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-12 12:41 - 2015-12-08 13:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-12 12:41 - 2015-12-08 12:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-12 12:41 - 2015-12-08 12:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-12 12:41 - 2015-12-08 12:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-12 12:41 - 2015-12-08 11:58 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-12 12:41 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-12 12:41 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-12 12:41 - 2015-11-13 17:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-01-12 12:41 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-01-12 12:41 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-01-12 12:41 - 2015-11-13 16:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-01-12 12:40 - 2015-12-08 15:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-01-12 12:40 - 2015-12-08 15:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-01-12 12:40 - 2015-12-08 13:07 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-12 12:40 - 2015-12-08 13:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-12 12:40 - 2015-11-16 19:11 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-12 12:40 - 2015-11-16 19:08 - 01381376 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00705536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-12 12:40 - 2015-11-16 14:17 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-12 12:39 - 2015-12-30 13:08 - 05572544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-12 12:39 - 2015-12-30 13:08 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-12 12:39 - 2015-12-30 13:08 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-12 12:39 - 2015-12-30 13:05 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-12 12:39 - 2015-12-30 13:00 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-01-12 12:39 - 2015-12-30 12:59 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-12 12:39 - 2015-12-30 12:59 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-12 12:39 - 2015-12-30 12:59 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-12 12:39 - 2015-12-30 12:58 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-12 12:39 - 2015-12-30 12:58 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-12 12:39 - 2015-12-30 12:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-01-12 12:39 - 2015-12-30 12:57 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-12 12:39 - 2015-12-30 12:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-01-12 12:39 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-12 12:39 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-12 12:39 - 2015-12-30 12:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:47 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-01-12 12:39 - 2015-12-30 12:47 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-01-12 12:39 - 2015-12-30 12:44 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-01-12 12:39 - 2015-12-30 12:40 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-01-12 12:39 - 2015-12-30 12:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-01-12 12:39 - 2015-12-30 12:38 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-01-12 12:39 - 2015-12-30 12:38 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:57 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-12 12:39 - 2015-12-30 11:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-01-12 12:39 - 2015-12-30 11:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-12 12:39 - 2015-12-30 11:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-01-12 12:39 - 2015-12-30 11:43 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-12 12:39 - 2015-12-30 11:42 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-12 12:39 - 2015-12-30 11:42 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-12 12:39 - 2015-12-30 11:41 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-12 12:39 - 2015-12-30 11:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-12 12:39 - 2015-12-30 11:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-01-12 12:39 - 2015-12-30 11:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-01-12 12:39 - 2015-12-30 11:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-01-12 12:39 - 2015-12-30 11:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-01-12 12:39 - 2015-12-30 11:30 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-07 15:18 - 2012-05-27 11:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-07 15:18 - 2011-01-01 16:20 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-07 15:04 - 2015-12-20 14:11 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-07 15:04 - 2009-07-13 22:45 - 00017952 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-07 15:04 - 2009-07-13 22:45 - 00017952 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-07 15:01 - 2009-07-13 23:13 - 00783464 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-07 15:01 - 2009-07-13 21:20 - 00000000 ____D C:\windows\inf
2016-02-07 15:00 - 2011-01-01 16:20 - 00000000 ____D C:\Users\jerry jacobs\AppData\Local\Google
2016-02-07 15:00 - 2011-01-01 16:20 - 00000000 ____D C:\ProgramData\Google
2016-02-07 15:00 - 2011-01-01 16:20 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-07 14:58 - 2012-11-03 23:12 - 00029696 ___SH C:\Users\jerry jacobs\Desktop\Thumbs.db
2016-02-07 14:56 - 2009-07-13 23:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-07 14:14 - 2009-07-13 23:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-07 14:13 - 2012-12-02 14:13 - 00000000 ____D C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMill Entertainment
2016-02-07 14:13 - 2012-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMill Entertainment
2016-02-07 14:13 - 2012-12-02 14:13 - 00000000 ____D C:\Program Files (x86)\GameMill Entertainment
2016-02-06 10:35 - 2014-11-13 21:10 - 00001362 _____ C:\Users\jerry jacobs\Desktop\ROBLOX Player.lnk
2016-02-06 10:35 - 2014-11-13 21:09 - 00001181 _____ C:\Users\jerry jacobs\Desktop\ROBLOX Studio.lnk
2016-02-06 10:35 - 2014-11-13 21:09 - 00000000 ____D C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-02-06 10:34 - 2011-10-10 11:41 - 00000884 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core.job
2016-02-04 20:00 - 2011-10-10 11:42 - 00002431 _____ C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 20:00 - 2011-10-10 11:42 - 00002406 _____ C:\Users\jerry jacobs\Desktop\Google Chrome.lnk
2016-02-02 09:13 - 2011-10-10 11:41 - 00003920 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA
2016-02-02 09:13 - 2011-10-10 11:41 - 00003524 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core
2016-02-02 09:13 - 2011-10-10 11:41 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA.job
2016-02-02 09:13 - 2011-01-01 16:20 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 09:13 - 2011-01-01 16:20 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 09:13 - 2011-01-01 16:20 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-01 21:25 - 2015-12-20 13:10 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-21 07:32 - 2012-11-21 11:52 - 00000000 ____D C:\Users\jerry jacobs\AppData\Roaming\.minecraft
2016-01-19 17:18 - 2012-05-27 11:08 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 17:18 - 2012-05-27 11:08 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 17:18 - 2011-10-10 11:23 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-13 07:38 - 2009-07-13 21:20 - 00000000 ____D C:\windows\rescache
2016-01-13 03:31 - 2012-05-15 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 03:31 - 2012-05-15 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 03:28 - 2015-04-16 02:28 - 00000000 ____D C:\windows\system32\appraiser
2016-01-13 03:28 - 2014-05-18 02:20 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-13 03:12 - 2012-05-15 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 03:11 - 2013-08-15 02:01 - 00000000 ____D C:\windows\system32\MRT
2016-01-13 03:05 - 2010-12-27 12:17 - 143671360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-01-12 16:12 - 2009-07-13 23:09 - 00000000 ____D C:\windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2013-10-08 08:07 - 2013-10-08 08:07 - 50053120 _____ () C:\Program Files (x86)\GUT5794.tmp
2015-11-20 15:55 - 2015-12-15 07:46 - 0000163 _____ () C:\Users\jerry jacobs\AppData\Roaming\WB.CFG
2011-10-09 14:57 - 2013-03-15 15:42 - 0007602 _____ () C:\Users\jerry jacobs\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-29 00:23

