WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93124 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

slow puter [Solved]

Started by Wilbert Hippenst , Aug 20 2015 11:50 AM

This topic is locked

10 replies to this topic

#1 Wilbert Hippenst

Authentic Member

Authentic Member
203 posts

Posted 20 August 2015 - 11:50 AM

good afternoon,

computer has been running slow for last few days

Here are the logs:

FRST LOG

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015

Ran by will (administrator) on WILL-LAPTOP (20-08-2015 13:38:40)

Running from E:\Downloads

Loaded Profiles: will (Available Profiles: will & DefaultAppPool)

Platform: Windows 10 Home (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Edge)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe

(Seagate Technology LLC) C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe

(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe

() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe

(http://shotty.devs-on.net) C:\Program Files\Shotty\Shotty.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Wakoopa) C:\Users\will\AppData\Local\Metrixlab Online Application\Metrixlab Online Application.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2015-08-07] (Alps Electric Co., Ltd.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-24] (IDT, Inc.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)

HKLM\...\Run: [IntelWireless] => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray

HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1605632 2010-11-14] (Intel® Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-06] (COMODO)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-27] (Malwarebytes Corporation)

HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3391712 2015-04-21] (Mister Group)

HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [286272 2015-07-10] (RealNetworks, Inc.)

HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [608320 2015-07-10] ()

HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1

HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1

HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)

HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Run: [Shotty] => C:\Program Files\Shotty\Shotty.exe [724480 2014-05-16] (http://shotty.devs-on.net)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Run: [hp] => C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Run: [HP Photosmart 6520 series (NET)] => C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Run: [Metrixlab Online Application] => C:\Users\will\AppData\Local\Metrixlab Online Application\Metrixlab Online Application.exe [1108976 2015-04-30] (Wakoopa)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-07-25] (Glarysoft Ltd)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-11-26]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2013-12-21]

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2013-12-21]

ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2014-12-15]

ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk [2015-04-23]

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-06-03]

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\will\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\will\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\will\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll No File

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\will\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U148&ocid=U148DHP&osmkt=en-us

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1958726619-2033566604-2034206773-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-06-17] (RealDownloader)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-01-11] (LastPass)

BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-06-17] (RealDownloader)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-01-11] (LastPass)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-01-11] (LastPass)

Toolbar: HKU\S-1-5-21-1958726619-2033566604-2034206773-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616}

DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}

DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab

DPF: HKLM-x32 {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx

DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=2729448549

Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)

Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{10ab27a5-19d0-4ac7-a474-883b275da6be}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{4f35e899-cbcf-470c-bff1-5fea95141ab8}: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-01-11] (LastPass)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-03-16] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-03-16] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-03-16] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-03-16] (Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-01-11] (LastPass)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-01-04] (Yahoo! Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-07-10] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-30] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-30] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-07-10] (RealTimes)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-02-14] (RocketLife, LLP)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1958726619-2033566604-2034206773-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\will\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-02] (RocketLife, LLP)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-12-22] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-12-22] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-12-22] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-12-22] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-12-22] (Apple Inc.)

FF Extension: LastPass - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\gfwncbpw.default\Extensions\support@lastpass.com [2014-01-11]

FF Extension: LastPass - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\prpdnca2.default-1339788854758\Extensions\support@lastpass.com [2014-01-11]

FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\artur.dubovoy@gmail.com [2015-05-31]

FF Extension: US English Medical Dictionary - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\en-Medical-US@dictionaries.addons.mozilla.org [2014-06-07]

FF Extension: Youtube Downloader - 4K Download - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\paulsaintuzb@gmail.com [2015-05-31]

FF Extension: LastPass - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\support@lastpass.com [2015-05-06]

FF Extension: Empty Cache Button - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2015-05-31]

FF Extension: EPUBReader - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-31]

FF Extension: InvisibleHand - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2014-11-12]

FF Extension: Medooc. SearchEngine - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\daviddeutsch1002@yahoo.com.xpi [2014-06-07]

FF Extension: Video Downloader Professional - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\ffext_basicvideoext@startpage24.xpi [2014-11-11]

FF Extension: Jigsaw Puzzles - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\gojig@jetpack.xpi [2015-04-04]

FF Extension: i2Symbol (Emoticons, Smileys, Symbols) - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\i2symbol@sciweavers.org.xpi [2015-04-03]

FF Extension: The Camelizer - Price Tracker - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\izer@camelcamelcamel.com.xpi [2015-05-04]

FF Extension: Logical Games - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\jid0-iqNggXzjOHdCfqnw472ftgtuARg@jetpack.xpi [2015-04-03]

FF Extension: Prostetnic Highlighter - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\jid0-pJMJEntDZuwYnkFvfCcFQsgmvBY@jetpack.xpi [2014-11-11]

FF Extension: Online Games - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\jid0-RJnyEjyiGjzbBui2er5zHZhzPSE@jetpack.xpi [2015-04-04]

FF Extension: Jigsaw Puzzle Maker - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\jid0-yofxTjDXTIZkYYiDeUXrpyA8TFU@jetpack.xpi [2015-04-04]

FF Extension: Free Flash, Unity3D and html5 games - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\jid1-461B0PwxL3oTt1@jetpack.xpi [2015-04-03]

FF Extension: Easy media download - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\jid1-ach2kaGSshPJCg@jetpack.xpi [2015-04-03]

FF Extension: Clearly - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\readable@evernote.com.xpi [2013-07-19]

FF Extension: Broadband Speed Test and Diagnostics - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\speedtest@gotomyhelp.com.xpi [2015-05-06]

FF Extension: Test Pilot - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\testpilot@labs.mozilla.com.xpi [2012-06-17]

FF Extension: Torrent Finder Toolbar - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\TFToolbarX@torrent-finder.xpi [2015-04-04]

FF Extension: Malware Search - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi [2014-10-26]

FF Extension: Fasterfox - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2015-04-04]

FF Extension: Adblock Plus - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-03]

FF Extension: Picscrazy right-click - C:\Users\will\AppData\Roaming\Mozilla\Firefox\Profiles\t6j886tk.default-1339975537970\Extensions\{fe0d8dd9-4e39-4a96-8bfc-5674ae7e47cc}.xpi [2014-06-04]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-22]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-22]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-05]

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-11-26]

FF HKU\S-1-5-21-1958726619-2033566604-2034206773-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:

=======

CHR Profile: C:\Users\will\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Floorplanner) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2015-03-05]

CHR Extension: (Instrumente) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahchimdkljhhfjkklkafookapgikdhkk [2015-03-05]

CHR Extension: (Dictanote - Speech Recognizer) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk [2015-03-05]

CHR Extension: (BeFunky Photo Editor) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab [2015-03-05]

CHR Extension: (Send this page by email) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcamgnkjooghefjjfgfhnepedkodbgec [2015-03-05]

CHR Extension: (Chrome Tips Beta (by Google)) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdmbgfhokojnnaliemjgbahnfeggocpe [2015-03-05]

CHR Extension: (WiBit) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejaaogemoligmkbmeafkhnaegkggihf [2015-03-05]

CHR Extension: (Build Shed Plans) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blefhmkjdbclnlfegkdhmkepeoikhgpg [2015-03-05]

CHR Extension: (YouTube) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-05]

CHR Extension: (Honey) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-07-10]

CHR Extension: (Movies Downloader) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniohfejmhpjpljbllpgohpaloanjgjf [2015-07-03]

CHR Extension: (Form Filler) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2015-03-05]

CHR Extension: (Fight Depression!) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpcanhncamomjgapncfnedcimpcmlbnf [2015-03-05]

CHR Extension: (Nimbus Screenshot) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2015-05-02]

CHR Extension: (No Name) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoielngcdpgeldnckhponffkiajaobo [2015-06-08]

CHR Extension: (Webmail Ad Blocker) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2015-03-05]

CHR Extension: (Adblock Plus) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-05]

CHR Extension: (Google Search) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-05]

CHR Extension: (Email this page (by Google)) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2015-03-05]

CHR Extension: (Video downloader pro) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem [2015-03-05]

CHR Extension: (Logitech Smooth Scrolling) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-03-05]

CHR Extension: (ICE Quick Stream) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2015-03-05]

CHR Extension: (Hotel Search and Compare (Multilingual)) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\eciljddmloccnknaallbgekopdbhndon [2015-03-05]

CHR Extension: (eyeCare - Protect your vision) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeeningnfkaonkonalpcicgemnnijjhn [2015-07-13]

CHR Extension: (Bloody Pressure) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemipfoeaegklklcngpmdbaemegjdbdl [2015-03-05]

CHR Extension: (MusixLib Search) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\egekhjenodlmckpgpkkdpfnodobbgnkf [2015-07-05]

CHR Extension: (Pixlr-o-matic) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2015-03-05]

CHR Extension: (Video Downloader professional) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-05]

CHR Extension: (Converter) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\elogiihmdefhdcainoihdcfpnfbimpnd [2015-03-05]

CHR Extension: (Snapshot 2) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffgfedebnhmhkcfhhjoikplfafgpihpo [2015-03-18]

CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2015-03-05]

CHR Extension: (Video Downloader Super) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-03-05]

CHR Extension: (The Camelizer) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-05-04]

CHR Extension: (Dictionary by Dictionary.com) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh [2015-03-05]

CHR Extension: (History Eraser) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2015-03-05]

CHR Extension: (Downloads Folder Launcher) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhianpphjibhflcnebkmkkdojjigbjd [2015-03-05]

CHR Extension: (Webcam) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbhgamgannegfcmholgllkakldhajeg [2015-03-05]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-05]

CHR Extension: (FabCam) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-03-05]

CHR Extension: (Where to delete an account) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf [2015-03-05]

CHR Extension: (Video Downloader) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpgleggfcndpeflbjhpjfckfmojnpo [2015-03-05]

CHR Extension: (Dictionary) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpgblgbmcleigbahedfgempmpnlkhhpk [2015-04-14]

CHR Extension: (Apps Launcher) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmgkhchjindcjamnckoiahagecjnkdc [2015-03-05]

CHR Extension: (Clearly) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-03-05]

CHR Extension: (Vine Video Download) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\jebahcljabjndemkadpdnablhinojkil [2015-03-05]

CHR Extension: (Family Medical Info) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobbajojigcglfmadbkgjmnacpifklbp [2015-03-05]

CHR Extension: (Photo Calendar Maker) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kannbcclbpngpkjklmplofgclliddlgj [2015-03-05]

CHR Extension: (Autodesk Homestyler) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2015-03-05]

CHR Extension: (Malware Search) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleioieeffejophokeklefchfglgmnk [2015-03-05]

CHR Extension: (Mustachio) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\khaoakmndhjandiaaadnjgnbchillcdj [2015-03-05]

CHR Extension: (Unit Convertor) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-03-05]

CHR Extension: (TouristEye Planner) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjpejalhlnocbhggpnokneghfenoneg [2015-03-05]

CHR Extension: (Webcam Toy) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-03-05]

CHR Extension: (Numerics Calculator & Converter) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-14]

CHR Extension: (Google Maps) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-05]

CHR Extension: (Puzzle for Chrome) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbalnpbcmecdckpghgacibglihkgamkl [2015-03-05]

CHR Extension: (Google Dictionary (by Google)) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-03-05]

CHR Extension: (Google Mail Checker) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-03-05]

CHR Extension: (CashControl) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mioaopmpfgkncgbbfnmpoegppfcgmoek [2015-03-05]

CHR Extension: (Universal Unit Converter) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkejlpknmikohhgdelefdeeieplkog [2015-03-05]

CHR Extension: (Similar Sites) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2015-03-05]

CHR Extension: (Webutation) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfclfmabiojpommfcalfdgjjeaahnjbj [2015-03-05]

CHR Extension: (QR Image from URL) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nioihlfoddilijjjeknopfcbglallkce [2015-03-05]

CHR Extension: (Wikipedia Instant) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnikhpimclelcopmneehjglfppbnojd [2015-04-14]

CHR Extension: (Chrome Web Store Payments) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]

CHR Extension: (Fast Video Downloader) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nocpfkkbaekckhcoekockfbidpcjgkbd [2015-07-03]

CHR Extension: (Personal Blocklist (by Google)) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef [2015-03-05]

CHR Extension: (OneClick Cleaner App) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadiaahhieelhhffeofkdchgfpjehjok [2015-04-14]

CHR Extension: (No Name) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbpfagfhfkcmklpdanadjpbfdedndn [2015-08-04]

CHR Extension: (Camera) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmpffnppnlgkgmbgidhhjcglloeejpg [2015-03-05]

CHR Extension: (Travelmath) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpimeaclblbaodahnhhmlblagijlnad [2015-04-14]

CHR Extension: (Print Friendly & PDF) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2015-07-26]

CHR Extension: (Click&Clean App) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-03-05]

CHR Extension: (Gmail) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-05]

CHR Extension: (Trap Music) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pledapfhaobifoekiipdkhhloekhodoh [2015-03-05]

CHR HKLM-x32\...\Chrome\Extension: [mapcejffhcbidcjmomhalabpcbaeimcb] - <no Path/update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [135168 2011-01-14] (Atheros) [File not signed]

S4 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]

S4 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)

S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)

S4 CFUACProxy_officeguardianv2; C:\ProgramData\OfficeGuardianV2\UACProxy.exe [83792 2011-07-25] (Storage Appliance Corp.)

R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-06] (COMODO)

S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-06] (COMODO)

R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-08] (Microsoft Corporation)

R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-08] (Microsoft Corporation)

S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)

R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [499200 2010-11-07] (Red Bend Ltd.) [File not signed]

S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)

S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)

S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)

S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)

S4 FoxitCloudUpdateService; C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [243880 2015-03-16] (Foxit Software Inc.)

R2 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]

R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-08-11] (Hewlett-Packard Company)

S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-19] (Microsoft Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]

S3 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [352248 2012-08-03] (Verizon) [File not signed]

R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)

R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)

S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)

R2 Maxtor Sync Services; C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe [181600 2008-08-05] (Seagate Technology LLC)

S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-27] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-05] (Malwarebytes Corporation)

S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-08] (Microsoft Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)

R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)

R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [87344 2009-10-07] (Prolific Technology Inc.)

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]

R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1115224 2015-07-10] (RealNetworks, Inc.)

R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2015-07-10] ()

R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek) [File not signed]

R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1115224 2015-07-10] (RealNetworks, Inc.)

R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2015-03-29] (Paramount Software UK Ltd)

S3 RetailDemo; C:\Windows\system32\RDXService.dll [996352 2015-08-19] (Microsoft Corporation)

R2 SamSs; C:\Windows\SysWOW64\lsass.exe [0 2013-12-06] () <==== ATTENTION (zero byte File/Folder)

S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-08] (Microsoft Corporation)

R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2013-12-06] () <==== ATTENTION (zero byte File/Folder)

R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)

R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2012-05-03] (Adobe Systems Incorporated) [File not signed]

R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2015-04-21] (Mister Group)

S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-08] (Microsoft Corporation)

S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-08] (Microsoft Corporation)

R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-08-08] (Microsoft Corporation)

R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-08] (Microsoft Corporation)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-08] (Microsoft Corporation)

S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [869376 2010-11-07] (Intel® Corporation) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com) [File not signed]

S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)

S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)

S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S5 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2015-07-10] (LSI)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [565088 2015-08-08] (Microsoft Corporation)

R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [127840 2015-07-10] (Microsoft Corporation)

S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2015-07-10] (PMC-Sierra)

S5 agp440; C:\Windows\System32\drivers\agp440.sys [63328 2015-07-10] (Microsoft Corporation)

S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2015-07-10] (Advanced Micro Devices)

S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2015-07-10] (AMD Technologies Inc.)

S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2015-07-10] (Advanced Micro Devices)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)

S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2015-07-10] (PMC-Sierra, Inc.)

S5 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2015-07-10] (Microsoft Corporation)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-12-25] (AVG Technologies)

S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2015-07-10] (Broadcom Corporation)

R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)

R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [380768 2015-07-10] (Microsoft Corporation)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-04] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-04] (COMODO)

R5 CNG; C:\Windows\System32\Drivers\cng.sys [601344 2015-08-08] (Microsoft Corporation)

R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)

S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23312 2013-01-22] (Dell Computer Corporation)

S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2013-01-22] (Dell Computer Corporation)

R5 disk; C:\Windows\System32\drivers\disk.sys [101216 2015-07-10] (Microsoft Corporation)

S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)

R5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88928 2015-07-10] (Microsoft Corporation)

S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [116576 2015-07-10] (Microsoft Corporation)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-27] ()

R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)

R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [83808 2015-07-10] (Microsoft Corporation)

R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [368992 2015-07-10] (Microsoft Corporation)

U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31072 2015-07-10] (Microsoft Corporation)

R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [633184 2015-07-10] (Microsoft Corporation)

S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66912 2015-07-10] (Microsoft Corporation)

S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)

R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)

R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-25] (Glarysoft Ltd)

S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2015-07-10] (Hewlett-Packard Company)

S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29024 2015-07-10] (Microsoft Corporation)

R5 iaStor; C:\Windows\System32\drivers\iaStor.sys [438808 2010-11-06] (Intel Corporation)

S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2015-07-10] (Intel Corporation)

S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2015-07-10] (Intel Corporation)

S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)

S5 intelide; C:\Windows\System32\drivers\intelide.sys [19296 2015-07-10] (Microsoft Corporation)

S5 intelpep; C:\Windows\System32\drivers\intelpep.sys [43872 2015-07-10] (Microsoft Corporation)

S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)

S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [22368 2015-07-10] (Microsoft Corporation)

R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [131424 2015-07-10] (Microsoft Corporation)

R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [158560 2015-07-10] (Microsoft Corporation)

S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108896 2015-07-10] (LSI Corporation)

S5 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [104800 2015-07-10] (LSI Corporation)

S5 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)

S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2015-07-10] (LSI Corporation)

S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-05] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-07-05] (Malwarebytes Corporation)

S5 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2015-07-10] (Avago Technologies)

S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2015-07-10] (LSI Corporation, Inc.)

S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)

R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [102752 2015-08-04] (Microsoft Corporation)

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-08] (Microsoft Corporation)

R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [19296 2015-07-10] (Microsoft Corporation)

R5 Mup; C:\Windows\System32\Drivers\mup.sys [118624 2015-07-10] (Microsoft Corporation)

S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2015-07-10] (Marvell Semiconductor, Inc.)

R5 NBVol; C:\Windows\System32\DRIVERS\NBVol.sys [72240 2011-12-01] (Nero AG)

R5 NBVolUp; C:\Windows\System32\DRIVERS\NBVolUp.sys [15920 2011-12-01] (Nero AG)

S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)

R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1168736 2015-08-08] (Microsoft Corporation)

S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2015-07-10] (NVIDIA Corporation)

S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2015-07-10] (NVIDIA Corporation)

S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [126304 2015-07-10] (Microsoft Corporation)

R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [117088 2015-07-10] (Microsoft Corporation)

R5 pci; C:\Windows\System32\drivers\pci.sys [325984 2015-08-08] (Microsoft Corporation)

S5 pciide; C:\Windows\System32\drivers\pciide.sys [15712 2015-07-10] (Microsoft Corporation)

S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2015-07-10] (Microsoft Corporation)

R5 pcw; C:\Windows\System32\drivers\pcw.sys [51552 2015-07-10] (Microsoft Corporation)

R5 pdc; C:\Windows\System32\drivers\pdc.sys [98144 2015-07-10] (Microsoft Corporation)

S5 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58208 2015-07-10] (LSI Corporation)

S5 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58720 2015-07-10] (Avago Technologies)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2015-03-05] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2015-03-05] ()

S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [75016 2013-02-19] (Dataram, Inc.)