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by jerry jacobs (2016-02-07 15:43:10)
Running from C:\Users\jerry jacobs\Music\1NEW FOLDER
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-25 23:23:13)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3958090444-189681475-763219053-500 - Administrator - Disabled)
Guest (S-1-5-21-3958090444-189681475-763219053-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3958090444-189681475-763219053-1003 - Limited - Enabled)
jerry jacobs (S-1-5-21-3958090444-189681475-763219053-1001 - Administrator - Enabled) => C:\Users\jerry jacobs

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DVIA player 5.0 (HKLM-x32\...\{4E868D3D-6EEB-4273-926C-2287236B5B79}) (Version: 5.0.0.12 - 3DVIA)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Ancient Spirits - Columbus' Legacy (HKLM-x32\...\{138770B2-E0D6-411D-BC0C-C5BC83156336}_is1) (Version:  - cerasus.media GmbH)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Best Buy pc app (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\48e4cff94f039634) (Version: 3.1.2.0 - Best Buy)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Clone Wars (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\SOE-Clone Wars) (Version:  - Sony Online Entertainment)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version:  - SEIKO EPSON Corporation)
FanSpeedControl (HKLM-x32\...\InstallShield_{0EC766C7-F444-42BF-A05F-4A790F5360EB}) (Version: 1.00.00.13 - Lenovo)
FanSpeedControl (x32 Version: 1.00.00.13 - Lenovo) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Genesys USB Mass Storage Device (HKLM-x32\...\{76138D6B-BEDC-46ED-8BB3-E7B95DCB1397}) (Version: 1.0.0.0 - Genesys Logic)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.0.4.9 - Genesys Logic)
Google Chrome (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hidden Mysteries Salem Secrets (HKLM-x32\...\Hidden Mysteries Salem Secrets) (Version: 1.0 - GameMill Entertainment)
Hide and Secret (HKLM-x32\...\Hide and Secret) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Legends of Silence (HKLM-x32\...\{2D6F5E76-2F9E-4F31-955D-B3EE085570BA}) (Version: 1.0.0 - On Hand Software)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1311 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lucky Red (HKLM-x32\...\{58b0e839-3024-4566-b945-b6cff8a54762}) (Version: 14.12.0-RTG - RealTimeGaming Software)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0423 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
Pixelmon Launcher (HKLM-x32\...\Pixelmon Launcher 1.1.55) (Version: 1.1.55 - Ikara Software Limited)
Pixelmon Launcher (x32 Version: 1.1.55 - Ikara Software Limited) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
ROBLOX Player for jerry jacobs (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for jerry jacobs (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 0.9.2 (HKLM-x32\...\VLC media player) (Version: 0.9.2 - VideoLAN Team)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3958090444-189681475-763219053-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3958090444-189681475-763219053-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\jerry jacobs\AppData\Local\Roblox\Versions\version-4f0396924dd349d9\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3958090444-189681475-763219053-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {022A6D8E-8304-4581-83A5-629C3346A04A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0FE6207F-2180-40BD-A110-B8758459FD54} - \Cassiopesa deli -> No File <==== ATTENTION
Task: {19A9C351-CBD4-4C7F-B8CA-7101C2EBA59C} - System32\Tasks\{A60ECCB1-1D75-4D21-9912-BC8B4D1F6279} => C:\Program Files (x86)\Lucky Red\casino.exe [2015-12-20] (Realtime Gaming, Inc)
Task: {1EC4D9DF-4568-4C37-B21F-80179EF9025F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {1F570945-5F89-4026-9C3F-5E74957EB8DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2D98E0C7-7A31-4E90-A45B-AFC38A852D21} - System32\Tasks\{E1A9768A-4956-43F8-94BF-192392345FF4} => Chrome.exe
Task: {5E5D41B2-6E3B-4742-8D54-FB52D3E81499} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {65FBD243-7141-4799-9D06-50A26D124C8B} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {7E3C2818-08D4-42B9-B8BB-2E376E3FA3FA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {866D07CA-8D43-4D29-8D26-B67F60940D8C} - System32\Tasks\{56E76F5C-E007-4F6D-AA7C-13397091707C} => C:\Program Files (x86)\Lucky Red\casino.exe [2015-12-20] (Realtime Gaming, Inc)
Task: {8C62369B-67C5-4B9C-945B-8047C5ADCE35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B3CFC235-8C76-481D-9E15-B756D4FB16D5} - System32\Tasks\{FCF7272A-44DA-4792-92CC-8ED356E19DD3} => Chrome.exe
Task: {C094D3ED-7765-45EF-8E40-D39FC72E8B56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CEDC86B8-3B85-45CB-8FDA-1F7DC86E31EE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DEBA1DDB-8521-4AD5-A191-1B318520EBA7} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {FEA3B29C-2513-4707-B8BA-521913A86262} - System32\Tasks\{5BD2B1BD-4302-43CF-AE54-5D896C5F8068} => C:\Program Files (x86)\Lucky Red\casino.exe [2015-12-20] (Realtime Gaming, Inc)
Task: {FFFBC4D7-A835-4269-B822-F9A083A706B8} - System32\Tasks\{950F7CDC-A2B3-42D3-8840-EE48F6E3E740} => Chrome.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core.job => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA.job => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jerry jacobs\Desktop\Members Area - Archives.lnk -> C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://www.archives.com/member/

==================== Loaded Modules (Whitelisted) ==============

2015-12-20 13:10 - 2012-03-27 21:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-10-09 07:15 - 2010-01-21 00:40 - 00040960 _____ () C:\Windows\SysWOW64\UMonit.exe
2012-12-31 17:53 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-09 07:15 - 2009-10-26 01:52 - 00139264 _____ () C:\Windows\SysWOW64\ustor.dll
2010-10-09 07:15 - 2009-07-16 10:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-10-09 07:15 - 2007-12-31 11:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2012-12-31 17:53 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2012-12-31 17:53 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2016-02-04 20:00 - 2016-02-03 01:27 - 01632584 _____ () C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-04 20:00 - 2016-02-03 01:27 - 00087880 _____ () C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\48.0.2564.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:177313FB
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:3BCA993F
AlternateDataStreams: C:\ProgramData\Temp:96CAC3EB
AlternateDataStreams: C:\ProgramData\Temp:A384652A
AlternateDataStreams: C:\ProgramData\Temp:B845F669

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\sony.com -> sony.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3958090444-189681475-763219053-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DD921F71-3853-4B61-83A2-7F5C010583A4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{B2C3300F-539C-4787-8DC9-B926FADA6611}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6CD286C9-E1B2-4B6B-93D1-6841426647B0}] => (Allow) svchost.exe
FirewallRules: [{84A1B009-2E11-4BA1-91DC-768419C77010}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{FF638504-4AC6-4C70-B8EB-C56E37770CC1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{2AA2379B-86F5-479D-9D9E-D83331199EF4}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{19F92EEF-080D-466E-A4C7-745F7F46FE79}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{0A3321F4-F84B-4F20-8C85-09419C1D8B1F}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{B07BBCB3-2887-4905-9224-C948A1C31B63}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{DB2036E1-EB70-47D1-AE60-C46E333FBD3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{340DC746-32FE-46BA-801B-67064BA7D800}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C11EFB5-460B-4535-ACA1-191DDA51F19C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2EA66421-1255-4DBD-84F3-ECF7957AF393}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{772E1DBF-7A2D-488B-BD84-43B411920FF1}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{2F667E62-6A8D-4354-9F51-E4F2F54A4BB4}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [uDP Query User{6F62953C-4187-4BB7-AB4D-F80FC9EC6AFF}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe

==================== Restore Points =========================

19-01-2016 19:46:34 Windows Update
23-01-2016 00:55:46 Windows Update
26-01-2016 19:40:41 Windows Update
29-01-2016 22:43:56 Windows Update
02-02-2016 23:08:14 Windows Update
06-02-2016 17:22:47 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/07/2016 02:27:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3644) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS003D7.log.