R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [237392 2015-08-05] (Microsoft Corporation)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )

S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [109920 2015-07-10] (Microsoft Corporation)

S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2015-07-10] (Silicon Integrated Systems Corp.)

S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2015-07-10] (Silicon Integrated Systems)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-11] (Synaptics Incorporated)

R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [474464 2015-07-10] (Microsoft Corporation)

S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2015-07-10] (Promise Technology, Inc.)

S5 storahci; C:\Windows\System32\drivers\storahci.sys [133984 2015-07-10] (Microsoft Corporation)

S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [45920 2015-07-10] (Microsoft Corporation)

S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [80720 2015-08-19] (Microsoft Corporation)

R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)

S5 storufs; C:\Windows\System32\drivers\storufs.sys [40288 2015-07-10] (Microsoft Corporation)

S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2015-07-10] (Microsoft Corporation)

R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)

R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2430816 2015-07-10] (Microsoft Corporation)

S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [66400 2015-07-10] (Microsoft Corporation)

S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)

S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-08] (Microsoft Corporation)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66912 2015-07-10] (Microsoft Corporation)

R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [42848 2015-07-10] (Microsoft Corporation)

S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [125792 2015-07-10] (Microsoft Corporation)

R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [81248 2015-07-10] (Microsoft Corporation)

R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [370016 2015-07-10] (Microsoft Corporation)

R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [378720 2015-07-10] (Microsoft Corporation)

S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2015-07-10] (VIA Technologies Inc.,Ltd)

S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2015-07-10] (VIA Corporation)

R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [892224 2015-07-10] (Microsoft Corporation)

R5 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [153440 2015-07-10] (Microsoft Corporation)

R5 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)

R5 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)

S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)

S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)

R5 Wof; C:\Windows\System32\Drivers\Wof.sys [200528 2015-08-05] (Microsoft Corporation)

S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)

S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)

S1 BdfNdisf; \??\C:\Windows\System32\DriverStore\FileRepository\netlwf.inf_amd64_neutral_52e20f0ba6914be8\bdfndisf6.sys [X]

U3 idsvc; no ImagePath

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)

NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)

NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)

NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)

NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 13:28 - 2015-08-20 13:28 - 00016148 _____ C:\WINDOWS\system32\WILL-LAPTOP_will_HistoryPrediction.bin

2015-08-20 11:43 - 2015-08-20 12:59 - 00023040 ___SH C:\Users\will\Desktop\Thumbs.db

2015-08-20 11:19 - 2015-08-20 11:19 - 00000000 ____D C:\Users\will\AppData\Local\SlimWare Utilities Inc

2015-08-19 12:18 - 2015-08-19 12:18 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 18805760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2015-08-19 12:18 - 2015-08-19 12:18 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2015-08-19 12:18 - 2015-08-19 12:18 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2015-08-19 12:18 - 2015-08-19 12:18 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 08021840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-08-19 12:17 - 2015-08-19 12:17 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 02446336 _____ C:\WINDOWS\system32\InputService.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2015-08-19 12:17 - 2015-08-19 12:17 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe

2015-08-19 12:17 - 2015-08-19 12:17 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2015-08-19 12:17 - 2015-08-19 12:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll

2015-08-19 12:17 - 2015-08-19 12:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

2015-08-17 19:29 - 2015-08-17 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4

2015-08-17 19:28 - 2015-08-17 19:28 - 00000000 ____D C:\Users\will\AppData\Local\pip

2015-08-17 19:28 - 2015-08-17 19:28 - 00000000 ____D C:\Python34

2015-08-12 13:52 - 2015-08-12 13:52 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini

2015-08-12 13:52 - 2015-08-12 13:52 - 00000000 ____D C:\Users\DefaultAppPool

2015-08-12 13:52 - 2015-08-12 13:33 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-08-12 13:52 - 2015-08-07 22:38 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Google

2015-08-12 13:52 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

2015-08-12 13:52 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-08-12 13:52 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-08-12 13:52 - 2015-07-10 07:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-08-12 13:48 - 2015-08-12 13:48 - 00000844 _____ C:\Users\Public\Desktop\Speccy.lnk

2015-08-12 13:48 - 2015-08-12 13:48 - 00000000 ____D C:\Program Files\Speccy

2015-08-12 12:28 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-08-12 12:28 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2015-08-12 12:28 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-08-12 12:28 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2015-08-12 12:28 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2015-08-12 12:28 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2015-08-12 12:28 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2015-08-12 12:28 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2015-08-12 12:28 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2015-08-12 12:28 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys

2015-08-12 12:28 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys

2015-08-12 12:28 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2015-08-12 12:28 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2015-08-12 12:28 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2015-08-12 12:28 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll

2015-08-12 12:28 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2015-08-12 12:28 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-08-12 12:28 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll

2015-08-12 12:28 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys

2015-08-12 12:28 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2015-08-12 12:28 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2015-08-12 12:28 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll

2015-08-12 12:28 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll

2015-08-12 12:28 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll

2015-08-12 12:28 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2015-08-12 12:28 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll

2015-08-12 12:28 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2015-08-12 12:28 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2015-08-12 12:28 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2015-08-12 12:28 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2015-08-12 12:28 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys

2015-08-12 12:28 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2015-08-12 12:28 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys

2015-08-12 12:28 - 2015-08-02 22:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-08-12 12:28 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2015-08-12 12:28 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2015-08-12 12:28 - 2015-08-02 21:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-08-12 12:28 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2015-08-12 12:28 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2015-08-12 12:28 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2015-08-12 12:28 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll

2015-08-12 12:28 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll

2015-08-12 12:28 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe

2015-08-12 12:28 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe

2015-08-12 12:28 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-08-12 12:28 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2015-08-12 12:28 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll

2015-08-12 12:28 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll

2015-08-12 12:28 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2015-08-12 12:28 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll

2015-08-12 12:28 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll

2015-08-12 12:28 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2015-08-12 12:28 - 2015-08-02 21:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll

2015-08-12 12:28 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll

2015-08-12 12:28 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2015-08-12 12:28 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe

2015-08-12 12:28 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

2015-08-12 12:28 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2015-08-12 12:28 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-08-12 12:28 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll

2015-08-12 12:27 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2015-08-12 12:27 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2015-08-12 12:27 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll

2015-08-12 12:27 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2015-08-12 12:27 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll

2015-08-12 12:27 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll

2015-08-12 12:27 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll

2015-08-12 12:27 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2015-08-12 12:27 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2015-08-12 12:27 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2015-08-12 12:27 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll

2015-08-12 12:27 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll

2015-08-11 12:24 - 2015-08-11 12:24 - 00000000 ____D C:\Users\will\AppData\Roaming\Hewlett-Packard

2015-08-11 12:17 - 2015-08-11 12:17 - 00002311 _____ C:\Users\will\Desktop\HP Support Assistant.lnk

2015-08-11 12:17 - 2015-08-11 12:17 - 00000000 ____D C:\System.sav

2015-08-11 12:17 - 2015-08-11 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2015-08-11 12:16 - 2015-08-11 12:16 - 00000000 ____D C:\Users\will\AppData\Roaming\hpqLog

2015-08-11 12:15 - 2015-08-11 12:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard

2015-08-11 12:15 - 2015-08-11 12:15 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}

2015-08-09 18:47 - 2015-08-09 18:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2015-08-09 11:55 - 2015-08-09 11:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2015-08-08 16:49 - 2015-08-08 16:49 - 00000000 ____D C:\Users\will\AppData\Local\speech

2015-08-08 13:11 - 2015-08-08 13:11 - 00000000 ____D C:\Users\will\AppData\Local\MicrosoftEdge

2015-08-08 12:59 - 2015-08-08 13:01 - 00000000 ____D C:\Users\will\AppData\Local\PackageStaging

2015-08-08 12:46 - 2015-08-08 16:37 - 00000000 ____D C:\Users\will\AppData\Local\Comms

2015-08-08 02:14 - 2015-08-20 11:22 - 00000000 ___DC C:\WINDOWS\Panther

2015-08-08 02:13 - 2015-08-07 22:21 - 00000000 __SHD C:\Recovery

2015-08-08 02:09 - 2015-08-08 02:09 - 00000000 ____D C:\Windows.old

2015-08-08 02:08 - 2015-08-08 02:08 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2015-08-08 02:08 - 2015-08-08 02:08 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2015-08-08 02:08 - 2015-08-08 02:08 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2015-08-08 02:08 - 2015-08-08 02:08 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys

2015-08-08 02:08 - 2015-08-08 02:08 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe

2015-08-08 02:08 - 2015-08-08 02:08 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll

2015-08-08 02:08 - 2015-08-08 02:08 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe

2015-08-08 02:04 - 2015-08-08 02:04 - 00008192 _____ C:\WINDOWS\system32\config\userdiff

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\WINDOWS\system32\msmq

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\WINDOWS\system32\BestPractices

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\Program Files\Reference Assemblies

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\Program Files\MSBuild

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\Program Files (x86)\MSBuild

2015-08-08 01:59 - 2015-08-08 01:59 - 00000000 ____D C:\inetpub

2015-08-08 01:59 - 2015-06-17 22:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2015-08-08 01:59 - 2015-06-17 22:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2015-08-08 01:59 - 2015-06-17 22:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2015-08-08 01:59 - 2015-05-30 01:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2015-08-08 01:59 - 2015-05-30 01:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-08-08 01:59 - 2015-05-30 01:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2015-08-07 23:11 - 2015-08-04 20:32 - 00007884 _____ C:\WINDOWS\system32\Drivers\cmdguard.cat

2015-08-07 23:07 - 2015-08-07 23:07 - 00000000 ____D C:\ProgramData\Microsoft OneDrive

2015-08-07 23:05 - 2015-08-07 23:05 - 00001058 _____ C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk

2015-08-07 23:04 - 2015-08-07 23:04 - 00000000 ____D C:\Users\will\AppData\Local\Publishers

2015-08-07 23:04 - 2015-08-07 23:04 - 00000000 ____D C:\Users\will\AppData\Local\NetworkTiles

2015-08-07 23:03 - 2015-08-14 20:53 - 00000000 ____D C:\Users\will\AppData\Local\Packages

2015-08-07 23:02 - 2015-08-12 13:38 - 00000258 __RSH C:\Users\will\ntuser.pol

2015-08-07 23:02 - 2015-08-07 23:02 - 00000020 ___SH C:\Users\will\ntuser.ini

2015-08-07 23:02 - 2015-08-07 23:02 - 00000000 ____D C:\Users\will\AppData\Local\TileDataLayer

2015-08-07 22:52 - 2015-08-11 16:08 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-08-07 22:51 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2015-08-07 22:38 - 2015-08-07 22:38 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2015-08-07 22:38 - 2015-08-07 22:38 - 00000000 ____D C:\Users\Default\AppData\Local\Google

2015-08-07 22:38 - 2015-08-07 22:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Google

2015-08-07 22:27 - 2015-08-07 22:27 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines

2015-08-07 22:23 - 2015-08-20 11:22 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-08-07 22:23 - 2015-08-19 17:38 - 00000000 ____D C:\Users\will

2015-08-07 22:23 - 2015-07-10 07:04 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

2015-08-07 22:23 - 2015-07-10 07:04 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-08-07 22:23 - 2015-07-10 07:04 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-08-07 22:23 - 2015-07-10 07:04 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-08-07 22:22 - 2015-08-20 01:46 - 01020366 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-08-07 22:22 - 2015-08-07 22:22 - 00961296 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2015-08-07 22:21 - 2015-08-07 22:22 - 00021209 _____ C:\WINDOWS\iis.log

2015-08-07 22:19 - 2015-08-07 22:41 - 00000000 ____D C:\Program Files\IDT

2015-08-07 22:19 - 2015-08-07 22:20 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys

2015-08-07 22:19 - 2015-08-07 22:20 - 00001552 _____ C:\WINDOWS\LkmdfCoInst.log

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____D C:\Program Files\Synaptics

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____D C:\Program Files\DellTPad

2015-08-07 22:19 - 2015-08-07 22:19 - 00000000 ____D C:\iBTWU

2015-08-07 22:19 - 2011-01-24 21:57 - 04637184 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll

2015-08-07 22:19 - 2011-01-24 21:57 - 00438784 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl

2015-08-07 22:19 - 2011-01-21 04:15 - 00449024 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll

2015-08-07 22:19 - 2011-01-19 10:28 - 00015610 _____ C:\WINDOWS\system32\W92HDM59.xml

2015-08-07 22:19 - 2010-10-14 21:56 - 00390656 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\imthx64.dll

2015-08-07 22:19 - 2010-09-30 19:18 - 00866304 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\imapo64.dll

2015-08-07 22:19 - 2010-09-30 19:17 - 00732672 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\imapo32.dll

2015-08-07 22:19 - 2010-04-01 10:11 - 00162304 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll

2015-08-07 22:19 - 2009-10-09 20:45 - 00442368 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTEC64.dll

2015-08-07 22:19 - 2009-03-02 21:58 - 00068608 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAR64.dll

2015-08-07 22:19 - 2009-03-02 21:47 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll

2015-08-07 22:16 - 2015-08-07 22:17 - 00030833 _____ C:\WINDOWS\system32\NetSetupMig.log

2015-08-07 22:15 - 2015-08-20 13:26 - 00278186 _____ C:\WINDOWS\PFRO.log

2015-08-07 21:44 - 2015-08-07 21:44 - 00022256 _____ (<company name here>) C:\WINDOWS\system32\Drivers\cdmsnroot_s.sys

2015-08-07 21:41 - 2015-07-10 07:00 - 00000001 ___SH C:\BOOTNXT

2015-08-07 21:35 - 2015-08-07 22:58 - 00006687 _____ C:\WINDOWS\comsetup.log

2015-08-07 20:37 - 2015-08-07 21:30 - 00000000 ___HD C:\$Windows.~BT

2015-08-07 19:17 - 2015-08-07 19:17 - 00000000 ___HD C:\$Windows.~WS

2015-08-07 13:49 - 2015-08-07 13:49 - 00000000 ____D C:\Users\will\AppData\Local\Macromedia

2015-08-06 13:26 - 2015-08-07 21:44 - 00295995 _____ C:\WINDOWS\WindowsUpdate (1).log

2015-08-04 17:59 - 2015-08-04 17:59 - 00183848 _____ C:\Users\will\AppData\Local\GDIPFONTCACHEV1.DAT

2015-08-01 17:24 - 2015-08-01 17:24 - 00000000 ____D C:\Users\will\AppData\Local\CEF

2015-07-30 17:47 - 2015-07-30 17:47 - 00002032 _____ C:\Users\Public\Desktop\Perfect Effects 9.lnk

2015-07-30 17:47 - 2015-07-30 17:47 - 00000000 ____D C:\ProgramData\Nalpeiron

2015-07-29 19:20 - 2015-08-07 22:41 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackBox ISO Burner v2.0

2015-07-29 19:20 - 2015-07-29 19:20 - 00002243 _____ C:\Users\will\Desktop\BlackBox ISO Burner.lnk

2015-07-29 19:20 - 2015-07-29 19:20 - 00000000 ____D C:\Program Files (x86)\BlackBox Softwares

2015-07-26 16:23 - 2015-07-26 16:32 - 00000000 ____D C:\Users\will\AppData\Roaming\ImgBurn

2015-07-26 14:39 - 2015-07-26 14:39 - 00000000 ____D C:\Users\will\AppData\Roaming\Macromedia

2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\Users\will\AppData\Local\Motorola

2015-07-26 09:50 - 2015-07-26 09:50 - 00000000 ____D C:\Users\will\AppData\Roaming\Intel Corporation

2015-07-26 09:48 - 2015-07-26 09:48 - 00000000 ____D C:\Users\will\AppData\Roaming\RealNetworks

2015-07-26 09:41 - 2015-07-20 03:10 - 00028960 _____ (Glarysoft Ltd) C:\WINDOWS\system32\RegBootDefrag.exe

2015-07-26 09:27 - 2015-08-07 22:25 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled

2015-07-25 21:19 - 2015-07-25 21:19 - 00000000 ____D C:\ProgramData\GlarySoft

2015-07-25 20:43 - 2015-08-07 22:58 - 00003170 _____ C:\WINDOWS\System32\Tasks\SlimCleaner Run

2015-07-25 20:43 - 2015-08-07 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner

2015-07-25 20:43 - 2015-07-25 20:43 - 00002467 _____ C:\Users\Public\Desktop\SlimCleaner.lnk

2015-07-25 20:41 - 2015-08-07 22:58 - 00003426 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5

2015-07-25 20:41 - 2015-08-07 22:58 - 00003086 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC

2015-07-25 20:41 - 2015-08-07 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5

2015-07-25 20:41 - 2015-07-25 20:41 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys

2015-07-25 20:41 - 2015-07-25 20:41 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk

2015-07-25 20:41 - 2015-07-25 20:41 - 00001091 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk

2015-07-25 20:40 - 2015-08-20 13:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5

2015-07-24 17:29 - 2015-08-07 22:41 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-07-23 11:57 - 2015-08-07 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessCleaner

2015-07-23 11:57 - 2015-07-23 11:57 - 00001080 _____ C:\Users\Public\Desktop\ProcessCleaner.lnk

2015-07-23 11:57 - 2015-07-23 11:57 - 00000000 ____D C:\Program Files (x86)\ProcessCleaner

2015-07-22 15:59 - 2015-08-14 14:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 13:38 - 2015-05-25 13:38 - 00000000 ____D C:\FRST

2015-08-20 13:36 - 2014-07-21 10:14 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat

2015-08-20 13:32 - 2015-07-10 08:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

2015-08-20 13:31 - 2012-02-11 15:02 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-08-20 13:28 - 2014-02-16 10:51 - 00000000 ____D C:\Users\will\AppData\Roaming\Wise Care 365

2015-08-20 13:26 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-08-20 13:17 - 2015-04-15 20:18 - 00000000 ____D C:\Users\will\AppData\Roaming\BitTorrent

2015-08-20 13:06 - 2012-02-11 15:02 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-08-20 13:02 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Help

2015-08-20 13:01 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru

2015-08-20 13:01 - 2015-07-10 05:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2015-08-20 12:59 - 2012-02-10 14:20 - 00000000 ____D C:\Users\will\AppData\Roaming\Skype

2015-08-20 12:55 - 2012-04-06 12:57 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-08-20 11:42 - 2014-12-26 11:35 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-08-20 02:00 - 2014-08-25 13:22 - 00000000 ____D C:\Users\will\AppData\Local\Adobe

2015-08-19 17:38 - 2015-04-10 18:25 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2015-08-19 17:35 - 2014-12-13 19:53 - 02506170 _____ C:\WINDOWS\system32\Drivers\fvstore.dat

2015-08-19 17:33 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2015-08-19 17:33 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-08-19 12:39 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-08-19 09:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-08-17 20:07 - 2014-11-11 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-08-17 19:28 - 2015-02-24 22:42 - 00102912 _____ (Python Software Foundation) C:\WINDOWS\pyw.exe

2015-08-17 19:28 - 2015-02-24 22:42 - 00102400 _____ (Python Software Foundation) C:\WINDOWS\py.exe

2015-08-17 19:11 - 2013-08-21 20:19 - 00002356 _____ C:\Users\will\Desktop\Kindle.lnk

2015-08-17 19:11 - 2012-05-29 14:19 - 00000000 ____D C:\Users\will\AppData\Local\Amazon

2015-08-17 13:24 - 2015-06-11 11:05 - 00000000 ____D C:\Users\will\Desktop\learn

2015-08-17 13:21 - 2015-07-10 08:20 - 00021903 _____ C:\WINDOWS\setupact.log

2015-08-15 16:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache

2015-08-14 15:31 - 2012-09-16 17:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-08-14 14:41 - 2012-09-16 17:23 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-08-14 14:41 - 2012-09-16 17:23 - 00001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-08-13 19:41 - 2012-06-12 14:34 - 00269712 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoiAF11.dll

2015-08-13 19:41 - 2012-06-12 14:20 - 02873232 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkinsAF11.exe

2015-08-12 13:47 - 2014-03-02 17:54 - 00000000 ____D C:\Users\will\Desktop\Utilities

2015-08-12 13:36 - 2015-07-10 08:20 - 05122784 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-08-12 13:33 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-08-12 13:33 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-08-12 13:33 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe

2015-08-12 13:32 - 2015-02-25 14:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-08-12 13:32 - 2015-02-25 14:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-08-12 13:10 - 2015-02-25 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-08-12 13:08 - 2013-07-15 09:34 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-08-12 12:48 - 2014-04-30 14:12 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-08-12 12:47 - 2012-02-16 16:10 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-08-12 12:42 - 2015-07-10 07:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-08-12 12:38 - 2009-07-13 22:34 - 00000478 _____ C:\WINDOWS\win.ini

2015-08-11 18:52 - 2013-11-28 17:40 - 00001365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

2015-08-11 13:55 - 2012-04-06 12:57 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-08-11 12:17 - 2013-03-17 19:44 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard

2015-08-11 12:17 - 2012-02-11 15:41 - 00000000 ____D C:\ProgramData\Hewlett-Packard

2015-08-11 12:17 - 2012-02-08 22:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-08-09 11:11 - 2015-07-10 07:04 - 00000000 __RHD C:\Users\Public\Libraries

2015-08-08 15:52 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase

2015-08-08 13:23 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\restore

2015-08-08 12:47 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\appcompat

2015-08-08 12:44 - 2012-02-08 22:51 - 09888360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsUStoricon.dll

2015-08-08 12:44 - 2012-02-08 22:51 - 00422504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtsUStor.dll

2015-08-08 12:44 - 2012-02-08 22:51 - 00250984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys

2015-08-08 11:38 - 2015-07-10 07:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-08-08 02:14 - 2015-07-10 07:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template

2015-08-08 02:09 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe

2015-08-08 02:09 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2015-08-08 02:09 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning

2015-08-08 02:09 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2015-08-08 02:09 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Dism

2015-08-08 01:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv

2015-08-08 01:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv

2015-08-08 01:59 - 2015-07-10 07:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb

2015-08-08 01:59 - 2015-07-10 07:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb

2015-08-08 01:59 - 2015-07-10 07:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb

2015-08-08 01:59 - 2015-07-10 07:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb

2015-08-08 01:59 - 2015-07-10 07:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe

2015-08-08 01:59 - 2015-07-10 07:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll

2015-08-08 01:59 - 2015-07-10 07:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof

2015-08-08 01:59 - 2015-07-10 07:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys

2015-08-08 01:59 - 2015-07-10 07:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb

2015-08-08 01:59 - 2015-07-10 07:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb

2015-08-08 01:59 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb

2015-08-08 01:59 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe

2015-08-08 01:59 - 2015-07-10 07:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb

2015-08-08 01:59 - 2015-07-10 07:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe

2015-08-08 01:59 - 2015-07-10 07:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe

2015-08-08 01:59 - 2015-07-10 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll

2015-08-08 01:59 - 2015-07-10 07:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof

2015-08-07 23:04 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2015-08-07 23:04 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog

2015-08-07 23:04 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\MiracastView

2015-08-07 23:04 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2015-08-07 23:03 - 2012-02-10 13:04 - 00000000 ____D C:\Users\will\AppData\Local\Apps\2.0

2015-08-07 22:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Registration

2015-08-07 22:59 - 2014-04-30 08:52 - 00010449 _____ C:\WINDOWS\diagerr.xml

2015-08-07 22:59 - 2014-04-30 08:52 - 00009528 _____ C:\WINDOWS\diagwrn.xml

2015-08-07 22:58 - 2015-07-10 11:58 - 00003582 _____ C:\WINDOWS\System32\Tasks\RealDownloader Update Check

2015-08-07 22:58 - 2015-07-10 11:56 - 00003518 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1958726619-2033566604-2034206773-1001

2015-08-07 22:58 - 2015-07-10 11:56 - 00003382 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1958726619-2033566604-2034206773-1001

2015-08-07 22:58 - 2015-07-10 07:04 - 00000000 __RSD C:\WINDOWS\Media

2015-08-07 22:58 - 2015-06-25 14:16 - 00004004 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1958726619-2033566604-2034206773-1001UA

2015-08-07 22:58 - 2015-06-25 14:16 - 00003608 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1958726619-2033566604-2034206773-1001Core

2015-08-07 22:58 - 2015-05-09 09:27 - 00003324 _____ C:\WINDOWS\System32\Tasks\Wise Turbo Checker

2015-08-07 22:58 - 2015-04-15 13:13 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-08-07 22:58 - 2014-12-17 20:21 - 00003202 _____ C:\WINDOWS\System32\Tasks\{9C40C494-2D21-4F61-8CD9-70285FF5A3C3}

2015-08-07 22:58 - 2014-12-17 20:20 - 00003202 _____ C:\WINDOWS\System32\Tasks\{29B95E72-2017-47F5-B6C6-2A96F3C8A231}

2015-08-07 22:58 - 2014-12-09 15:35 - 00003328 _____ C:\WINDOWS\System32\Tasks\Cerber AV

2015-08-07 22:58 - 2014-11-12 15:42 - 00003296 _____ C:\WINDOWS\System32\Tasks\{F5AF854C-3E69-4637-96E0-332DDFEBCEBB}

2015-08-07 22:58 - 2014-10-11 20:56 - 00003596 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Update

2015-08-07 22:58 - 2014-10-11 20:56 - 00003576 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Engine

2015-08-07 22:58 - 2014-10-11 20:56 - 00003402 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Initial Update

2015-08-07 22:58 - 2014-08-20 14:08 - 00003378 _____ C:\WINDOWS\System32\Tasks\MSSSORT

2015-08-07 22:58 - 2014-07-05 14:31 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2015-08-07 22:58 - 2014-07-05 14:31 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2015-08-07 22:58 - 2014-07-05 14:31 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2015-08-07 22:58 - 2014-07-05 14:31 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2015-08-07 22:58 - 2014-07-05 14:31 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2015-08-07 22:58 - 2014-04-02 20:51 - 00003300 _____ C:\WINDOWS\System32\Tasks\{DAC7724D-E8A6-48A8-B20D-4054C6B42738}

2015-08-07 22:58 - 2014-02-01 17:45 - 00003648 _____ C:\WINDOWS\System32\Tasks\Moo0 System Monitor 1.76

2015-08-07 22:58 - 2013-11-28 17:37 - 00003418 _____ C:\WINDOWS\System32\Tasks\{86F4A60E-9D29-472F-ABB0-567A76C0A269}

2015-08-07 22:58 - 2013-10-24 18:19 - 00003078 _____ C:\WINDOWS\System32\Tasks\{6DEFF14E-D52F-4D88-9095-9AE712375870}

2015-08-07 22:58 - 2013-10-24 18:19 - 00003078 _____ C:\WINDOWS\System32\Tasks\{197F86E4-FF3F-4F4F-8B55-0F3AFE8009F3}

2015-08-07 22:58 - 2013-09-29 13:32 - 00003298 _____ C:\WINDOWS\System32\Tasks\HP Photosmart 6520 series.exe_{52E6E232-9524-42B7-8F65-14E1F4D6E4A5}

2015-08-07 22:58 - 2013-08-21 17:20 - 00003204 _____ C:\WINDOWS\System32\Tasks\{6399A057-D600-442E-AA02-0F161510D1C8}

2015-08-07 22:58 - 2013-07-31 20:24 - 00003188 _____ C:\WINDOWS\System32\Tasks\{1688EE8D-360A-4D54-A810-A9D483365273}

2015-08-07 22:58 - 2013-07-31 20:23 - 00003534 _____ C:\WINDOWS\System32\Tasks\{7D3D54AC-E147-4D82-9431-646B0CED1A0D}

2015-08-07 22:58 - 2013-07-27 14:57 - 00003474 _____ C:\WINDOWS\System32\Tasks\{CFE8757D-3DDD-4665-8C4A-6D65E9FA5786}

2015-08-07 22:58 - 2013-07-22 20:10 - 00003188 _____ C:\WINDOWS\System32\Tasks\{E4E51B15-390F-4688-9690-ACC67C00F911}

2015-08-07 22:58 - 2013-07-12 19:03 - 00003188 _____ C:\WINDOWS\System32\Tasks\{9C1ABAAC-69AB-4A73-8096-DC10CDF0C3F1}

2015-08-07 22:58 - 2013-06-04 16:37 - 00003616 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-WILL-LAPTOP-will

2015-08-07 22:58 - 2013-04-23 19:48 - 00003558 _____ C:\WINDOWS\System32\Tasks\MotoCast Update

2015-08-07 22:58 - 2013-03-22 17:01 - 00003326 _____ C:\WINDOWS\System32\Tasks\{575A9BD3-2C52-4806-BE95-8DA24ACB96C9}

2015-08-07 22:58 - 2013-03-17 18:20 - 00003732 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Photosmart 6520 series

2015-08-07 22:58 - 2013-03-02 16:54 - 00003336 _____ C:\WINDOWS\System32\Tasks\{493DCBF1-723D-4915-931D-0A9ABBC986AE}

2015-08-07 22:58 - 2013-01-05 20:25 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1958726619-2033566604-2034206773-1001

2015-08-07 22:58 - 2013-01-05 20:25 - 00003360 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1958726619-2033566604-2034206773-1001

2015-08-07 22:58 - 2012-11-05 14:14 - 00003198 _____ C:\WINDOWS\System32\Tasks\AnVir Task Manager

2015-08-07 22:58 - 2012-05-29 19:35 - 00003290 _____ C:\WINDOWS\System32\Tasks\{CC245C84-4716-4996-87DD-1C4C42ADE632}

2015-08-07 22:58 - 2012-02-11 15:02 - 00004004 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-08-07 22:58 - 2012-02-11 15:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-08-07 22:58 - 2012-02-11 11:03 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat

2015-08-07 22:52 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\spool

2015-08-07 22:41 - 2015-07-13 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2015-08-07 22:41 - 2015-07-10 09:14 - 00000000 ____D C:\WINDOWS\ShellNew

2015-08-07 22:41 - 2015-07-10 09:11 - 00000000 ____D C:\WINDOWS\system32\0409

2015-08-07 22:41 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-08-07 22:41 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2015-08-07 22:41 - 2015-06-13 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains

2015-08-07 22:41 - 2015-06-07 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP240 series Manual

2015-08-07 22:41 - 2015-06-01 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2015-08-07 22:41 - 2015-06-01 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7

2015-08-07 22:41 - 2015-05-26 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Media Converter

2015-08-07 22:41 - 2015-04-30 20:21 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Metrixlab Online Application

2015-08-07 22:41 - 2015-04-21 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer

2015-08-07 22:41 - 2015-04-16 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vz In-Home Agent

2015-08-07 22:41 - 2015-04-10 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2015-08-07 22:41 - 2015-03-30 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Processor Identification Utility

2015-08-07 22:41 - 2015-03-16 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

2015-08-07 22:41 - 2015-03-05 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro

2015-08-07 22:41 - 2015-03-05 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0

2015-08-07 22:41 - 2015-03-04 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OverDrive for Windows

2015-08-07 22:41 - 2015-02-26 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Home Theater

2015-08-07 22:41 - 2015-02-26 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server

2015-08-07 22:41 - 2015-02-20 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Collage Creator

2015-08-07 22:41 - 2015-02-17 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge

2015-08-07 22:41 - 2015-02-13 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Dude

2015-08-07 22:41 - 2015-02-13 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi Password Revealer

2015-08-07 22:41 - 2015-02-09 15:13 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-08-07 22:41 - 2015-01-23 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-08-07 22:41 - 2015-01-12 16:37 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Classic 6

2015-08-07 22:41 - 2014-12-26 13:06 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WirelessNetView

2015-08-07 22:41 - 2014-12-22 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2015-08-07 22:41 - 2014-12-12 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2015-08-07 22:41 - 2014-12-07 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick

2015-08-07 22:41 - 2014-11-28 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debenu PDF Tools

2015-08-07 22:41 - 2014-11-24 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PT Photo Editor

2015-08-07 22:41 - 2014-11-11 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2015-08-07 22:41 - 2014-11-11 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer

2015-08-07 22:41 - 2014-11-11 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView

2015-08-07 22:41 - 2014-11-11 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-08-07 22:41 - 2014-11-08 21:52 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free

2015-08-07 22:41 - 2014-10-22 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn

2015-08-07 22:41 - 2014-10-16 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-08-07 22:41 - 2014-09-04 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey

2015-08-07 22:41 - 2014-08-28 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBackup 4

2015-08-07 22:41 - 2014-08-20 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor

2015-08-07 22:41 - 2014-08-17 14:43 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek

2015-08-07 22:41 - 2014-07-21 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture

2015-08-07 22:41 - 2014-07-15 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor

2015-08-07 22:41 - 2014-07-14 14:55 - 00000000 ____D C:\WINDOWS\en

2015-08-07 22:41 - 2014-07-05 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

2015-08-07 22:41 - 2014-06-23 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

2015-08-07 22:41 - 2014-05-24 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Product Key Finder

2015-08-07 22:41 - 2014-03-06 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX

2015-08-07 22:41 - 2014-02-24 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Plugin Manager

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\2C0A

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0C0A

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0C04

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0816

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0804

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0424

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\041F

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\041E

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\041D

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\041B

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0419

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0416

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0415

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0414

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0413

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0412

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0411

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0410

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\040E

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\040D

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\040C

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\040B

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\040A

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0408

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0407

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0406

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0405

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0404

2015-08-07 22:41 - 2014-02-24 14:51 - 00000000 ____D C:\WINDOWS\system32\0401

2015-08-07 22:41 - 2014-02-16 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365

2015-08-07 22:41 - 2014-01-03 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartClose

2015-08-07 22:41 - 2013-11-28 17:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2015-08-07 22:41 - 2013-10-25 17:42 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2015-08-07 22:41 - 2013-09-28 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postimage

2015-08-07 22:41 - 2013-08-09 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

2015-08-07 22:41 - 2013-08-01 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMaster

2015-08-07 22:41 - 2013-07-23 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer

2015-08-07 22:41 - 2013-06-30 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap

2015-08-07 22:41 - 2013-06-03 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRecordMax Sound Recorder

2015-08-07 22:41 - 2013-03-17 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-08-07 22:41 - 2013-01-06 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wi-Fi Connect

2015-08-07 22:41 - 2012-12-07 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra

2015-08-07 22:41 - 2012-11-13 15:11 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hornil StylePix

2015-08-07 22:41 - 2012-08-29 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Whois View

2015-08-07 22:41 - 2012-07-14 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

2015-08-07 22:41 - 2012-06-22 10:21 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass

2015-08-07 22:41 - 2012-06-22 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass

2015-08-07 22:41 - 2012-04-26 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PermissionResearch

2015-08-07 22:41 - 2012-03-08 15:39 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xmarks

2015-08-07 22:41 - 2012-02-16 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2015-08-07 22:41 - 2012-02-08 23:00 - 00000000 ____D C:\Program Files (x86)\Dell Wireless

2015-08-07 22:41 - 2012-02-08 22:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2015-08-07 22:41 - 2012-02-08 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netwaiting

2015-08-07 22:41 - 2012-02-08 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem Diagnostic Tool

2015-08-07 22:41 - 2009-07-13 23:20 - 00000000 ____D C:\WINDOWS\system32\catroot3

2015-08-07 22:38 - 2015-07-10 07:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log

2015-08-07 22:38 - 2009-07-13 23:20 - 00000000 ____D C:\Users\Default.migrated

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-08-07 22:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\IME

2015-08-07 22:29 - 2013-08-12 13:06 - 00000000 ____D C:\WINDOWS\SysWOW64\spool

2015-08-07 22:29 - 2013-02-11 13:40 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe

2015-08-07 22:29 - 2012-02-11 20:16 - 00000000 ____D C:\WINDOWS\system32\SPReview

2015-08-07 22:29 - 2012-02-11 17:33 - 00000000 ____D C:\WINDOWS\system32\EventProviders

2015-08-07 22:29 - 2012-02-08 22:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2015-08-07 22:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\schemas

2015-08-07 22:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Resources

2015-08-07 22:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2015-08-07 22:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Cursors

2015-08-07 22:28 - 2015-03-27 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Tweaker

2015-08-07 22:28 - 2014-12-03 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

2015-08-07 22:28 - 2014-12-02 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-08-07 22:28 - 2014-09-13 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft

2015-08-07 22:28 - 2014-07-24 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications

2015-08-07 22:28 - 2014-04-23 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voralent

2015-08-07 22:28 - 2014-02-25 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Selectsoft Games

2015-08-07 22:28 - 2014-02-24 04:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon

2015-08-07 22:28 - 2013-08-12 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software

2015-08-07 22:28 - 2013-04-23 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility

2015-08-07 22:28 - 2013-03-24 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRexsoft

2015-08-07 22:28 - 2012-07-12 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative

2015-08-07 22:28 - 2012-06-21 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger

2015-08-07 22:28 - 2012-02-29 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Punch! Super Home Suite

2015-08-07 22:28 - 2012-02-08 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics

2015-08-07 22:28 - 2011-04-12 04:28 - 00000000 ___RD C:\Users\Public\Recorded TV

2015-08-07 22:27 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files\Windows Sidebar

2015-08-07 22:27 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2015-08-07 22:27 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2015-08-07 22:27 - 2015-03-29 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium

2015-08-07 22:27 - 2014-12-07 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft

2015-08-07 22:27 - 2014-11-30 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty

2015-08-07 22:27 - 2014-07-31 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Applications

2015-08-07 22:27 - 2014-07-21 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2015-08-07 22:27 - 2013-11-05 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2015-08-07 22:27 - 2012-02-08 22:58 - 00000000 ____D C:\Program Files\Common Files\Intel

2015-08-07 22:27 - 2012-02-08 22:45 - 00000000 ____D C:\Program Files\Intel

2015-08-07 22:27 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Microsoft Games

2015-08-07 22:27 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker

2015-08-07 22:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\Recovery

2015-08-07 22:26 - 2009-07-13 23:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2015-08-07 22:25 - 2015-02-20 16:52 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP

2015-08-07 22:25 - 2013-01-24 13:16 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2015-08-07 22:25 - 2012-05-29 14:19 - 00000000 ____D C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2015-08-07 22:21 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2015-08-07 22:15 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default

2015-08-07 21:44 - 2015-04-17 11:51 - 00174832 _____ (深圳市驱动人生软件技术有限公司) C:\WINDOWS\system32\Drivers\dtldrvprotect64.sys

2015-08-07 21:41 - 2010-01-14 20:42 - 00008192 __RSH C:\BOOTSECT.BAK

2015-08-07 21:09 - 2015-06-01 21:00 - 05916080 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00523184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00453552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00411056 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00290224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00266152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00197040 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2015-08-07 21:09 - 2015-06-01 21:00 - 00183216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe

2015-08-07 20:47 - 2009-07-14 00:45 - 00022464 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-08-07 20:47 - 2009-07-14 00:45 - 00022464 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-08-07 13:48 - 2012-05-12 15:49 - 00000000 ____D C:\Users\will\AppData\Roaming\Mozilla

2015-08-07 13:48 - 2012-05-12 15:49 - 00000000 ____D C:\Users\will\AppData\Local\Mozilla

2015-08-06 12:11 - 2014-07-21 10:14 - 00001953 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk

2015-08-04 20:31 - 2014-04-16 22:12 - 00827632 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys

2015-08-04 20:31 - 2014-04-16 22:12 - 00105096 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys

2015-08-04 20:31 - 2014-04-16 22:12 - 00045856 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys

2015-08-04 20:31 - 2014-04-16 22:12 - 00021720 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys

2015-08-04 20:29 - 2014-03-25 20:22 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll

2015-08-04 20:29 - 2014-03-25 20:22 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll

2015-08-04 20:29 - 2014-03-25 20:22 - 00041224 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll

2015-08-04 20:28 - 2014-03-25 20:22 - 00358080 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll

2015-08-04 20:28 - 2014-03-25 20:22 - 00045760 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll

2015-08-04 20:27 - 2014-03-25 20:22 - 00288448 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll

2015-08-04 20:26 - 2014-03-25 20:22 - 00040640 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll

2015-08-04 17:54 - 2012-02-10 14:19 - 00000000 ____D C:\ProgramData\Skype

2015-08-04 17:44 - 2014-12-03 22:21 - 00000000 ____D C:\AdwCleaner

2015-08-01 17:24 - 2012-02-10 13:08 - 00000000 ____D C:\Users\will\AppData\Roaming\Adobe

2015-07-30 17:48 - 2013-08-12 13:08 - 00000000 ____D C:\Users\will\AppData\Roaming\onOne Software

2015-07-30 17:47 - 2013-08-12 13:08 - 00000000 ____D C:\Users\Britt\AppData\Roaming\onOne Software

2015-07-30 17:47 - 2013-08-12 13:06 - 00000000 ____D C:\ProgramData\onOne Software

2015-07-30 17:46 - 2013-08-12 13:06 - 00000000 ____D C:\Program Files\onOne Software

2015-07-30 17:46 - 2013-08-12 13:06 - 00000000 ____D C:\Program Files (x86)\onOne Software

2015-07-29 19:21 - 2012-02-10 13:05 - 00000000 ____D C:\Users\will\AppData\Local\Google

2015-07-27 14:18 - 2015-04-10 18:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit

2015-07-26 10:31 - 2015-02-20 16:52 - 00000000 ____D C:\Users\will\AppData\Roaming\HP Photo Creations

2015-07-26 10:31 - 2013-03-17 19:49 - 00000000 ____D C:\Users\will\AppData\Roaming\Visan

2015-07-26 10:30 - 2015-02-20 16:52 - 00002102 _____ C:\Users\will\Desktop\HP Photo Creations.lnk

2015-07-26 09:58 - 2012-04-11 19:39 - 00000000 ____D C:\ProgramData\InstallMate

2015-07-26 09:57 - 2014-09-23 12:50 - 00000000 ____D C:\Program Files\WinRAR

2015-07-26 09:45 - 2015-06-25 14:16 - 00000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1958726619-2033566604-2034206773-1001UA.job

2015-07-26 09:45 - 2015-06-25 14:16 - 00000862 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1958726619-2033566604-2034206773-1001Core.job

2015-07-26 09:45 - 2015-05-09 09:27 - 00000400 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job

2015-07-26 09:23 - 2014-07-21 10:09 - 00000000 ____D C:\ProgramData\Comodo

2015-07-26 09:23 - 2012-02-10 15:43 - 00000000 ____D C:\ProgramData\Adobe

2015-07-25 21:27 - 2015-06-25 14:16 - 00000000 ____D C:\Users\will\AppData\Local\Dropbox

2015-07-25 21:22 - 2015-02-26 13:05 - 00000000 ____D C:\Users\will\AppData\Local\Plex Media Server

2015-07-25 21:22 - 2014-12-11 13:06 - 00000000 ____D C:\Users\will\AppData\Roaming\DVDVideoSoft

2015-07-25 21:22 - 2014-11-11 12:36 - 00000000 ____D C:\Users\will\AppData\Roaming\Dropbox

2015-07-25 21:22 - 2014-11-11 12:29 - 00000000 ____D C:\Users\will\AppData\Roaming\MediaMonkey

2015-07-25 21:22 - 2014-09-04 13:04 - 00000000 ____D C:\Users\will\AppData\Local\MediaMonkey

2015-07-25 21:22 - 2014-07-24 14:42 - 00000000 ____D C:\Users\will\AppData\Roaming\Serif

2015-07-25 21:22 - 2013-11-05 20:21 - 00000000 ____D C:\Users\will\AppData\Roaming\Logitech

2015-07-25 21:22 - 2013-01-13 18:21 - 00000000 ____D C:\Users\will\AppData\Local\Pinnacle

2015-07-25 21:22 - 2012-11-05 14:14 - 00000000 ____D C:\Users\will\AppData\Local\ChemTable Software

2015-07-25 21:22 - 2012-09-09 17:28 - 00000000 ____D C:\Users\Britt\AppData\Roaming\Adobe

2015-07-25 21:22 - 2012-09-09 17:27 - 00000000 ____D C:\Users\Britt\AppData\Local\Google

2015-07-25 21:22 - 2012-07-20 21:23 - 00000000 ____D C:\Users\will\AppData\Roaming\DivX

2015-07-25 21:22 - 2012-07-13 13:28 - 00000000 ____D C:\Users\will\AppData\Roaming\AVS4YOU

2015-07-25 21:22 - 2012-05-29 18:11 - 00000000 ____D C:\Users\will\AppData\Local\Apple Computer

2015-07-25 21:22 - 2012-04-25 18:05 - 00000000 ____D C:\Users\will\AppData\Roaming\Real

2015-07-25 21:22 - 2012-04-06 12:14 - 00000000 ____D C:\Users\will\AppData\Roaming\Dell

2015-07-25 21:22 - 2012-02-26 14:24 - 00000000 ____D C:\Users\will\AppData\Roaming\Apple Computer

2015-07-25 21:21 - 2015-04-12 13:54 - 00000000 ____D C:\ProgramData\VMware

2015-07-25 21:21 - 2014-12-22 14:44 - 00000000 ____D C:\Program Files (x86)\QuickTime

2015-07-25 21:21 - 2014-10-22 12:41 - 00000000 ____D C:\Program Files (x86)\ImgBurn

2015-07-25 21:21 - 2014-10-02 21:08 - 00000000 ____D C:\Program Files (x86)\VSO

2015-07-25 21:21 - 2013-11-06 17:00 - 00000000 ____D C:\ProgramData\Freemake

2015-07-25 21:21 - 2013-04-23 19:46 - 00000000 ____D C:\ProgramData\Motorola

2015-07-25 21:21 - 2013-01-14 17:48 - 00000000 ____D C:\ProgramData\MR APP

2015-07-25 21:21 - 2012-04-25 18:05 - 00000000 ____D C:\ProgramData\Real

2015-07-25 21:21 - 2012-02-10 15:57 - 00000000 ____D C:\ProgramData\Yahoo!

2015-07-25 21:21 - 2012-02-08 23:01 - 00000000 ____D C:\Program Files\Dell

2015-07-25 21:16 - 2012-02-10 15:34 - 00000000 ____D C:\Users\will\AppData\Roaming\vlc

2015-07-25 20:45 - 2013-01-20 21:50 - 00000000 ____D C:\Program Files (x86)\SlimCleaner

2015-07-25 20:41 - 2015-05-28 12:44 - 00000000 ____D C:\Users\will\AppData\Roaming\GlarySoft

2015-07-24 16:13 - 2014-12-26 11:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-07-24 13:12 - 2012-02-16 16:10 - 00000000 ____D C:\Users\will\AppData\Local\Microsoft Help

2015-07-23 12:12 - 2014-11-13 19:30 - 00000000 __SHD C:\Users\will\AppData\Local\EmieBrowserModeList

2015-07-23 12:12 - 2014-04-30 18:53 - 00000000 __SHD C:\Users\will\AppData\Local\EmieUserList

2015-07-23 12:12 - 2014-04-30 18:53 - 00000000 __SHD C:\Users\will\AppData\Local\EmieSiteList

2015-07-22 12:54 - 2015-06-25 14:02 - 00000000 ___RD C:\Users\will\Dropbox

==================== Files in the root of some directories =======

2013-10-03 20:30 - 2014-01-05 13:52 - 0003709 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml

2013-12-21 17:29 - 2014-01-11 19:26 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe

2012-04-25 20:06 - 2013-09-20 16:14 - 0000640 _____ () C:\Users\will\AppData\Roaming\.backup.dm

2014-08-30 11:52 - 2014-08-30 11:52 - 0000132 _____ () C:\Users\will\AppData\Roaming\Adobe BMP Format CS6 Prefs

2013-12-25 17:51 - 2013-12-29 15:16 - 0000373 _____ () C:\Users\will\AppData\Roaming\burnaware.ini

2012-02-19 18:20 - 2012-06-05 17:42 - 0000241 _____ () C:\Users\will\AppData\Roaming\default.rss

2014-06-20 18:16 - 2014-06-20 18:16 - 0000055 _____ () C:\Users\will\AppData\Roaming\mbam.context.scan

2014-01-11 17:16 - 2014-12-07 15:27 - 0007859 _____ () C:\Users\will\AppData\Roaming\pcouffin.cat

2014-01-11 17:16 - 2014-12-07 15:27 - 0001167 _____ () C:\Users\will\AppData\Roaming\pcouffin.inf

2014-10-02 21:08 - 2014-12-07 15:27 - 0000055 _____ () C:\Users\will\AppData\Roaming\pcouffin.log

2014-01-11 17:16 - 2014-12-07 15:27 - 0082816 _____ (VSO Software) C:\Users\will\AppData\Roaming\pcouffin.sys

2014-09-04 13:14 - 2014-09-04 13:14 - 0000568 _____ () C:\Users\will\AppData\Roaming\ReplayConverterLog.log

2013-07-08 11:19 - 2013-07-08 11:19 - 0000000 _____ () C:\Users\will\AppData\Roaming\SharedSettings.ccs

2015-03-25 10:25 - 2015-04-12 13:03 - 0000133 _____ () C:\Users\will\AppData\Roaming\WB.CFG

2013-04-11 17:33 - 2013-04-11 17:33 - 0000000 _____ () C:\Users\will\AppData\Roaming\wklnhst.dat

2014-05-03 19:13 - 2014-05-03 19:13 - 0000037 ___SH () C:\Users\will\AppData\Local\70149b02515b3bb20dd492.47983420

2014-07-21 16:35 - 2014-07-21 16:35 - 174596376 _____ () C:\Users\will\AppData\Local\ACCCx2_7_0_413.zip.aamdownload

2014-07-21 16:35 - 2014-07-21 16:35 - 0002111 _____ () C:\Users\will\AppData\Local\ACCCx2_7_0_413.zip.aamdownload.aamd

2014-12-10 15:29 - 2014-12-10 15:29 - 0254088 _____ () C:\Users\will\AppData\Local\ars.cache

2014-12-10 15:29 - 2014-12-10 15:29 - 0307103 _____ () C:\Users\will\AppData\Local\census.cache

2014-07-24 15:29 - 2014-09-13 18:30 - 0008704 _____ () C:\Users\will\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-07-15 18:27 - 2014-07-15 18:33 - 0000058 _____ () C:\Users\will\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat

2015-03-30 12:25 - 2015-03-30 12:25 - 0274045 _____ () C:\Users\will\AppData\Local\dsi1.dat

2015-03-30 12:25 - 2015-03-30 12:25 - 0161916 _____ () C:\Users\will\AppData\Local\dsi2.dat

2014-12-10 15:06 - 2014-12-10 15:06 - 0000036 _____ () C:\Users\will\AppData\Local\housecall.guid.cache

2014-08-08 12:16 - 2014-08-08 12:16 - 0007597 _____ () C:\Users\will\AppData\Local\Resmon.ResmonCfg

2014-12-07 16:27 - 2014-12-07 16:27 - 0000160 _____ () C:\ProgramData\defraggler_list.txt

2014-04-30 14:30 - 2014-04-30 16:38 - 6696936 _____ (Dell ) C:\ProgramData\Dell Click 2 Fix+-64-bit-V2546.exe

2014-11-26 18:18 - 2014-12-26 11:30 - 0003820 _____ () C:\ProgramData\hpzinstall.log

2014-12-09 15:35 - 2014-12-09 15:35 - 0012719 _____ () C:\ProgramData\ucxrypwh.kkh

2014-09-01 15:30 - 2014-09-01 15:30 - 0001736 _____ () C:\ProgramData\__wdump.txt

Files to move or delete:

====================

C:\ProgramData\Dell Click 2 Fix+-64-bit-V2546.exe

Some zero byte size files/folders:

==========================

C:\Windows\SysWOW64\conhost.exe

C:\Windows\SysWOW64\csrss.exe

C:\Windows\SysWOW64\dwm.exe

C:\Windows\SysWOW64\igfxtray.exe

C:\Windows\SysWOW64\lsass.exe

C:\Windows\SysWOW64\smss.exe

C:\Windows\SysWOW64\spoolsv.exe

C:\Windows\System32\igd10umd32.dll

C:\Windows\System32\igdumd32.dll

C:\Windows\System32\igdumdx32.dll

C:\Windows\System32\MSVBVM60.DLL

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-18 11:22

Run date: 2015-08-20 13:42:55

-----------------------------

13:42:55.923 OS Version: Windows x64 6.2.9200

13:42:55.923 Number of processors: 4 586 0x2A07

13:42:55.923 ComputerName: WILL-LAPTOP UserName: will

13:42:56.986 Initialize success

13:42:57.107 VM: initialized successfully

13:42:57.107 VM: Intel CPU supported

13:43:04.586 VM: disk I/O iaStor.sys

13:43:23.556 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

13:43:23.556 Disk 0 Vendor: ST950032 D005 Size: 476940MB BusType: 3

13:43:23.759 Disk 0 MBR read successfully

13:43:23.759 Disk 0 MBR scan

13:43:23.775 Disk 0 Windows 7 default MBR code

13:43:23.791 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 277657 MB offset 2048

13:43:23.806 Disk 0 Partition - 00 0F Extended LBA 199278 MB offset 568645569

13:43:23.822 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199278 MB offset 568645632

13:43:24.017 Disk 0 scanning C:\WINDOWS\system32\drivers

13:43:40.007 Service scanning

13:44:23.125 Modules scanning

13:44:23.125 Disk 0 trace - called modules:

13:44:23.156 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll

13:44:23.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0001ca5e460]

13:44:23.187 3 CLASSPNP.SYS[fffff80130a546c5] -> nt!IofCallDriver -> [0xffffe000198865d0]

13:44:23.187 5 ACPI.sys[fffff80130871361] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xffffe00019881050]

13:44:23.203 Disk 0 statistics 140995/0/0 @ 4.61 MB/s

13:44:23.218 Scan finished successfully

13:44:35.212 Disk 0 MBR has been saved successfully to "C:\Users\will\Desktop\MBR.dat"

13:44:35.227 The log file has been saved successfully to "C:\Users\will\Desktop\aswMBR.txt"

==================== End of log ============================

Advertisements

Register to Remove

#2 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 04 September 2015 - 04:35 AM

Good Morning

Sorry for the delay, looks like your topic was missed. Sometimes when a computer slows down its not always malware so lets run a few tools and and see what they come up with

-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner TO YOUR DESKTOP

Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Use my link only, do not do a search for AdwCleaner as there is a bogus copy going around by scammers

Do not click on any links in the top Advertisment.

Close all open programs and internet browsers.

Double click on AdwCleaner.exe to run the tool.

Click on Scan.

After the scan is complete click on "Clean"

Confirm each time with Ok.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the content of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

===============================================================================

Please download Junkware Removal Tool TO YOUR DESKTOP

Download the one from Bleeping Computer

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

===============================================================================

Download Malwarebytes' Anti-Malware TO YOUR DESKTOP

Windows XP : Double click on the icon to run it.

Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

0841859c-1a35-4dbd-b41a-e720629e3e22_zps

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#3 Wilbert Hippenst

Authentic Member

Authentic Member
203 posts

Posted 05 September 2015 - 06:01 AM

Good morning,

Thanks for the help delay is not a problem.

here are the logs:

# AdwCleaner v5.005 - Logfile created 04/09/2015 at 15:58:33

# Updated 31/08/2015 by Xplode

# Database : 2015-08-31.2 [Server]

# Operating system : Windows 7 Professional Service Pack 1 (x64)

# Username : Will - WILL-PC

# Running from : C:\Users\Will\Downloads\AdwCleaner.exe

# Option : Cleaning

# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc

[-] Folder Deleted : C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil

[-] Folder Deleted : C:\Users\Will\AppData\LocalLow\HPAppData

***** [ Files ] *****

[-] File Deleted : C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : elicpjhcidhpjomhibiffojpinpmmpil

[-] [C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : faoigfclahgbjjjaopddafnnapmeppnc

[-] [C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fkjlohfdjcjhmfcabomglnciodlnplhk

[-] [C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : oalbpfagfhfkcmklpdanadjpbfdedndn

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [1637 bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.6.0 (08.31.2015:1)

OS: Windows 7 Professional x64

Ran by Will on Fri 09/04/2015 at 17:31:06.76

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Wise Turbo Checker

Successfully deleted: [Task] C:\Windows\Tasks\Wise Turbo Checker.job

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\Disabled:{2018eb71-06b5-4438-abf4-e40d

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\Disabled:{3049C3E9-B461-4BC5-8870-4C09

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\Disabled:{326E768D-4182-46FD-9C16-1449

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\Disabled:{95D9ECF5-2A4D-4550-BE49-70D4

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\Disabled:{AA58ED58-01DD-4d91-8333-CF10

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\Disabled:{B4F3A835-0E21-4959-BA22-42B3

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Disabled:{2018eb71-06b5-4438-abf4-e40d

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Disabled:{3049C3E9-B461-4BC5-8870-4C09

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Disabled:{326E768D-4182-46FD-9C16-1449

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Disabled:{95D9ECF5-2A4D-4550-BE49-70D4

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Disabled:{AA58ED58-01DD-4d91-8333-CF10

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\Disabled:{B4F3A835-0E21-4959-BA22-42B3

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\Disabled:{2018eb71-06b5-4438-abf4-e40d

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\Disabled:{3049C3E9-B461-4BC5-8870-4C09

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\Disabled:{326E768D-4182-46FD-9C16-1449

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\Disabled:{95D9ECF5-2A4D-4550-BE49-70D4

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\Disabled:{AA58ED58-01DD-4d91-8333-CF10

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\Disabled:{B4F3A835-0E21-4959-BA22-42B3

~~~ Files

Successfully deleted: [File] C:\Users\Will\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ajpgkpeckebdhofmmjfgcjjiiejpodla_0.localstorage

Successfully deleted: [File] C:\Users\Will\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ajpgkpeckebdhofmmjfgcjjiiejpodla_0.localstorage-journal

~~~ Folders

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla

Successfully deleted: [Folder] C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj

Successfully deleted: [Folder] C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil

[C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

ajpgkpeckebdhofmmjfgcjjiiejpodla

bmnlcjabgnpnenekpadlanbbkooimhnj

elicpjhcidhpjomhibiffojpinpmmpil

[C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Will\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[

ajpgkpeckebdhofmmjfgcjjiiejpodla,

bmnlcjabgnpnenekpadlanbbkooimhnj,

elicpjhcidhpjomhibiffojpinpmmpil

]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 09/04/2015 at 17:38:22.70

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 9/4/2015

Scan Time: 4:20 PM

Logfile:

Administrator: Yes

Version: 2.1.8.1057

Malware Database: v2015.09.04.07

Rootkit Database: v2015.08.16.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Will

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 489590

Time Elapsed: 25 min, 33 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 117

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\addon, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\cookies, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\homepage, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\incognito, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\info, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\logging, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\logging\appenders, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\popups, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\sender, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\file, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\preferences, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\registry, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\tabs, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\uninstall, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils\compression, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\voicebox, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\web, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\windows, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\xhr, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\bus, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\caching, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\capture, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\dca, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\diagnostic, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\eula, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\event, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\exceptions, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\strategies, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\update, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\config, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\parser, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\providers, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\utils, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalReader, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\machine, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\notification, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\partnerActivation, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\session, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\settings, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\substitution, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\utils, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\voicebox, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\web, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\icons, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\interfaces, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\_metadata, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

Files: 450

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\CodeExecutor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\CodeExecutorFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\ConnectionPort.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\ContentEventsObserver.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\ContentMessagesRetriever.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\contentScripts.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\content\WebRequestListenerMixin.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\cookies\CookieManager.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\cookies\CookieManagerFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\homepage\HomepageTracker.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\incognito\Mode.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\info\Environment.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\logging\appenders\ConsoleAppender.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\popups\PopupsFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\popups\PopupsTracker.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\sender\ExternalEventSender.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\sender\ExternalSenderFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\StorageFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\WebStorage.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\file\FileStorage.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\preferences\PreferenceObserver.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\preferences\PreferenceStorageNotifier.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\storage\registry\RegistryStorage.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\tabs\Tab.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\tabs\TabController.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\tabs\TabVisibilityWatcher.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\uninstall\UninstallExecutor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils\Generators.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils\compression\Adler32Calculator.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils\compression\CompressorFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils\compression\DeflateCompressor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\utils\compression\RawDeflateCompressor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\voicebox\ImageVoicebox.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\voicebox\VoiceboxFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\web\WebRequestCache.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\web\WebRequestObserver.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\windows\ChromeWindow.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\windows\WindowController.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\xhr\ErrorMessageProcessor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\xhr\NetworkErrorList.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\xhr\Request.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\chrome\xhr\RequestFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\Core.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\CoreInitializer.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\CoreListenerInterface.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\CoreListenerPrototype.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\HeaderProcessor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\ModuleInterface.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\ReportableSubject.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\capture\CaptureType.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\capture\CaptureTypeChangeNotifier.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\capture\CaptureTypeModule.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\capture\Type.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\ExtensionProcedures.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\UninstallerProcedures.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\InstallDetails.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\InstallDetailsProvider.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\InstallProcedures.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\PostInstallPageCoordinator.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\strategies\AbstractInstallStrategy.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\strategies\InstallAPIStrategy.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\strategies\InstallEXTStrategy.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\install\strategies\InstallSDKStrategy.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\update\CorePostUpdateListener.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\extensionManager\update\UpdateProcedures.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSCacheDispatcher.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSCompressionProcessor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSConfigRetriever.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSDataComposingProcessor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSDataSender.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSServiceFactory.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\EJSServiceListener.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ExecutorController.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ExternalJSCacheCleaner.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ExternalJSController.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ExternalJSSettings.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ModuleController.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ModulesApplier.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\ModulesApplierInterface.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\config\ExternalJSModule.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\config\ExternalJSResult.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\config\ExternalJSScript.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\parser\ExternalJSModuleParser.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\parser\ExternalJSScriptParser.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\parser\ExternalJSServiceConfigParser.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\providers\EJSModuleServiceConfigProvider.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\utils\DelayedExecutor.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalJS\utils\EJSResultScheduler.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\externalReader\RegistryExternalReader.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\settings\dcaSettings.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\settings\OptionsChangeNotifier.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\core\settings\OptionsListenerInterface.js, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\icons\logo128.png, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\icons\logo16.png, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

PUP.Optional.ConsumerInput, C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc\3.2.0.3224_0\icons\logo48.png, Quarantined, [9e4930fb8cff0a2cee1346b907fb51af],

Physical Sectors: 0

(No malicious items detected)

(end)

Computer is faster now I need to clean up some stuff I don't use

#4 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 05 September 2015 - 06:17 AM

Will, open up FRST, make sure to checkmark Additions, run a new scan and post both new logs please