System errors:
=============
Error: (02/07/2016 02:27:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/07/2016 02:27:57 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (02/06/2016 05:09:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (02/06/2016 02:36:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (02/06/2016 10:33:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (02/03/2016 03:58:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (01/30/2016 03:49:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (01/30/2016 07:33:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/29/2016 10:03:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/28/2016 08:37:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 51%
Total physical RAM: 4061.18 MB
Available physical RAM: 1986.4 MB
Total Virtual: 8120.56 MB
Available Virtual: 5841.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:571 GB) (Free:500.96 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 01C9DF25)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=571 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== End of Addition.txt ============================

 

 

 

[TwinHeadedEagle]

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

• We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
• Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
• Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
• Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
• Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
• Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
• I volunteer to help you, so please, do not ask for help for your company/business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 

---

Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on icon and select Run as Administrator to start the tool.

  (XP users click run after receipt of Windows Security Warning - Open File).

• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please upload them into your next reply.

[jjacobs]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by jerry jacobs (administrator) on JACOBS-COMPUTER (07-02-2016 15:42:19)
Running from C:\Users\jerry jacobs\Music\1NEW FOLDER
Loaded Profiles: jerry jacobs (Available Profiles: jerry jacobs)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe
(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_286_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [uMonit] => C:\windows\SysWOW64\UMonit.exe [40960 2010-01-21] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [updatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [instaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Run: [EPSON NX330 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2012-03-07] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Run: [Google Update] => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-3958090444-189681475-763219053-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2010-10-09]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2010-10-09]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BB605AB8-9FAD-4E4A-8C47-8BA5C92C8714}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3958090444-189681475-763219053-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3958090444-189681475-763219053-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2009-11-13] (Dassault Systèmes)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @nsroblox.roblox.com/launcher -> C:\Users\jerry jacobs\AppData\Local\Roblox\Versions\version-4f0396924dd349d9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\jerry jacobs\AppData\Local\Roblox\Versions\version-4f0396924dd349d9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\jerry jacobs\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [No File]
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3958090444-189681475-763219053-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jerry jacobs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-16] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.cnn.com/
CHR StartupUrls: Default -> "hxxp://www.cnn.com/"
CHR Profile: C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-03]
CHR Extension: (Google Search) - C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Pinterest Tool) - C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegmeooiiociboieconicbgmnpolceoe [2012-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\jerry jacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [168448 2012-03-07] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [131072 2012-03-07] (SEIKO EPSON CORPORATION) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] ()
R3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-21] (Genesys Logic)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-07 15:42 - 2016-02-07 15:42 - 00000000 ____D C:\FRST
2016-02-07 15:32 - 2016-02-07 15:32 - 00062176 _____ C:\Users\jerry jacobs\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-07 14:53 - 2016-02-07 14:53 - 00041134 _____ C:\Users\jerry jacobs\Desktop\malabam.txt
2016-02-06 10:47 - 2016-02-06 10:47 - 00003038 _____ C:\windows\System32\Tasks\{E1A9768A-4956-43F8-94BF-192392345FF4}
2016-02-06 10:42 - 2016-02-06 10:42 - 00003038 _____ C:\windows\System32\Tasks\{FCF7272A-44DA-4792-92CC-8ED356E19DD3}
2016-02-06 10:42 - 2016-02-06 10:42 - 00003038 _____ C:\windows\System32\Tasks\{950F7CDC-A2B3-42D3-8840-EE48F6E3E740}
2016-01-19 17:18 - 2016-01-19 17:18 - 04499648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-12 12:41 - 2015-12-23 17:13 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-12 12:41 - 2015-12-23 16:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-01-12 12:41 - 2015-12-12 12:54 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-12 12:41 - 2015-12-12 12:31 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-12 12:41 - 2015-12-12 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-12 12:41 - 2015-12-12 12:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-12 12:41 - 2015-12-12 12:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-12 12:41 - 2015-12-12 12:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-12 12:41 - 2015-12-12 12:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-12 12:41 - 2015-12-12 12:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-12 12:41 - 2015-12-12 12:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-12 12:41 - 2015-12-12 12:07 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-12 12:41 - 2015-12-12 12:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-12 12:41 - 2015-12-12 12:07 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-12 12:41 - 2015-12-12 12:03 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 20367360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-12 12:41 - 2015-12-12 12:02 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-12 12:41 - 2015-12-12 