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#5 Wilbert Hippenst

Authentic Member

Authentic Member
203 posts

Posted 05 September 2015 - 12:04 PM

good afternoon,

here are the scans:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
Ran by Will (administrator) on WILL-PC (05-09-2015 13:54:37)
Running from C:\Users\Will\Downloads
Loaded Profiles: Will (Available Profiles: Will)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\Scanner Mouse\Scanner Mouse.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\Scanner Mouse\Scanner Mouse Monitoring.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(RealityMine Ltd) C:\Program Files\PointsPanel\UsageMonitor.WindowsService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3391712 2015-04-20] (Mister Group)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-31] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139624 2015-08-20] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\...\Run: [PointsPanel] => C:\Program Files\PointsPanel\UsageMonitor.UI.App.exe [219496 2015-08-30] (RealityMine Ltd)
HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\...\Run: [PointsPanelHealthcheck] => C:\Program Files\PointsPanel\UsageMonitor.HealthCheck.exe [12136 2015-08-30] (RealityMine Ltd)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2013-12-17]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2013-12-17]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-08-11]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [2013-10-22] (Hewlett-Packard Co.)
Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk [2015-08-20]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-04-05]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Mouse.lnk [2015-04-27]
ShortcutTarget: Scanner Mouse.lnk -> C:\Program Files (x86)\Scanner Mouse\Scanner Mouse.exe ()
BootExecute: autocheck autochk * sdnclean64.exe?
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D01FC6C2-F9DD-4360-8CCC-0D917F740762}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{D01FC6C2-F9DD-4360-8CCC-0D917F740762}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.msn.com/en-us/?pfr=1
SearchScopes: HKLM -> Backup.Old.DefaultScope {7CCCA2B3-EE78-4266-9D60-A932C239082B}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000 -> Backup.Old.DefaultScope {7CCCA2B3-EE78-4266-9D60-A932C239082B}
SearchScopes: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000 -> {0753F9C6-E743-8F1D-6DA7-27AAC1EC8B6E} URL =
SearchScopes: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000 -> {E68068A2-1DD9-408E-B674-614EF2216E40} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-02-05] (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> Disabled:{2018eb71-06b5-4438-abf4-e40df31e0be5} -> No File
BHO-x32: No Name -> Disabled:{3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO-x32: No Name -> Disabled:{326E768D-4182-46FD-9C16-1449A49795F4} -> No File
BHO-x32: No Name -> Disabled:{95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> No File
BHO-x32: No Name -> Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO-x32: No Name -> Disabled:{B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-02-05] (LastPass)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-02-05] (LastPass)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpIdfPlugin.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\r875a98f.default
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Yahoo
FF DefaultSearchEngine.US: Amazon.com
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-05] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-05] (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-21] (RealPlayer Cloud)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2812265994-3346922550-1866879431-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Will\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Extension: LastPass - C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\r875a98f.default\Extensions\support@lastpass.com [2015-03-12]
FF Extension: EPUBReader - C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\r875a98f.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-04-05]
FF Extension: D-Link Toolbar - C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\r875a98f.default\Extensions\{926a10d2-4ce7-4331-b96f-ca4e22590fac} [2015-08-10]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\r875a98f.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2014-11-12]
FF Extension: Video Downloader Professional - C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\r875a98f.default\Extensions\ffext_basicvideoext@startpage24.xpi [2014-11-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-03]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-11-25]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.mymsn.com/","https://www.google.c...trackid=sp-006"
CHR DefaultSearchURL: Default -> "url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Floorplanner) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2015-08-10]
CHR Extension: (Instrumente) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahchimdkljhhfjkklkafookapgikdhkk [2015-08-10]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-09-05]
CHR Extension: (Dictanote - Speech Recognizer) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk [2015-08-10]
CHR Extension: (BeFunky Photo Editor) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab [2015-08-10]
CHR Extension: (Send this page by email) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcamgnkjooghefjjfgfhnepedkodbgec [2015-08-10]
CHR Extension: (Chrome Tips Beta (by Google)) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdmbgfhokojnnaliemjgbahnfeggocpe [2015-08-10]
CHR Extension: (WiBit) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejaaogemoligmkbmeafkhnaegkggihf [2015-08-10]
CHR Extension: (YouTube) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-10]
CHR Extension: (Honey) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-09-05]
CHR Extension: (Movies Downloader) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniohfejmhpjpljbllpgohpaloanjgjf [2015-08-10]
CHR Extension: (Form Filler) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2015-08-10]
CHR Extension: (Nimbus Screenshot) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2015-08-10]
CHR Extension: (FVD Suggestions) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoielngcdpgeldnckhponffkiajaobo [2015-08-10]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2015-08-10]
CHR Extension: (Adblock Plus) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-10]
CHR Extension: (Google Search) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-10]
CHR Extension: (Email this page (by Google)) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2015-08-10]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-08-10]
CHR Extension: (ICE Quick Stream) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2015-08-10]
CHR Extension: (eyeCare - Protect your vision) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeeningnfkaonkonalpcicgemnnijjhn [2015-08-10]
CHR Extension: (Bloody Pressure) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemipfoeaegklklcngpmdbaemegjdbdl [2015-08-10]
CHR Extension: (Pixlr-o-matic) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2015-08-10]
CHR Extension: (Video Downloader professional) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-09-05]
CHR Extension: (Converter) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\elogiihmdefhdcainoihdcfpnfbimpnd [2015-08-10]
CHR Extension: (Dashlane) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2015-09-04]
CHR Extension: (Snapshot 2) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffgfedebnhmhkcfhhjoikplfafgpihpo [2015-08-10]
CHR Extension: (PointsPanel) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdiepnleooeediljndacognlaenjeaga [2015-08-30]
CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2015-08-10]
CHR Extension: (Video Downloader Super) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-08-10]
CHR Extension: (The Camelizer) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-08-10]
CHR Extension: (Dictionary by Dictionary.com) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh [2015-08-10]
CHR Extension: (History Eraser) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2015-08-10]
CHR Extension: (Downloads Folder Launcher) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhianpphjibhflcnebkmkkdojjigbjd [2015-08-10]
CHR Extension: (Webcam) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbhgamgannegfcmholgllkakldhajeg [2015-08-10]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-08-10]
CHR Extension: (FabCam) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-08-10]
CHR Extension: (Where to delete an account) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf [2015-08-10]
CHR Extension: (Dictionary) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpgblgbmcleigbahedfgempmpnlkhhpk [2015-08-10]
CHR Extension: (Apps Launcher) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmgkhchjindcjamnckoiahagecjnkdc [2015-08-10]
CHR Extension: (Clearly) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-08-10]
CHR Extension: (Vine Video Download) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\jebahcljabjndemkadpdnablhinojkil [2015-08-10]
CHR Extension: (Family Medical Info) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobbajojigcglfmadbkgjmnacpifklbp [2015-08-10]
CHR Extension: (Autodesk Homestyler) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2015-08-10]
CHR Extension: (Malware Search) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleioieeffejophokeklefchfglgmnk [2015-08-10]
CHR Extension: (Unit Convertor) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf [2015-08-10]
CHR Extension: (TouristEye Planner) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjpejalhlnocbhggpnokneghfenoneg [2015-08-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Webcam Toy) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-08-10]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-08-10]
CHR Extension: (Google Maps) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-08-10]
CHR Extension: (Puzzle for Chrome) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbalnpbcmecdckpghgacibglihkgamkl [2015-08-10]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-08-10]
CHR Extension: (Google Mail Checker) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-08-10]
CHR Extension: (CashControl) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\mioaopmpfgkncgbbfnmpoegppfcgmoek [2015-08-10]
CHR Extension: (Universal Unit Converter) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkejlpknmikohhgdelefdeeieplkog [2015-08-10]
CHR Extension: (Similar Sites) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2015-08-10]
CHR Extension: (Webutation) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfclfmabiojpommfcalfdgjjeaahnjbj [2015-08-10]
CHR Extension: (QR Image from URL) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nioihlfoddilijjjeknopfcbglallkce [2015-08-10]
CHR Extension: (Wikipedia Instant) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnikhpimclelcopmneehjglfppbnojd [2015-08-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-06]
CHR Extension: (Fast Video Downloader) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nocpfkkbaekckhcoekockfbidpcjgkbd [2015-08-10]
CHR Extension: (Personal Blocklist (by Google)) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef [2015-08-10]
CHR Extension: (OneClick Cleaner App) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadiaahhieelhhffeofkdchgfpjehjok [2015-08-10]
CHR Extension: (PotatoSmile) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbpfagfhfkcmklpdanadjpbfdedndn [2015-09-04]
CHR Extension: (Camera) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmpffnppnlgkgmbgidhhjcglloeejpg [2015-08-10]
CHR Extension: (Travelmath) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpimeaclblbaodahnhhmlblagijlnad [2015-08-10]
CHR Extension: (Print Friendly & PDF) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2015-08-10]
CHR Extension: (Click&Clean App) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-08-10]
CHR Extension: (Gmail) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]
CHR HKLM-x32\...\Chrome\Extension: [gdiepnleooeediljndacognlaenjeaga] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-08-21] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-30] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1059240 2015-08-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-07-19] (AOMEI Tech Co., Ltd.)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R2 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-08-13] (Hewlett-Packard Company)
R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-02] (Malwarebytes Corporation)
S3 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-07-03] (NETGEAR)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PointsPanelSvc; C:\Program Files\PointsPanel\UsageMonitor.WindowsService.exe [28008 2015-08-30] (RealityMine Ltd)
S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-21] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3446224 2015-07-19] (Paramount Software UK Ltd)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 1999-12-31] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com) [File not signed]
S4 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
S4 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-07-19] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-07-19] () [File not signed]
S3 ampa; C:\Windows\system32\ampa.sys [17008 2015-04-05] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2015-04-05] ()
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-07-19] () [File not signed]
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-27] (Glarysoft Ltd)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-07-02] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-05-14] ()
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [169480 2015-02-23] (Windows ® Win 7 DDK provider)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [12760 2014-07-21] (Paramount Software UK Ltd)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-08-08] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2015-08-08] ()
S4 SANDRA; no ImagePath
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [151800 2014-02-14] (Ray Hinchliffe)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid.sys [292056 2009-03-23] (Trident Multimedia Technologies Co.,Ltd) [File not signed]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-05 13:49 - 2015-09-05 13:50 - 00124067 _____ C:\Users\Will\Downloads\Addition.txt
2015-09-05 13:47 - 2015-09-05 13:54 - 00044680 _____ C:\Users\Will\Downloads\FRST.txt
2015-09-05 13:47 - 2015-09-05 13:47 - 02188800 _____ (Farbar) C:\Users\Will\Downloads\FRST64.exe
2015-09-05 11:50 - 2015-09-05 11:50 - 00034617 _____ C:\Users\Will\Downloads\cssemerg68309 (1).diagcab
2015-09-05 11:49 - 2015-09-05 11:49 - 00034617 _____ C:\Users\Will\Downloads\cssemerg68309.diagcab
2015-09-05 11:18 - 2015-09-05 11:30 - 00000400 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2015-09-05 11:18 - 2015-09-05 11:18 - 00003212 _____ C:\Windows\System32\Tasks\Wise Turbo Checker
2015-09-05 11:15 - 2015-09-05 11:15 - 02229408 _____ (WiseCleaner.com ) C:\Users\Will\Downloads\WPUSetup (1).exe
2015-09-05 11:13 - 2015-09-05 11:13 - 02637624 _____ (WiseCleaner.com ) C:\Users\Will\Downloads\WRCFree (1).exe
2015-09-05 11:08 - 2015-09-05 11:08 - 01534184 _____ (WiseCleaner.com ) C:\Users\Will\Downloads\WMOSetup.exe
2015-09-05 11:08 - 2015-09-05 11:08 - 00001218 _____ C:\Users\Public\Desktop\Wise Memory Optimizer.lnk
2015-09-05 11:08 - 2015-09-05 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer
2015-09-05 11:06 - 2015-09-05 11:16 - 00000000 ____D C:\Users\Will\AppData\Roaming\Wise Registry Cleaner
2015-09-05 11:06 - 2015-09-05 11:14 - 00001198 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2015-09-05 11:06 - 2015-09-05 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2015-09-05 11:05 - 2015-09-05 11:05 - 04305112 _____ (WiseCleaner.com ) C:\Users\Will\Downloads\WPCASetup.exe
2015-09-05 11:05 - 2015-09-05 11:05 - 00001124 _____ C:\Users\Public\Desktop\Wise PC 1stAid.lnk
2015-09-05 11:05 - 2015-09-05 11:05 - 00000000 ____D C:\Users\Will\AppData\Roaming\Wise PC 1stAid
2015-09-05 11:05 - 2015-09-05 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise PC 1stAid
2015-09-05 11:03 - 2015-09-05 11:03 - 00000000 ____D C:\Users\Will\AppData\Roaming\Wise Plugin Manager
2015-09-05 11:02 - 2015-09-05 11:03 - 00000000 ____D C:\Users\Will\AppData\Roaming\UpdateInfo
2015-09-05 11:02 - 2015-09-05 11:02 - 01985264 _____ (WiseCleaner.com ) C:\Users\Will\Downloads\WPMSetup.exe
2015-09-05 11:02 - 2015-09-05 11:02 - 00001199 _____ C:\Users\Public\Desktop\Wise Plugin Manager.lnk
2015-09-05 11:02 - 2015-09-05 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Plugin Manager
2015-09-05 11:00 - 2015-09-05 11:16 - 00000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2015-09-04 16:14 - 2015-09-05 11:43 - 00035473 _____ C:\Windows\WindowsUpdate.log
2015-09-04 16:14 - 2015-09-04 16:14 - 00002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-09-04 16:14 - 2015-09-04 16:14 - 00000000 ____D C:\Users\Will\AppData\Roaming\AVG
2015-09-04 16:14 - 2015-08-04 14:25 - 00041688 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-09-04 16:14 - 2015-08-04 14:25 - 00030424 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-09-04 16:14 - 2015-08-04 14:25 - 00025816 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-09-04 16:04 - 2015-09-05 11:29 - 00002750 _____ C:\Windows\PFRO.log
2015-09-04 09:24 - 2015-09-04 09:24 - 04139808 _____ C:\Users\Will\Downloads\advisorinstaller.exe
2015-09-04 09:24 - 2015-09-04 09:24 - 00002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-09-04 09:24 - 2015-09-04 09:24 - 00002091 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-09-04 09:17 - 2015-09-04 09:20 - 09717497 _____ C:\Users\Will\Downloads\0001-Install_Win10_1003_07282015-1.zip
2015-09-04 09:04 - 2015-09-04 09:05 - 09724053 _____ C:\Users\Will\Downloads\0003-Install_Win10_10003_08202015 (1).zip
2015-09-04 09:03 - 2015-09-04 09:04 - 09724053 _____ C:\Users\Will\Downloads\0003-Install_Win10_10003_08202015.zip
2015-09-04 08:51 - 2015-09-05 11:30 - 00000112 _____ C:\Windows\setupact.log
2015-09-04 08:51 - 2015-09-04 08:51 - 00000000 _____ C:\Windows\setuperr.log
2015-09-04 08:20 - 2015-09-05 11:19 - 00000000 ____D C:\Program Files (x86)\Dashlane
2015-09-04 08:20 - 2015-09-04 08:20 - 00000000 ____D C:\Users\Will\AppData\Local\Packages
2015-09-03 09:35 - 2015-09-03 09:35 - 00000000 ____D C:\Users\Will\Documents\NeroVideo
2015-09-03 09:26 - 2015-09-03 09:26 - 00235912 _____ C:\Users\Will\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-03 09:26 - 2015-09-03 09:26 - 00002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-03 09:26 - 2015-09-03 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-03 08:19 - 2015-09-03 08:19 - 00000000 ____D C:\KVRT_Data
2015-09-03 07:19 - 2015-09-03 07:19 - 00000045 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2015-09-02 19:44 - 2015-09-02 19:44 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-02 19:43 - 2015-09-02 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-02 19:40 - 2015-09-02 19:40 - 00000930 _____ C:\Users\Public\Desktop\AVG.lnk
2015-09-02 19:40 - 2015-09-02 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-09-02 19:37 - 2015-09-04 16:14 - 00000000 ____D C:\ProgramData\Avg
2015-09-02 19:36 - 2015-09-02 19:40 - 00000000 ____D C:\Users\Will\AppData\Local\AvgSetupLog
2015-09-02 12:14 - 2015-09-02 12:14 - 00000000 ___HD C:\$Windows.~WS
2015-09-02 09:26 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-02 08:01 - 2015-09-02 08:01 - 00000000 ____D C:\ProgramData\ATI
2015-09-02 08:00 - 2015-09-02 08:00 - 00000000 ____D C:\Users\Will\AppData\Roaming\library_dir
2015-09-02 07:59 - 2015-09-02 09:46 - 00000000 ____D C:\Users\Will\AppData\Roaming\Raptr
2015-09-02 07:59 - 2015-09-02 09:46 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-09-02 07:57 - 2015-09-02 07:57 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-31 08:19 - 2015-08-31 08:19 - 00000000 ____D C:\Users\Will\AppData\Roaming\Sun
2015-08-31 08:19 - 2015-08-31 08:19 - 00000000 ____D C:\Users\Will\.oracle_jre_usage
2015-08-31 08:17 - 2015-08-31 08:17 - 00584288 _____ (Oracle Corporation) C:\Users\Will\Downloads\chromeinstall-8u60.exe
2015-08-31 07:52 - 2015-09-03 08:56 - 00000000 ____D C:\EEK
2015-08-31 07:52 - 2015-08-31 07:52 - 00000750 _____ C:\Users\Will\Desktop\Start Emsisoft Emergency Kit.lnk
2015-08-31 07:48 - 2015-08-31 07:51 - 165611376 _____ C:\Users\Will\Downloads\EmsisoftEmergencyKit.exe
2015-08-30 08:34 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointsPanel
2015-08-30 08:34 - 2015-08-30 08:34 - 00000000 ____D C:\Program Files\PointsPanel
2015-08-30 07:49 - 2015-08-30 07:49 - 00000000 ____D C:\Users\Will\Documents\TomTom
2015-08-29 11:55 - 2015-08-29 11:56 - 00000000 ____D C:\ProgramData\Google
2015-08-29 11:54 - 2015-08-30 07:36 - 00000000 ____D C:\Program Files (x86)\360
2015-08-29 09:38 - 2015-08-29 09:38 - 00000803 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-08-29 09:38 - 2015-08-29 09:38 - 00000000 ____D C:\Program Files\Speccy
2015-08-29 09:37 - 2015-08-29 09:37 - 05127432 _____ (Piriform Ltd) C:\Users\Will\Downloads\spsetup128.exe
2015-08-29 09:35 - 2015-08-31 08:19 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 01:12 - 2015-09-04 16:05 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e086eb37eae7.job
2015-08-27 01:12 - 2015-09-04 16:05 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e086eadf438e.job
2015-08-27 01:12 - 2015-09-02 17:48 - 00004004 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0e086eb37eae7
2015-08-27 01:12 - 2015-09-02 17:48 - 00003752 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0e086eadf438e
2015-08-25 19:36 - 2015-08-25 19:36 - 23151448 _____ (SUPERAntiSpyware) C:\Users\Will\Downloads\SAS_302D809.EXE
2015-08-24 07:52 - 2015-08-24 07:52 - 00891383 _____ C:\Users\Will\Downloads\serial.zip
2015-08-21 07:54 - 2015-08-21 07:54 - 00000000 ____D C:\Users\Will\AppData\Roaming\SUPERAntiSpyware.com
2015-08-21 07:53 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-21 07:53 - 2015-08-21 07:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-21 07:53 - 2015-08-21 07:53 - 00001815 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-21 07:47 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-08-21 07:47 - 2015-08-21 07:47 - 00001050 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-08-21 07:47 - 2015-08-21 07:47 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-08-20 08:55 - 2015-08-20 08:55 - 04776448 _____ C:\Users\Will\Downloads\pygame-1.9.2a0-hg_5974ff8dae3c%2B.win32-py3.4.msi
2015-08-20 08:46 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-08-20 08:46 - 2015-08-20 08:46 - 00000000 ____D C:\Users\Will\AppData\Local\pip
2015-08-20 08:45 - 2015-08-20 08:46 - 00000000 ____D C:\Python34
2015-08-20 08:43 - 2015-08-20 08:43 - 24846336 _____ C:\Users\Will\Downloads\python-3.4.3.msi
2015-08-20 08:06 - 2015-08-20 08:07 - 32321905 _____ C:\Users\Will\Downloads\py4inf-003.zip
2015-08-20 08:02 - 2015-08-20 08:03 - 00000022 _____ C:\Users\Will\Downloads\code.zip
2015-08-19 11:53 - 2015-08-19 11:53 - 00297904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2015-08-19 11:52 - 2015-08-19 11:52 - 00313264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-08-19 03:00 - 2015-08-19 03:00 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 03:00 - 2015-08-19 03:00 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 03:00 - 2015-08-10 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 03:00 - 2015-08-10 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-13 12:45 - 2015-08-13 12:45 - 00000000 ____D C:\Windows\System32\Tasks\Nero
2015-08-13 11:31 - 2015-08-13 11:31 - 02220688 _____ (Microsoft Corporation) C:\Users\Will\Downloads\MSNHomepage.EXE
2015-08-13 08:35 - 2015-08-13 08:35 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\Will\Downloads\HPSupportSolutionsFramework-12.0.30.81 (1).exe
2015-08-13 08:34 - 2015-08-13 08:34 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-08-13 08:30 - 2015-08-13 08:31 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\Will\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-08-12 13:34 - 2015-08-12 13:34 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 13:34 - 2015-08-12 13:34 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 09:33 - 2015-08-12 09:33 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 09:33 - 2015-08-12 09:33 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 09:33 - 2015-08-12 09:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 09:33 - 2015-08-12 09:33 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 09:33 - 2015-08-12 09:33 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 09:33 - 2015-08-12 09:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 09:33 - 2015-08-12 09:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 09:33 - 2015-08-12 09:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 09:32 - 2015-08-12 09:32 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 09:31 - 2015-08-12 09:31 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 09:31 - 2015-08-12 09:31 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 09:31 - 2015-08-12 09:31 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 09:31 - 2015-08-12 09:31 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 09:31 - 2015-08-12 09:31 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 09:31 - 2015-08-12 09:31 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 09:31 - 2015-08-12 09:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 09:31 - 2015-08-12 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 09:31 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 09:31 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 09:30 - 2015-08-12 09:30 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 09:30 - 2015-08-12 09:30 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 09:30 - 2015-08-12 09:30 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 09:30 - 2015-08-12 09:30 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 09:30 - 2015-08-12 09:30 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 09:30 - 2015-08-12 09:30 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 09:30 - 2015-08-12 09:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 09:30 - 2015-08-12 09:30 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 09:30 - 2015-08-12 09:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 08:26 - 2015-08-11 08:28 - 00000000 ____D C:\ProgramData\Ralink
2015-08-11 08:14 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
2015-08-11 08:14 - 2015-08-11 08:14 - 02056192 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 01597440 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 01050624 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 01050624 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 00718848 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2015-08-11 08:14 - 2015-08-11 08:14 - 00305152 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 00104448 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 00104448 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 00000000 ____D C:\ProgramData\Ralink Driver
2015-08-11 08:14 - 2015-08-11 08:14 - 00000000 ____D C:\Program Files (x86)\Ralink
2015-08-11 08:14 - 2015-08-11 08:14 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-08-11 08:14 - 2009-08-04 17:47 - 00013931 _____ C:\Windows\SysWOW64\RaCoInst.dat
2015-08-11 08:14 - 2009-08-04 17:47 - 00013931 _____ C:\Windows\system32\RaCoInst.dat
2015-08-11 07:45 - 2015-08-11 07:45 - 00000000 ____D C:\Users\Will\Tracing
2015-08-11 07:09 - 2015-08-04 20:32 - 00007884 _____ C:\Windows\system32\Drivers\cmdguard.cat
2015-08-10 14:54 - 2015-08-14 08:14 - 00000000 ____D C:\Users\Will\Documents\Quicken
2015-08-10 14:00 - 2015-08-10 14:06 - 00000000 ____D C:\$SysReset
2015-08-09 17:13 - 2015-09-02 23:16 - 00000000 ____D C:\Recovery
2015-08-09 12:54 - 2015-07-10 06:30 - 00000001 ___SH C:\BOOTNXT
2015-08-09 10:08 - 2015-08-09 10:08 - 00001140 _____ C:\Windows\PWCMDLST.BAK
2015-08-08 11:24 - 2015-08-08 11:26 - 19648448 _____ (Microsoft Corporation) C:\Users\Will\Downloads\MediaCreationToolx64 (2).exe
2015-08-08 11:01 - 2015-08-08 10:48 - 03066880 _____ C:\Windows\system32\pwNative.exe
2015-08-08 11:01 - 2015-08-08 10:48 - 00019152 ____N C:\Windows\system32\pwdrvio.sys
2015-08-08 11:01 - 2015-08-08 10:48 - 00012504 ____N C:\Windows\system32\pwdspio.sys
2015-08-08 10:48 - 2015-09-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0
2015-08-08 10:48 - 2015-08-08 10:48 - 00001150 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk
2015-08-08 10:47 - 2015-08-08 11:01 - 00000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-08-08 10:45 - 2015-08-08 10:46 - 31973976 _____ (MiniTool Solution Ltd. ) C:\Users\Will\Downloads\pwfree9.exe
2015-08-07 14:59 - 2015-08-09 13:50 - 00003488 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000
2015-08-07 14:59 - 2015-08-09 13:50 - 00003352 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2812265994-3346922550-1866879431-1000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-05 13:54 - 2015-03-19 12:58 - 00000000 ____D C:\FRST
2015-09-05 13:38 - 2014-10-08 14:06 - 00000000 ____D C:\Users\Will\AppData\Roaming\Skype
2015-09-05 11:49 - 2009-07-14 00:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-05 11:49 - 2009-07-14 00:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-05 11:40 - 2015-07-03 08:50 - 00000000 ____D C:\ProgramData\MFAData
2015-09-05 11:33 - 2014-02-16 10:12 - 00000000 ____D C:\Users\Will\AppData\Roaming\Wise Care 365
2015-09-05 11:32 - 2011-12-13 20:23 - 00000000 ____D C:\TEMP
2015-09-05 11:30 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-05 11:23 - 2014-02-16 10:11 - 00000000 ____D C:\Program Files (x86)\Wise
2015-09-05 07:59 - 2015-07-02 10:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-04 16:14 - 2015-07-13 09:41 - 00000000 ____D C:\Users\Will\AppData\Local\Avg
2015-09-04 16:14 - 2015-07-03 08:52 - 00000000 ____D C:\Program Files (x86)\AVG
2015-09-04 15:58 - 2015-07-07 19:04 - 00000000 ____D C:\AdwCleaner
2015-09-04 09:24 - 2014-05-28 08:37 - 00000000 ____D C:\Program Files (x86)\Belarc
2015-09-04 09:12 - 2015-07-27 08:53 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-09-03 09:26 - 2012-08-30 15:54 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-03 09:16 - 2013-09-13 07:02 - 00000000 ____D C:\Users\Will\AppData\Local\CrashDumps
2015-09-03 09:12 - 2012-11-15 13:33 - 00000000 ____D C:\Program Files (x86)\Broderbund
2015-09-03 09:12 - 2012-07-27 09:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-03 07:32 - 2012-08-29 10:23 - 00000000 ____D C:\Users\Will\AppData\Local\Google
2015-09-02 23:10 - 2015-07-27 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Click Enhancer
2015-09-02 23:10 - 2015-07-27 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-09-02 23:10 - 2015-07-19 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2015-09-02 23:10 - 2015-07-02 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-02 23:10 - 2015-06-13 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-09-02 23:10 - 2015-06-02 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-02 23:10 - 2015-05-24 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-09-02 23:10 - 2015-04-27 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanner Mouse
2015-09-02 23:10 - 2015-04-24 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2015-09-02 23:10 - 2015-04-17 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-02 23:10 - 2015-04-14 09:58 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-09-02 23:10 - 2015-04-14 09:58 - 00000000 ____D C:\Windows\system32\vbox
2015-09-02 23:10 - 2015-04-05 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 5.6
2015-09-02 23:10 - 2015-03-31 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Processor Identification Utility
2015-09-02 23:10 - 2015-03-11 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC YTD Downloader MP3 Converter Pro
2015-09-02 23:10 - 2015-03-10 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2013
2015-09-02 23:10 - 2015-01-20 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2015-09-02 23:10 - 2015-01-13 11:14 - 00000000 ____D C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Classic 6
2015-09-02 23:10 - 2014-12-26 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-09-02 23:10 - 2014-12-24 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Stamp Remover
2015-09-02 23:10 - 2014-12-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
2015-09-02 23:10 - 2014-12-06 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-02 23:10 - 2014-12-01 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities
2015-09-02 23:10 - 2014-11-24 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PT Photo Editor
2015-09-02 23:10 - 2014-11-09 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2015-09-02 23:10 - 2014-11-09 11:51 - 00000000 ____D C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2015-09-02 23:10 - 2014-10-08 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-02 23:10 - 2014-09-05 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-09-02 23:10 - 2014-09-05 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-09-02 23:10 - 2014-08-21 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor
2015-09-02 23:10 - 2014-07-15 08:56 - 00000000 ____D C:\Windows\en
2015-09-02 23:10 - 2014-05-10 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2015-09-02 23:10 - 2014-04-23 09:55 - 00000000 ____D C:\Program Files\AMD
2015-09-02 23:10 - 2014-04-23 09:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-02 23:10 - 2014-04-16 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-09-02 23:10 - 2014-03-08 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-09-02 23:10 - 2014-03-01 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditto
2015-09-02 23:10 - 2014-02-24 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
2015-09-02 23:10 - 2014-02-23 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC DNS Switch
2015-09-02 23:10 - 2014-02-20 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown
2015-09-02 23:10 - 2014-02-16 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-09-02 23:10 - 2014-02-15 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2015-09-02 23:10 - 2014-02-09 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bvckup 2
2015-09-02 23:10 - 2014-02-03 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2015-09-02 23:10 - 2014-01-25 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiBit
2015-09-02 23:10 - 2014-01-18 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2015-09-02 23:10 - 2014-01-05 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartClose
2015-09-02 23:10 - 2013-12-20 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Cutout Guide
2015-09-02 23:10 - 2013-12-18 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart OCR Pro
2015-09-02 23:10 - 2013-12-10 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-09-02 23:10 - 2013-12-06 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-09-02 23:10 - 2013-11-25 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-09-02 23:10 - 2013-11-25 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-02 23:10 - 2013-11-16 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2015-09-02 23:10 - 2013-11-06 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 3.0 SE
2015-09-02 23:10 - 2013-10-22 07:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-02 23:10 - 2013-10-19 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube to MP3 Converter
2015-09-02 23:10 - 2013-10-19 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
2015-09-02 23:10 - 2013-09-29 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postimage
2015-09-02 23:10 - 2013-09-16 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ring Factory
2015-09-02 23:10 - 2013-09-13 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tinySpell
2015-09-02 23:10 - 2013-08-14 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer
2015-09-02 23:10 - 2013-08-14 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Converter
2015-09-02 23:10 - 2013-07-21 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-02 23:10 - 2013-07-15 03:00 - 00000000 ____D C:\Windows\system32\MRT
2015-09-02 23:10 - 2013-06-30 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-09-02 23:10 - 2013-06-19 09:51 - 00000000 ____D C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-02 23:10 - 2013-04-23 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility
2015-09-02 23:10 - 2013-04-01 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-09-02 23:10 - 2013-03-29 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-09-02 23:10 - 2013-01-22 11:30 - 00000000 ____D C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2015-09-02 23:10 - 2013-01-22 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2015-09-02 23:10 - 2012-12-30 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mplayer
2015-09-02 23:10 - 2012-12-30 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2015-09-02 23:10 - 2012-12-09 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Dennison
2015-09-02 23:10 - 2012-12-09 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-02 23:10 - 2012-12-07 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCR Media Formats
2015-09-02 23:10 - 2012-12-07 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySoftware
2015-09-02 23:10 - 2012-12-06 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2015-09-02 23:10 - 2012-11-21 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author
2015-09-02 23:10 - 2012-11-15 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMaster
2015-09-02 23:10 - 2012-11-04 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA1100 Smart Wizard
2015-09-02 23:10 - 2012-09-23 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-09-02 23:10 - 2012-09-03 14:07 - 00000000 ____D C:\Windows\SysWOW64\spool
2015-09-02 23:10 - 2012-09-03 13:42 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-02 23:10 - 2012-09-03 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-09-02 23:10 - 2012-08-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-09-02 23:10 - 2012-08-30 04:27 - 00000000 __SHD C:\Windows\system32\%APPDATA%
2015-09-02 23:10 - 2012-08-27 10:51 - 00000000 ____D C:\Users\Will
2015-09-02 23:10 - 2012-07-27 09:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go
2015-09-02 23:10 - 2012-07-27 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-02 23:10 - 2012-07-27 09:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-09-02 23:10 - 2012-07-27 09:44 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-09-02 23:10 - 2012-07-27 09:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-02 23:10 - 2011-12-26 11:49 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-09-02 23:10 - 2011-03-09 12:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-09-02 23:10 - 2010-11-21 03:17 - 00000000 ____D C:\Windows\ShellNew
2015-09-02 23:10 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 __RSD C:\Windows\Media
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Recovery
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Resources
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Cursors
2015-09-02 23:10 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-02 22:15 - 2015-04-24 09:06 - 00000000 ____D C:\ProgramData\Comodo
2015-09-02 19:52 - 2015-07-03 08:50 - 00000000 ____D C:\Users\Will\AppData\Local\Avg2015
2015-09-02 19:43 - 2015-07-03 08:52 - 00000000 ____D C:\ProgramData\AVG2015
2015-09-02 19:28 - 2015-07-13 09:42 - 00000315 _____ C:\Windows\SysWOW64\userawacs.cfg
2015-09-02 19:27 - 2015-07-13 09:42 - 00000140 _____ C:\Windows\SysWOW64\usergui.cfg
2015-09-02 19:26 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-09-02 17:49 - 2015-03-06 11:11 - 00022798 _____ C:\Windows\diagerr.xml
2015-09-02 17:49 - 2015-03-06 11:11 - 00020958 _____ C:\Windows\diagwrn.xml
2015-09-02 17:48 - 2012-08-27 14:08 - 00032220 _____ C:\Windows\system32\emptyregdb.dat
2015-09-02 17:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-09-02 17:17 - 2014-04-23 09:50 - 00000000 ____D C:\AMD
2015-09-02 16:51 - 2015-03-27 10:56 - 00008192 __RSH C:\BOOTSECT.BAK
2015-09-02 16:44 - 2011-03-08 19:38 - 00000000 ____D C:\Windows\Panther
2015-09-02 09:53 - 2012-08-27 12:19 - 00000000 ____D C:\Users\HomeGroupUser$
2015-09-02 09:47 - 2015-04-24 08:39 - 00000000 ____D C:\ProgramData\SystemExplorer
2015-09-02 09:47 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-02 09:47 - 2014-10-24 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-09-02 09:47 - 2012-08-29 10:17 - 00000000 ____D C:\Users\Public\CyberLink
2015-09-02 09:47 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-02 09:46 - 2014-10-24 09:13 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-09-02 09:44 - 2014-02-26 10:47 - 00000000 ____D C:\Program Files\ATI
2015-09-02 09:44 - 2013-11-25 08:21 - 00000000 ____D C:\Users\Will\AppData\Roaming\TeamViewer
2015-09-02 09:44 - 2013-11-21 20:07 - 00000000 ____D C:\Users\Public\Documents\My Projects
2015-09-02 07:52 - 2014-09-03 08:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2015-08-31 08:25 - 2013-04-25 11:30 - 00000000 ____D C:\Program Files\Java
2015-08-31 08:25 - 2013-03-14 10:31 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 08:11 - 2012-12-07 17:14 - 00000000 ____D C:\Program Files (x86)\NCR Media Formats
2015-08-30 08:35 - 2013-01-10 09:48 - 00000000 ____D C:\Users\Will\AppData\Local\IsolatedStorage
2015-08-30 07:57 - 2009-07-14 01:13 - 00923602 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-30 07:54 - 2014-10-10 11:26 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2015-08-30 07:50 - 2012-12-08 13:04 - 00000000 ____D C:\Users\Will\AppData\Local\Downloaded Installations
2015-08-29 12:17 - 2015-04-05 12:54 - 00001024 ____H C:\AMTAG.BIN
2015-08-29 12:17 - 2015-04-05 12:54 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.6
2015-08-29 11:46 - 2013-02-14 11:21 - 00000000 ____D C:\Users\Will\AppData\Local\Deployment
2015-08-29 09:30 - 2012-08-29 10:21 - 00000000 ____D C:\Users\Will\AppData\Local\Apps\2.0
2015-08-27 12:44 - 2014-10-25 12:24 - 00000000 ____D C:\Qoobox
2015-08-27 12:34 - 2009-07-13 22:34 - 00000215 _____ C:\Windows\system.ini
2015-08-27 12:33 - 2014-10-25 12:22 - 00000000 ____D C:\Windows\erdnt
2015-08-27 12:12 - 2013-07-16 03:25 - 30670848 _____ C:\Windows\system32\config\components.bak
2015-08-27 12:12 - 2009-07-13 22:34 - 31719424 _____ C:\Windows\system32\config\system.bak
2015-08-27 12:12 - 2009-07-13 22:34 - 118489088 _____ C:\Windows\system32\config\software.bak
2015-08-27 12:12 - 2009-07-13 22:34 - 05505024 _____ C:\Windows\system32\config\default.bak
2015-08-27 12:12 - 2009-07-13 22:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-08-27 12:12 - 2009-07-13 22:34 - 00065536 _____ C:\Windows\system32\config\sam.bak
2015-08-27 12:09 - 2010-11-20 23:23 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00256000 _____ C:\Windows\PEV.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00098816 _____ C:\Windows\sed.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00080412 _____ C:\Windows\grep.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00068096 _____ C:\Windows\zip.exe
2015-08-27 11:57 - 2014-10-25 12:27 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-27 08:22 - 2012-08-30 15:54 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-27 08:22 - 2012-08-30 15:54 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 10:39 - 2014-11-24 11:28 - 00000000 ____D C:\Users\Public\Documents\PT Photo Editor
2015-08-21 09:46 - 2012-11-22 11:02 - 00000336 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-21 07:51 - 2012-07-27 09:55 - 00000000 ____D C:\ProgramData\Temp
2015-08-20 09:54 - 2014-12-01 10:47 - 00000000 ____D C:\Program Files (x86)\WinUtilities
2015-08-20 08:45 - 2015-02-24 22:42 - 00102912 _____ (Python Software Foundation) C:\Windows\pyw.exe
2015-08-20 08:45 - 2015-02-24 22:42 - 00102400 _____ (Python Software Foundation) C:\Windows\py.exe
2015-08-19 07:22 - 2014-04-23 09:30 - 00000490 _____ C:\Windows\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job
2015-08-13 11:20 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 09:13 - 2013-08-16 09:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-13 09:03 - 2014-03-02 12:03 - 00000000 ____D C:\Users\Will\Desktop\Photo
2015-08-13 09:03 - 2014-03-02 11:54 - 00000000 ___RD C:\Users\Will\Desktop\video
2015-08-13 08:34 - 2014-12-17 10:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-13 07:43 - 2013-08-16 09:51 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-13 07:43 - 2013-08-16 09:51 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-13 07:43 - 2009-07-14 00:45 - 05338040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 07:39 - 2014-12-11 04:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 07:39 - 2014-05-06 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 13:33 - 2012-07-27 09:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 13:33 - 2012-07-27 09:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 13:31 - 2012-08-29 16:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 13:24 - 2009-07-13 22:34 - 00000513 _____ C:\Windows\win.ini
2015-08-12 13:10 - 2012-09-01 06:28 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 08:35 - 2012-11-04 11:57 - 00000000 ____D C:\Program Files (x86)\Verizon
2015-08-11 08:34 - 2015-03-11 10:10 - 00002425 _____ C:\Users\Will\Uninstall-VzInHomeAgentlog.log
2015-08-11 08:34 - 2012-11-04 11:57 - 00000000 ____D C:\Users\Will\AppData\Roaming\Verizon
2015-08-11 07:34 - 2015-06-13 08:56 - 00000000 ____D C:\Users\Will\Desktop\learn
2015-08-10 12:00 - 2012-12-09 10:38 - 00000000 ___RD C:\Users\Will\Google Drive
2015-08-10 09:26 - 2015-04-24 09:46 - 00402944 _____ (Farbar) C:\Users\Will\Desktop\MiniToolBox.exe
2015-08-10 07:56 - 2014-04-30 13:00 - 00001024 ____H C:\SYSTAG.BIN
2015-08-10 07:56 - 2014-04-30 12:48 - 00000082 _____ C:\Windows\SysWOW64\winsevr.dat
2015-08-10 07:28 - 2015-03-30 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-09 20:04 - 2012-08-30 15:46 - 00000000 ____D C:\Users\Will\AppData\Roaming\InstallShield
2015-08-09 19:54 - 2012-07-27 09:39 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-09 17:08 - 2015-07-03 08:40 - 00000000 ____D C:\Users\Will\AppData\Local\NETGEARGenie
2015-08-09 16:11 - 2014-08-30 09:43 - 00000000 ____D C:\ProgramData\InstallShield
2015-08-09 15:45 - 2012-11-22 11:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
2015-08-09 13:50 - 2015-07-27 08:53 - 00003418 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-08-09 13:50 - 2015-07-27 08:53 - 00003078 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-08-09 13:50 - 2015-04-06 11:33 - 00003382 _____ C:\Windows\System32\Tasks\{8976BB68-0E68-4899-9445-963CD4042517}
2015-08-09 13:50 - 2015-04-05 11:21 - 00003996 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-09 13:50 - 2015-03-06 12:15 - 00003092 _____ C:\Windows\System32\Tasks\{D69D8BE0-2013-4C3A-B044-6A1A79D325DC}
2015-08-09 13:50 - 2015-03-06 12:14 - 00003092 _____ C:\Windows\System32\Tasks\{F5DE0543-01B7-48C0-B73B-E6B36EF74E6B}
2015-08-09 13:50 - 2015-03-06 12:13 - 00003092 _____ C:\Windows\System32\Tasks\{920B29B9-6D94-4498-BC4B-049B02C7A276}
2015-08-09 13:50 - 2014-11-21 12:03 - 00003572 _____ C:\Windows\System32\Tasks\RealDownloader Update Check
2015-08-09 13:50 - 2014-10-26 11:16 - 00003510 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000
2015-08-09 13:50 - 2014-10-26 11:16 - 00003374 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2812265994-3346922550-1866879431-1000
2015-08-09 13:50 - 2014-08-21 10:17 - 00003372 _____ C:\Windows\System32\Tasks\MSSSORT
2015-08-09 13:50 - 2014-07-04 07:59 - 00003284 _____ C:\Windows\System32\Tasks\{5EA58483-EFB6-40C2-8D1A-5D85C2D89EAA}
2015-08-09 13:50 - 2014-07-04 07:48 - 00003284 _____ C:\Windows\System32\Tasks\{C386BB0B-C0CF-4A8A-8253-DED15071563E}
2015-08-09 13:50 - 2014-07-04 07:47 - 00003284 _____ C:\Windows\System32\Tasks\{D722F52F-3EDD-4C8E-90F6-55F5E899CDAD}
2015-08-09 13:50 - 2014-05-10 09:17 - 00003214 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-08-09 13:50 - 2014-05-10 09:17 - 00003212 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-08-09 13:50 - 2014-05-09 18:01 - 00003270 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-08-09 13:50 - 2014-05-09 18:01 - 00003244 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-08-09 13:50 - 2014-05-09 18:01 - 00003242 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-08-09 13:50 - 2014-04-23 09:30 - 00003484 _____ C:\Windows\System32\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404
2015-08-09 13:50 - 2014-02-15 13:31 - 00003594 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2015-08-09 13:50 - 2014-02-15 13:31 - 00003576 _____ C:\Windows\System32\Tasks\Motorola Device Manager Engine
2015-08-09 13:50 - 2014-02-15 13:31 - 00003402 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2015-08-09 13:50 - 2013-12-08 11:48 - 00003080 _____ C:\Windows\System32\Tasks\{65070978-79DA-44F1-B2F4-1927999227BB}
2015-08-09 13:50 - 2013-10-23 09:36 - 00003336 _____ C:\Windows\System32\Tasks\{1D2A8D09-45BF-4AA6-A27A-01CBE7CEC191}
2015-08-09 13:50 - 2013-09-17 13:23 - 00003724 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 6520 series
2015-08-09 13:50 - 2013-08-16 09:51 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-09 13:50 - 2013-07-16 07:28 - 00004028 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{70B937ED-2D2C-4ECB-8C88-A5D155B39F65}
2015-08-09 13:50 - 2013-04-23 13:00 - 00003558 _____ C:\Windows\System32\Tasks\MotoCast Update
2015-08-09 13:50 - 2013-02-16 10:42 - 00003228 _____ C:\Windows\System32\Tasks\{B1A6B38D-CF56-473C-8A16-040E4566DC0E}
2015-08-09 13:50 - 2012-12-30 10:39 - 00003530 _____ C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000
2015-08-09 13:50 - 2012-12-08 10:13 - 00003848 _____ C:\Windows\System32\Tasks\Divx online update program
2015-08-09 13:50 - 2012-12-04 13:11 - 00003402 _____ C:\Windows\System32\Tasks\4589
2015-08-09 13:50 - 2012-11-22 13:50 - 00003488 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000
2015-08-09 13:50 - 2012-11-22 11:02 - 00003452 _____ C:\Windows\System32\Tasks\HP Photo Creations Communicator
2015-08-09 13:50 - 2012-10-22 18:15 - 00003352 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2812265994-3346922550-1866879431-1000
2015-08-09 13:50 - 2012-09-16 09:11 - 00003786 _____ C:\Windows\System32\Tasks\HP online update program
2015-08-09 13:50 - 2012-09-15 12:51 - 00003328 _____ C:\Windows\System32\Tasks\{5829E90C-9DE5-4946-B703-24682ECA9FA5}
2015-08-09 13:50 - 2012-09-15 12:51 - 00003128 _____ C:\Windows\System32\Tasks\{556A306A-81C6-4559-8B6E-48FBB5615393}
2015-08-09 13:50 - 2012-09-05 13:01 - 00003180 _____ C:\Windows\System32\Tasks\{F4507230-DFEA-42FA-B245-DBCDD9B0C704}
2015-08-09 13:50 - 2012-09-03 12:02 - 00003866 _____ C:\Windows\System32\Tasks\Real Player online update program
2015-08-09 13:50 - 2012-09-03 12:02 - 00003814 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2015-08-09 13:50 - 2012-08-30 15:54 - 00004004 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-09 13:50 - 2012-08-30 15:54 - 00003752 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-09 13:50 - 2012-08-30 13:06 - 00003804 _____ C:\Windows\System32\Tasks\Adobe online update program

==================== Files in the root of some directories =======

2013-01-03 23:16 - 2013-01-03 23:16 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-01-22 11:30 - 2014-02-05 11:27 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-12-26 10:36 - 2013-12-28 12:29 - 0000373 _____ () C:\Users\Will\AppData\Roaming\burnaware.ini
2013-01-16 11:34 - 2014-01-12 10:11 - 0007859 _____ () C:\Users\Will\AppData\Roaming\pcouffin.cat
2013-01-16 11:34 - 2014-01-12 10:11 - 0001167 _____ () C:\Users\Will\AppData\Roaming\pcouffin.inf
2013-01-16 11:34 - 2014-01-12 10:11 - 0000033 _____ () C:\Users\Will\AppData\Roaming\pcouffin.log
2013-01-16 11:34 - 2014-01-12 10:11 - 0082816 _____ (VSO Software) C:\Users\Will\AppData\Roaming\pcouffin.sys
2012-11-04 11:57 - 2012-11-04 11:57 - 0012520 _____ () C:\Users\Will\AppData\Roaming\VCA-install.log
2013-12-03 10:48 - 2013-12-03 10:48 - 0004464 _____ () C:\Users\Will\AppData\Roaming\VCA-uninstall.log
2013-08-14 12:23 - 2013-08-14 12:23 - 0000056 _____ () C:\Users\Will\AppData\Roaming\WB.CFG
2014-01-27 12:05 - 2014-01-27 12:05 - 0000000 _____ () C:\Users\Will\AppData\Roaming\wklnhst.dat
2013-07-14 10:59 - 2014-10-05 10:05 - 0223946 _____ () C:\Users\Will\AppData\Local\ars.cache
2013-07-14 11:01 - 2014-10-05 10:05 - 1310545 _____ () C:\Users\Will\AppData\Local\census.cache
2013-07-14 10:42 - 2013-07-14 10:42 - 0000036 _____ () C:\Users\Will\AppData\Local\housecall.guid.cache
2014-02-03 10:58 - 2015-07-02 07:14 - 0014451 _____ () C:\Users\Will\AppData\Local\HWVendorDetection.log
2013-03-23 09:21 - 2014-01-31 09:44 - 0007597 _____ () C:\Users\Will\AppData\Local\Resmon.ResmonCfg
2014-10-05 09:53 - 2014-10-05 09:53 - 0000010 _____ () C:\Users\Will\AppData\Local\sponge.last.runtime.cache
2013-09-17 13:20 - 2013-09-17 13:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-09-03 12:15 - 2015-04-06 09:56 - 0060438 _____ () C:\ProgramData\hpzinstall.log
2013-01-10 09:46 - 2015-01-20 10:12 - 0000935 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some zero byte size files/folders:
==========================
C:\Windows\System32\D3DIM700.DLL
C:\Windows\System32\igdumd32.dll
C:\Windows\System32\olepro32.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-02 22:08

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-09-2015
Ran by Will (2015-09-05 13:55:13)
Running from C:\Users\Will\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2812265994-3346922550-1866879431-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2812265994-3346922550-1866879431-1004 - Limited - Enabled)
Guest (S-1-5-21-2812265994-3346922550-1866879431-501 - Limited - Disabled)
Will (S-1-5-21-2812265994-3346922550-1866879431-1000 - Administrator - Enabled) => C:\Users\Will