12:02 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-12 12:41 - 2015-12-12 11:55 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-12 12:41 - 2015-12-12 11:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-12 12:41 - 2015-12-12 11:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-01-12 12:41 - 2015-12-12 11:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-12 12:41 - 2015-12-12 11:40 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-12 12:41 - 2015-12-12 11:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-01-12 12:41 - 2015-12-12 11:37 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-01-12 12:41 - 2015-12-12 11:36 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-01-12 12:41 - 2015-12-12 11:36 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-01-12 12:41 - 2015-12-12 11:35 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-12 12:41 - 2015-12-12 11:33 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-01-12 12:41 - 2015-12-12 11:31 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-01-12 12:41 - 2015-12-12 11:30 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-01-12 12:41 - 2015-12-12 11:28 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-01-12 12:41 - 2015-12-12 11:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-01-12 12:41 - 2015-12-12 11:27 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-01-12 12:41 - 2015-12-12 11:27 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-01-12 12:41 - 2015-12-12 11:25 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-12 12:41 - 2015-12-12 11:23 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-12 12:41 - 2015-12-12 11:22 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-12 12:41 - 2015-12-12 11:21 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-12 12:41 - 2015-12-12 11:20 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-12 12:41 - 2015-12-12 11:19 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-01-12 12:41 - 2015-12-12 11:18 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-12 12:41 - 2015-12-12 11:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-12 12:41 - 2015-12-12 11:12 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-01-12 12:41 - 2015-12-12 11:10 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-01-12 12:41 - 2015-12-12 11:10 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-01-12 12:41 - 2015-12-12 11:09 - 04610560 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-01-12 12:41 - 2015-12-12 11:08 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-01-12 12:41 - 2015-12-12 11:06 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-12 12:41 - 2015-12-12 11:02 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-01-12 12:41 - 2015-12-12 11:00 - 12856320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-01-12 12:41 - 2015-12-12 11:00 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-01-12 12:41 - 2015-12-12 11:00 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-01-12 12:41 - 2015-12-12 11:00 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-01-12 12:41 - 2015-12-12 10:54 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-12 12:41 - 2015-12-12 10:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-12 12:41 - 2015-12-12 10:41 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-01-12 12:41 - 2015-12-12 10:38 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-01-12 12:41 - 2015-12-12 10:36 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-01-12 12:41 - 2015-12-11 12:57 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-12 12:41 - 2015-12-08 15:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-01-12 12:41 - 2015-12-08 15:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-01-12 12:41 - 2015-12-08 15:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-01-12 12:41 - 2015-12-08 15:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-01-12 12:41 - 2015-12-08 15:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-01-12 12:41 - 2015-12-08 15:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-01-12 12:41 - 2015-12-08 15:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-01-12 12:41 - 2015-12-08 15:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-01-12 12:41 - 2015-12-08 15:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-01-12 12:41 - 2015-12-08 15:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-12 12:41 - 2015-12-08 13:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-12 12:41 - 2015-12-08 13:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-12 12:41 - 2015-12-08 13:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-12 12:41 - 2015-12-08 13:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-12 12:41 - 2015-12-08 13:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-12 12:41 - 2015-12-08 13:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-12 12:41 - 2015-12-08 12:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-12 12:41 - 2015-12-08 12:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-12 12:41 - 2015-12-08 12:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-12 12:41 - 2015-12-08 11:58 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-12 12:41 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-12 12:41 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-12 12:41 - 2015-11-13 17:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-01-12 12:41 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-01-12 12:41 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-01-12 12:41 - 2015-11-13 16:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-01-12 12:40 - 2015-12-08 15:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-01-12 12:40 - 2015-12-08 15:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-01-12 12:40 - 2015-12-08 13:07 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-12 12:40 - 2015-12-08 13:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-12 12:40 - 2015-11-16 19:11 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-12 12:40 - 2015-11-16 19:08 - 01381376 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00705536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-12 12:40 - 2015-11-16 19:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-12 12:40 - 2015-11-16 14:17 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-12 12:39 - 2015-12-30 13:08 - 05572544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-12 12:39 - 2015-12-30 13:08 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-12 12:39 - 2015-12-30 13:08 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-12 12:39 - 2015-12-30 13:05 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-12 12:39 - 2015-12-30 13:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-12 12:39 - 2015-12-30 13:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-12 12:39 - 2015-12-30 13:00 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-01-12 12:39 - 2015-12-30 12:59 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-12 12:39 - 2015-12-30 12:59 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-12 12:39 - 2015-12-30 12:59 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-12 12:39 - 2015-12-30 12:58 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-12 12:39 - 2015-12-30 12:58 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-12 12:39 - 2015-12-30 12:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-01-12 12:39 - 2015-12-30 12:57 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-12 12:39 - 2015-12-30 12:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-01-12 12:39 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-12 12:39 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-12 12:39 - 2015-12-30 12:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:47 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-01-12 12:39 - 2015-12-30 12:47 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-01-12 12:39 - 2015-12-30 12:44 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-01-12 12:39 - 2015-12-30 12:41 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-01-12 12:39 - 2015-12-30 12:40 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-01-12 12:39 - 2015-12-30 12:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-01-12 12:39 - 2015-12-30 12:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-01-12 12:39 - 2015-12-30 12:38 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-01-12 12:39 - 2015-12-30 12:38 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:57 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-12 12:39 - 2015-12-30 11:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-01-12 12:39 - 2015-12-30 11:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-12 12:39 - 2015-12-30 11:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-01-12 12:39 - 2015-12-30 11:43 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-12 12:39 - 2015-12-30 11:42 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-12 12:39 - 2015-12-30 11:42 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-12 12:39 - 2015-12-30 11:41 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-12 12:39 - 2015-12-30 11:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-12 12:39 - 2015-12-30 11:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-01-12 12:39 - 2015-12-30 11:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-01-12 12:39 - 2015-12-30 11:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-01-12 12:39 - 2015-12-30 11:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-01-12 12:39 - 2015-12-30 11:30 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 12:39 - 2015-12-30 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-07 15:18 - 2012-05-27 11:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-07 15:18 - 2011-01-01 16:20 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-07 15:04 - 2015-12-20 14:11 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-07 15:04 - 2009-07-13 22:45 - 00017952 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-07 15:04 - 2009-07-13 22:45 - 00017952 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-07 15:01 - 2009-07-13 23:13 - 00783464 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-07 15:01 - 2009-07-13 21:20 - 00000000 ____D C:\windows\inf
2016-02-07 15:00 - 2011-01-01 16:20 - 00000000 ____D C:\Users\jerry jacobs\AppData\Local\Google
2016-02-07 15:00 - 2011-01-01 16:20 - 00000000 ____D C:\ProgramData\Google
2016-02-07 15:00 - 2011-01-01 16:20 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-07 14:58 - 2012-11-03 23:12 - 00029696 ___SH C:\Users\jerry jacobs\Desktop\Thumbs.db
2016-02-07 14:56 - 2009-07-13 23:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-07 14:14 - 2009-07-13 23:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-07 14:13 - 2012-12-02 14:13 - 00000000 ____D C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMill Entertainment
2016-02-07 14:13 - 2012-12-02 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMill Entertainment
2016-02-07 14:13 - 2012-12-02 14:13 - 00000000 ____D C:\Program Files (x86)\GameMill Entertainment
2016-02-06 10:35 - 2014-11-13 21:10 - 00001362 _____ C:\Users\jerry jacobs\Desktop\ROBLOX Player.lnk
2016-02-06 10:35 - 2014-11-13 21:09 - 00001181 _____ C:\Users\jerry jacobs\Desktop\ROBLOX Studio.lnk
2016-02-06 10:35 - 2014-11-13 21:09 - 00000000 ____D C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-02-06 10:34 - 2011-10-10 11:41 - 00000884 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core.job
2016-02-04 20:00 - 2011-10-10 11:42 - 00002431 _____ C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 20:00 - 2011-10-10 11:42 - 00002406 _____ C:\Users\jerry jacobs\Desktop\Google Chrome.lnk
2016-02-02 09:13 - 2011-10-10 11:41 - 00003920 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA
2016-02-02 09:13 - 2011-10-10 11:41 - 00003524 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core
2016-02-02 09:13 - 2011-10-10 11:41 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA.job
2016-02-02 09:13 - 2011-01-01 16:20 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 09:13 - 2011-01-01 16:20 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 09:13 - 2011-01-01 16:20 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-01 21:25 - 2015-12-20 13:10 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-21 07:32 - 2012-11-21 11:52 - 00000000 ____D C:\Users\jerry jacobs\AppData\Roaming\.minecraft
2016-01-19 17:18 - 2012-05-27 11:08 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 17:18 - 2012-05-27 11:08 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 17:18 - 2011-10-10 11:23 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-13 07:38 - 2009-07-13 21:20 - 00000000 ____D C:\windows\rescache
2016-01-13 03:31 - 2012-05-15 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 03:31 - 2012-05-15 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 03:28 - 2015-04-16 02:28 - 00000000 ____D C:\windows\system32\appraiser
2016-01-13 03:28 - 2014-05-18 02:20 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-13 03:12 - 2012-05-15 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 03:11 - 2013-08-15 02:01 - 00000000 ____D C:\windows\system32\MRT
2016-01-13 03:05 - 2010-12-27 12:17 - 143671360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-01-12 16:12 - 2009-07-13 23:09 - 00000000 ____D C:\windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2013-10-08 08:07 - 2013-10-08 08:07 - 50053120 _____ () C:\Program Files (x86)\GUT5794.tmp
2015-11-20 15:55 - 2015-12-15 07:46 - 0000163 _____ () C:\Users\jerry jacobs\AppData\Roaming\WB.CFG
2011-10-09 14:57 - 2013-03-15 15:42 - 0007602 _____ () C:\Users\jerry jacobs\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-29 00:23

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by jerry jacobs (2016-02-07 15:43:10)
Running from C:\Users\jerry jacobs\Music\1NEW FOLDER
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-25 23:23:13)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3958090444-189681475-763219053-500 - Administrator - Disabled)
Guest (S-1-5-21-3958090444-189681475-763219053-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3958090444-189681475-763219053-1003 - Limited - Enabled)
jerry jacobs (S-1-5-21-3958090444-189681475-763219053-1001 - Administrator - Enabled) => C:\Users\jerry jacobs

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DVIA player 5.0 (HKLM-x32\...\{4E868D3D-6EEB-4273-926C-2287236B5B79}) (Version: 5.0.0.12 - 3DVIA)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Ancient Spirits - Columbus' Legacy (HKLM-x32\...\{138770B2-E0D6-411D-BC0C-C5BC83156336}_is1) (Version:  - cerasus.media GmbH)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Best Buy pc app (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\48e4cff94f039634) (Version: 3.1.2.0 - Best Buy)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Clone Wars (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\SOE-Clone Wars) (Version:  - Sony Online Entertainment)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version:  - SEIKO EPSON Corporation)
FanSpeedControl (HKLM-x32\...\InstallShield_{0EC766C7-F444-42BF-A05F-4A790F5360EB}) (Version: 1.00.00.13 - Lenovo)
FanSpeedControl (x32 Version: 1.00.00.13 - Lenovo) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Genesys USB Mass Storage Device (HKLM-x32\...\{76138D6B-BEDC-46ED-8BB3-E7B95DCB1397}) (Version: 1.0.0.0 - Genesys Logic)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.0.4.9 - Genesys Logic)
Google Chrome (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hidden Mysteries Salem Secrets (HKLM-x32\...\Hidden Mysteries Salem Secrets) (Version: 1.0 - GameMill Entertainment)
Hide and Secret (HKLM-x32\...\Hide and Secret) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Legends of Silence (HKLM-x32\...\{2D6F5E76-2F9E-4F31-955D-B3EE085570BA}) (Version: 1.0.0 - On Hand Software)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1311 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lucky Red (HKLM-x32\...\{58b0e839-3024-4566-b945-b6cff8a54762}) (Version: 14.12.0-RTG - RealTimeGaming Software)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0423 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
Pixelmon Launcher (HKLM-x32\...\Pixelmon Launcher 1.1.55) (Version: 1.1.55 - Ikara Software Limited)
Pixelmon Launcher (x32 Version: 1.1.55 - Ikara Software Limited) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
ROBLOX Player for jerry jacobs (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for jerry jacobs (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 0.9.2 (HKLM-x32\...\VLC media player) (Version: 0.9.2 - VideoLAN Team)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3958090444-189681475-763219053-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3958090444-189681475-763219053-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\jerry jacobs\AppData\Local\Roblox\Versions\version-4f0396924dd349d9\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3958090444-189681475-763219053-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jerry jacobs\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {022A6D8E-8304-4581-83A5-629C3346A04A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0FE6207F-2180-40BD-A110-B8758459FD54} - \Cassiopesa deli -> No File <==== ATTENTION
Task: {19A9C351-CBD4-4C7F-B8CA-7101C2EBA59C} - System32\Tasks\{A60ECCB1-1D75-4D21-9912-BC8B4D1F6279} => C:\Program Files (x86)\Lucky Red\casino.exe [2015-12-20] (Realtime Gaming, Inc)
Task: {1EC4D9DF-4568-4C37-B21F-80179EF9025F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {1F570945-5F89-4026-9C3F-5E74957EB8DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2D98E0C7-7A31-4E90-A45B-AFC38A852D21} - System32\Tasks\{E1A9768A-4956-43F8-94BF-192392345FF4} => Chrome.exe
Task: {5E5D41B2-6E3B-4742-8D54-FB52D3E81499} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {65FBD243-7141-4799-9D06-50A26D124C8B} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {7E3C2818-08D4-42B9-B8BB-2E376E3FA3FA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {866D07CA-8D43-4D29-8D26-B67F60940D8C} - System32\Tasks\{56E76F5C-E007-4F6D-AA7C-13397091707C} => C:\Program Files (x86)\Lucky Red\casino.exe [2015-12-20] (Realtime Gaming, Inc)
Task: {8C62369B-67C5-4B9C-945B-8047C5ADCE35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B3CFC235-8C76-481D-9E15-B756D4FB16D5} - System32\Tasks\{FCF7272A-44DA-4792-92CC-8ED356E19DD3} => Chrome.exe
Task: {C094D3ED-7765-45EF-8E40-D39FC72E8B56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CEDC86B8-3B85-45CB-8FDA-1F7DC86E31EE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DEBA1DDB-8521-4AD5-A191-1B318520EBA7} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {FEA3B29C-2513-4707-B8BA-521913A86262} - System32\Tasks\{5BD2B1BD-4302-43CF-AE54-5D896C5F8068} => C:\Program Files (x86)\Lucky Red\casino.exe [2015-12-20] (Realtime Gaming, Inc)
Task: {FFFBC4D7-A835-4269-B822-F9A083A706B8} - System32\Tasks\{950F7CDC-A2B3-42D3-8840-EE48F6E3E740} => Chrome.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001Core.job => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3958090444-189681475-763219053-1001UA.job => C:\Users\jerry jacobs\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jerry jacobs\Desktop\Members Area - Archives.lnk -> C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://www.archives.com/member/

==================== Loaded Modules (Whitelisted) ==============

2015-12-20 13:10 - 2012-03-27 21:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-10-09 07:15 - 2010-01-21 00:40 - 00040960 _____ () C:\Windows\SysWOW64\UMonit.exe
2012-12-31 17:53 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-09 07:15 - 2009-10-26 01:52 - 00139264 _____ () C:\Windows\SysWOW64\ustor.dll
2010-10-09 07:15 - 2009-07-16 10:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-10-09 07:15 - 2007-12-31 11:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2012-12-31 17:53 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2012-12-31 17:53 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2012-12-31 17:53 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2016-02-04 20:00 - 2016-02-03 01:27 - 01632584 _____ () C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-04 20:00 - 2016-02-03 01:27 - 00087880 _____ () C:\Users\jerry jacobs\AppData\Local\Google\Chrome\Application\48.0.2564.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:177313FB
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:3BCA993F
AlternateDataStreams: C:\ProgramData\Temp:96CAC3EB
AlternateDataStreams: C:\ProgramData\Temp:A384652A
AlternateDataStreams: C:\ProgramData\Temp:B845F669

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3958090444-189681475-763219053-1001\...\sony.com -> sony.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3958090444-189681475-763219053-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jerry jacobs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DD921F71-3853-4B61-83A2-7F5C010583A4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{B2C3300F-539C-4787-8DC9-B926FADA6611}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6CD286C9-E1B2-4B6B-93D1-6841426647B0}] => (Allow) svchost.exe
FirewallRules: [{84A1B009-2E11-4BA1-91DC-768419C77010}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{FF638504-4AC6-4C70-B8EB-C56E37770CC1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{2AA2379B-86F5-479D-9D9E-D83331199EF4}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{19F92EEF-080D-466E-A4C7-745F7F46FE79}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{0A3321F4-F84B-4F20-8C85-09419C1D8B1F}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{B07BBCB3-2887-4905-9224-C948A1C31B63}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{DB2036E1-EB70-47D1-AE60-C46E333FBD3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{340DC746-32FE-46BA-801B-67064BA7D800}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C11EFB5-460B-4535-ACA1-191DDA51F19C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2EA66421-1255-4DBD-84F3-ECF7957AF393}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{772E1DBF-7A2D-488B-BD84-43B411920FF1}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{2F667E62-6A8D-4354-9F51-E4F2F54A4BB4}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [uDP Query User{6F62953C-4187-4BB7-AB4D-F80FC9EC6AFF}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe

==================== Restore Points =========================

19-01-2016 19:46:34 Windows Update
23-01-2016 00:55:46 Windows Update
26-01-2016 19:40:41 Windows Update
29-01-2016 22:43:56 Windows Update
02-02-2016 23:08:14 Windows Update
06-02-2016 17:22:47 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:57 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2016 02:27:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/07/2016 02:27:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3644) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS003D7.log.

System errors:
=============
Error: (02/07/2016 02:27:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/07/2016 02:27:57 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (02/06/2016 05:09:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (02/06/2016 02:36:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (02/06/2016 10:33:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (02/03/2016 03:58:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (01/30/2016 03:49:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (01/30/2016 07:33:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/29/2016 10:03:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/28/2016 08:37:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 51%
Total physical RAM: 4061.18 MB
Available physical RAM: 1986.4 MB
Total Virtual: 8120.56 MB
Available Virtual: 5841.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:571 GB) (Free:500.96 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 01C9DF25)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=571 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== End of Addition.txt ============================

[TwinHeadedEagle]

I instructed you to run FRST again for one simple reason:

 

• Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!