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Out of date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Comodo Defense+ (Disabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip (HKLM-x32\...\7-Zip 9.2.0) (Version: 9.2.0 - 7-Zip)
7-Zip (Version: 9.2.0 - 7-Zip) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Aiseesoft DVD Copy 5.0.12 (HKLM-x32\...\{4F23DE27-8262-4c5a-9D7E-223FF16D9968}_is1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter Ultimate 5.5.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Standard Edition 5.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
AVG (HKLM\...\AvgZen) (Version: 1.3.1.13616 - AVG Technologies)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies)
AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG Zen (Version: 1.3.3 - AVG Technologies) Hidden
Belarc Advisor 8.5a (HKLM-x32\...\Belarc Advisor) (Version: 8.5.1.0 - Belarc Inc.)
BenVista PhotoZoom Classic 6.0 (HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\...\PhotoZoom Classic 6) (Version: 6.0 - BenVista Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bvckup 2 (Beta release 59) (HKLM\...\Bvckup2) (Version: - )
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
ChrisPC DNS Switch 1.00 (HKLM-x32\...\{ECE17478-56C5-4280-AB67-AC2C2CAFA30F}_is1) (Version: - Chris P.C. srl)
ChrisPC YTD Downloader MP3 Converter Pro 1.40 (HKLM-x32\...\{6006089C-9ABC-4F18-ABCD-123456789812}_is1) (Version: - Chris P.C. srl)
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Cropper (HKLM-x32\...\{26F29691-9764-4FC4-A5BF-A515DE8C23E6}) (Version: 1.9.4 - Fusion8Design)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1607 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Ditto (HKLM\...\Ditto_is1) (Version: - Scott Brogden)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Dualpix Chat and Show (HKLM-x32\...\{45A3B1FC-11B6-4292-B1E3-4A0B8DDE5394}) (Version: 4.0.2.1 - Hercules)
dupeGuru (HKLM\...\{C11DACBD-8863-4AA4-94AD-708602F6F7EF}) (Version: 3.9.1 - Hardcoded Software)
dupeGuru Music Edition (HKLM\...\{C51BC104-8666-4F9C-8072-715AE1A69A75}) (Version: 6.8.1 - Hardcoded Software)
dupeGuru Picture Edition (HKLM\...\{C9A60D50-28B0-4BCB-B720-1ECACA351F09}) (Version: 2.10.1 - Hardcoded Software)
Duplicate Cleaner Free 3.2.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.4 - DigitalVolcano Software Ltd) <==== ATTENTION
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
FMW 1 (Version: 1.4.1 - AVG Technologies) Hidden
Fotosizer 2.05 (HKLM-x32\...\Fotosizer) (Version: 2.05.0.536 - Fotosizer.com)
Free Disc Burner version 3.0.25.1122 (HKLM-x32\...\Free Disc Burner_is1) (Version: 3.0.25.1122 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.52.1122 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.8.1122 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.8.1122 - DVDVideoSoft Ltd.)
Free Video to DVD Converter version 5.0.52.1122 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.52.1122 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Glary Utilities 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hercules Webcam Deluxe (HKLM-x32\...\{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}) (Version: 3.2.2.5 - Hercules)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
honestech VHS to DVD 3.0 SE (x32 Version: 3.0 - Honest Technology) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{F144E07C-4019-4092-BE25-B57819C97D2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Image Converter (HKLM-x32\...\Image Converter Image Converter) (Version: 1.0.0 - Image Converter)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Indeo® software (HKLM-x32\...\Indeo® software) (Version: - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iSkysoft Video Editor(Build 4.1.2) (HKLM-x32\...\iSkysoft Video Editor_is1) (Version: - iSkysoft Software)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.4.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
Konvertor (remove only) (HKLM-x32\...\Konvertor) (Version: 5.03.Build 2 - Logipole)
LandDesigner 3D (HKLM-x32\...\{35AD3ED1-6708-4850-A809-9AA8C35BC36C}) (Version: - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Leawo Video Converter version 5.3.0.0 (HKLM-x32\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version: 5.3.0.0 - Leawo Software Co.,Ltd.)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.0 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 6.0.708 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Maxtor Central Axis Manager (HKLM-x32\...\InstallShield_{560EFF7F-252D-4841-89CD-4EEB76D5FC1F}) (Version: 2.60.0050 - Seagate Technology)
Maxtor Central Axis Manager (x32 Version: 2.60.0050 - Seagate Technology) Hidden
MediaMonkey 3.2 (HKLM-x32\...\MediaMonkey_is1) (Version: 3.2 - Ventis Media Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.17.2200 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPlayer (remove only) (HKLM-x32\...\Mplayer) (Version: 0.6.9 - )
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyDriveConnect 4.0.2.2123 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.2.2123 - TomTom)
MyLabels Premium (HKLM-x32\...\{05F4061B-93C2-47BD-B8E1-1F71C8DB9949}) (Version: - )
NCR Label Formats for MS Word Setup (HKLM-x32\...\NCR Label Formats for MS Word Setup) (Version: - )
Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.1009 - Nero AG)
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{E4B86819-E9B8-4089-963B-DF5E70E7A05E}) (Version: 11.0.13100 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{F4C242B4-2973-43F3-93F2-ED1B47AE8848}) (Version: 12.0.02000 - Nero AG)
Nero Recode 12 (HKLM-x32\...\{A209E21D-5FCA-4F63-824D-961D9B0D4F40}) (Version: 12.0.00300 - Nero AG)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )
Perfect Effects 4.0.4 (HKLM-x32\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.4 - onOne Software)
Perfect Effects 9 (HKLM-x32\...\Perfect Effects 9 PE) (Version: 9.5.0 - on1)
Photo Stamp Remover 7.1 (HKLM-x32\...\Photo Stamp Remover_is1) (Version: 7.1 - SoftOrbits)
Picture Cutout Guide 3.0.2 (HKLM\...\Picture Cutout Guide_is1) (Version: 3.0.2 - Tint Guide)
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
PointsPanel (HKLM-x32\...\{31661875-1c91-471d-b05c-b4d1bea571a9}) (Version: 1.2.1.0 - RealityMine Ltd)
PointsPanel x64 1.2.1.0 (Version: 1.2.1.0 - RealityMine Ltd) Hidden
Postimage version 1.0.1 (HKLM-x32\...\{B8BAF53F-4680-44A4-AF64-9934F924676B}_is1) (Version: 1.0.1 - Postimage)
Prerequisite installer (x32 Version: 12.0.0008 - Nero AG) Hidden
PrintMaster (HKLM-x32\...\{A35C2323-3CEA-405C-9569-EF5DDE930B2F}) (Version: - Broderbund LLC)
PT Photo Editor 2.1.2 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 2.1.2 - PHOTO-TOOLBOX.COM)
Punch! Super Home Suite (HKLM-x32\...\Punch! Super Home Suite) (Version: - )
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Python 3.4 pygame-1.9.2a0 (HKLM-x32\...\{A4C8B8DF-5BA4-4AFC-9CED-531CBD9CDF08}) (Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.4.0 - Ralink)
Readiris Pro 12 (HKLM-x32\...\{A24F20F6-3BE3-4D25-BD0C-D7AEF7D180D4}) (Version: 12.00.5639 - I.R.I.S.)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Right Click Enhancer 4.3.6 (HKLM-x32\...\Right Click Enhancer) (Version: 4.3.6 - RBSoft, Inc.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scanner Mouse (HKLM-x32\...\{07245E98-2898-4565-B450-F8D8D3F7BFE0}) (Version: 2.2.2 - Dacuda)
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 434.1 - MIT Media Lab)
Scratch 2 Offline Editor (x32 Version: 255.1 - MIT Media Lab) Hidden
Send To Toys v2.7 (HKLM\...\Send To Toys_is1) (Version: - Gabriele Ponti)
Serif PanoramaPlus X4 (HKLM-x32\...\{35EDE682-4AE5-47D6-B44F-103F859951DC}) (Version: 4.0.3.010 - Serif (Europe) Ltd)
Serif PhotoPlus X4 (HKLM-x32\...\{AFA3224E-8AD6-4EFA-9DBA-A2E499F30282}) (Version: 14.0.2.013 - Serif (Europe) Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
ShellTools (Version: 2.0.1 - Moon Software) Hidden
ShellTools 2.0.1 (HKLM-x32\...\ShellTools 2.0.1) (Version: 2.0.1 - Moon Software)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Shotty - Tiny but impressive screenshot utility (HKLM\...\2e730c18-03e8-4d1d-8fc2-0ee3ea04a765) (Version: 2.0.2.216 - Thomas Baumann)
Sierra Garden Planner (HKLM-x32\...\Garden Planner) (Version: - )
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Smart OCR Pro 3.9.4.512 (HKLM-x32\...\Smart OCR Pro_is1) (Version: 3.9.4.512 - SmartSoft, LLC.)
Smart OCR Pro Office Add-in (HKLM-x32\...\{91E391BF-A9F4-490E-A0B1-BEC3557BD5E4}) (Version: 2.5.0 - Smart Soft LLC.)
SmartClose 1.3 (HKLM-x32\...\SmartClose.{7F22CBCB-92B5-4F5D-9A34-BB690215BEF2}_is1) (Version: 1.3 - BM-productions)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
SoftOrbits Photo Retoucher 2.0 (HKLM-x32\...\SoftOrbits Photo Retoucher_is1) (Version: 2.0 - SoftOrbits)
SoftPerfect WiFi Guard version 1.0.5 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.5 - SoftPerfect Research)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony RAW Driver (HKLM-x32\...\{166FCF01-AC98-4288-A01C-90BEB808C059}) (Version: 2.0.00.08130 - Sony Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 6.4.1 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
tinySpell 1.9.44 (HKLM-x32\...\tinySpell_is1) (Version: - KEDMI Scientific Computing)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Tweaker (HKLM-x32\...\{F6881752-3DD7-44C9-9AC6-D827A1E641CC}) (Version: 5.3.1 - Windows Tweaker)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinUtilities Professional Edition 11.0 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 11.0 - YL Computing, Inc)
WinX DVD Author 6.2 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.)
Wise Auto Shutdown 1.38 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.38 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.94 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.94 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.37 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.37 - WiseCleaner.com, Inc.)
Wise PC 1stAid 1.46 (HKLM-x32\...\Wise PC 1stAid_is1) (Version: 1.46 - WiseCleaner.com, Inc.)
Wise Plugin Manager 1.27 (HKLM-x32\...\Wise Plugin Manager_is1) (Version: 1.27 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 8.71 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.71 - WiseCleaner.com, Inc.)
WonderFox DVD Video Converter version 7.0 (HKLM-x32\...\{278D58D4-2B08-4ABF-957C-F0A2F8A1FBB7}_is1) (Version: 7.0 - WonderFox Soft, Inc)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.7.0.20130104 - Xilisoft)
Xtra Controller Ex (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 4.0.2.1 - Hercules)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Youtube Downloader HD v. 2.9.9.9 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Youtube to MP3 Converter v. 1.4 (HKLM-x32\...\Youtube to MP3 Converter_is1) (Version: - YoutubeDownloaderHD.com)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: - ZONER software)
ZoomEx (HKLM\...\{90BF7A08-EB74-43C7-A12C-A3564B5C58FE}) (Version: 1.0 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{2FFD0D2A-72EA-1ADF-334D-D3850AC5EE95}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Will\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll No File
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{805438E6-926C-314D-E66B-738A3AA2294F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{87BF2BD3-4C30-1BA2-5EA5-F2D183EA5B83}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Will\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll No File
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Will\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll No File
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Will\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncApi64.dll No File
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2812265994-3346922550-1866879431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Will\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

09-08-2015 11:18:11 Scheduled Checkpoint
11-08-2015 05:21:34 Windows Update
11-08-2015 08:31:09 Revo Uninstaller's restore point - Adobe Flash Player 18 NPAPI
11-08-2015 08:34:39 Revo Uninstaller's restore point - Vz In-Home Agent
11-08-2015 08:35:58 Revo Uninstaller's restore point - Yahtzee (remove only)
12-08-2015 09:13:55 Windows Backup
12-08-2015 13:08:15 Windows Update
13-08-2015 08:32:11 Installed HP Support Solutions Framework
13-08-2015 09:05:11 Created by Wise Care 365
18-08-2015 06:00:37 Windows Update
19-08-2015 03:00:10 Windows Update
20-08-2015 08:44:48 Installed Python 3.4.3
20-08-2015 08:56:52 Installed Python 3.4 pygame-1.9.2a0
25-08-2015 03:19:11 Windows Update
27-08-2015 08:30:19 JRT Pre-Junkware Removal
28-08-2015 04:11:50 Windows Update
29-08-2015 12:01:06 Removed Java 8 Update 25
29-08-2015 12:07:39 Revo Uninstaller's restore point - Magisto
30-08-2015 07:51:33 Installed TomTom HOME.
30-08-2015 07:53:29 Installed TomTom HOME.
30-08-2015 08:34:08 PointsPanel
31-08-2015 08:23:49 Removed Java 8 Update 51
31-08-2015 08:25:17 Removed Java 8 Update 51 (64-bit)
01-09-2015 04:34:55 Windows Update
02-09-2015 07:49:53 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
02-09-2015 07:51:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
02-09-2015 08:25:34 Revo Uninstaller's restore point - Google Chrome
02-09-2015 08:53:47 Revo Uninstaller's restore point - Google Chrome
02-09-2015 09:40:24 Restore Operation
02-09-2015 10:11:09 Windows Update
02-09-2015 19:37:54 Removed COMODO Antivirus
02-09-2015 19:42:09 Installed AVG 2015
02-09-2015 19:42:31 Installed AVG 2015
03-09-2015 08:02:07 JRT Pre-Junkware Removal
03-09-2015 09:07:53 Revo Uninstaller's restore point - Google Chrome
03-09-2015 09:11:58 Revo Uninstaller's restore point - Family Lawyer 2004
03-09-2015 09:12:22 Removed Family Lawyer 2004
04-09-2015 17:31:08 JRT Pre-Junkware Removal
05-09-2015 11:18:49 Revo Uninstaller's restore point - Dashlane
05-09-2015 11:21:04 Revo Uninstaller's restore point - AVG PC TuneUp 2015
05-09-2015 11:21:38 Removed AVG PC TuneUp 2015
05-09-2015 11:23:00 Revo Uninstaller's restore point - Wise Program Uninstaller 1.73

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-08-27 12:33 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003ED456-756C-45B9-8DBF-B15F8790A791} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {04CCA353-5317-4965-AC73-CC3393752D11} - System32\Tasks\{F5DE0543-01B7-48C0-B73B-E6B36EF74E6B} => C:\Users\Will\Documents\JigSawedME.exe
Task: {05D13717-1A16-4AB9-A552-90B4D3F785F9} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-12-21] ()
Task: {090523D2-EF23-4FC7-9ACD-76E731A56ACC} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e086eadf438e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {095B157C-997C-418D-96A6-645216A2B2D4} - System32\Tasks\{5EA58483-EFB6-40C2-8D1A-5D85C2D89EAA} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {0F683004-3E84-4114-AFA2-5C8AC4F4E74F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-08-13] (Hewlett-Packard)
Task: {10C4BF59-5B4A-41C4-9653-C0CC9E133648} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {10D98E6C-6FEC-4647-96FC-D07BB6C462C9} - System32\Tasks\{D69D8BE0-2013-4C3A-B044-6A1A79D325DC} => C:\Users\Will\Documents\JigSawedME.exe
Task: {12051800-A9D2-4B9A-A2FA-47640E136028} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {14C4BEAD-6CB4-44BB-B616-0D1EC8FBFB48} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {17DE0711-7E57-47D1-9A76-D3BEE72CDB0D} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {233808C6-76C8-429A-B7A8-98DA408A145B} - System32\Tasks\WiseCleaner\WPUSkipUAC => C:\Program Files (x86)\Wise\Wise Program Uninstaller\WiseProgramUninstaller.exe
Task: {251CD765-A382-4CC9-A105-12233C3FEC69} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-08-13] (Nero AG)
Task: {2601D832-A506-4F82-ACAD-BD4F85BA1FE5} - System32\Tasks\{5829E90C-9DE5-4946-B703-24682ECA9FA5} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Adobe\Photoshop 7.0\ImageReady.exe"
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {308F90DB-EAB5-4B06-9D01-94CB2EC7A14C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {319280EE-708E-4C06-AAD8-20361234B695} - System32\Tasks\{F4507230-DFEA-42FA-B245-DBCDD9B0C704} => pcalua.exe -a E:\setup.exe -d E:\
Task: {34743907-3AC4-4D19-AB8E-AE1A5B09D87D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {38CB9558-7250-4279-8DAE-53EC1386D7F1} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-08-21] (WiseCleaner.com)
Task: {3D15066A-5768-46C1-875E-0DA2B9B1020F} - System32\Tasks\{D722F52F-3EDD-4C8E-90F6-55F5E899CDAD} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {3D6DBCC7-22E0-4CFF-ABC9-76CB3631D81B} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {3DF4C9E4-2725-480F-87CA-B3BC0A126627} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-07-27] (Glarysoft Ltd)
Task: {3E0E9D6A-E0DA-4532-957E-15AF69795FAA} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {42DFED0A-5B75-4FCF-89D9-A72EC4130957} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-01-21] (WiseCleaner.COM)
Task: {4C6559E8-928C-4D05-8D98-5578E5C245B8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {4E427901-95EB-4A0E-8808-9B805AAF0660} - System32\Tasks\{C386BB0B-C0CF-4A8A-8253-DED15071563E} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {50A3BEEC-CD1E-4324-9504-DA6CCE90DB69} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {52826DDF-0032-4C2F-B023-32EDBC7436A7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {5907928A-3E5E-4498-A704-E8B2CCE36880} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {74D858B9-CA34-42C6-BA85-1784F61827A4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {7508476A-398A-4B99-8C4A-9CBBF40537D0} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {8D3EDF8B-C82D-42B1-A955-DFDAA887FEA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {9371D31F-34A6-4EA3-96D3-773B6ED28DC2} - System32\Tasks\4589 => Wscript.exe C:\Users\Will\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {9517055F-874F-4355-821B-72B23C79EC61} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9977032D-9E28-41E9-9906-31AEB7BBBD42} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {99B9029B-4577-41D4-83ED-9078B6BAED8C} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-04-05] (Adobe Systems Incorporated)
Task: {9A99E930-B4DA-4A75-A6A3-67163C1047F5} - System32\Tasks\MSSSORT => C:\Program Files (x86)\Maxtor\ManagerApp\msssort.exe [2008-08-05] (Seagate)
Task: {9BF2A884-5B43-47D7-BFB1-AF048E01B5CF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {9EAB197C-9846-4030-80B7-6F39AAA9BEBE} - System32\Tasks\{1D2A8D09-45BF-4AA6-A27A-01CBE7CEC191} => pcalua.exe -a "C:\Users\Will\AppData\Local\Temp\Temp1_adobe photoshop 7.0, with serial.zip\Photoshop\Setup.exe"
Task: {9EC4A542-101B-41B8-A227-84FBA86D4D9F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A67873CD-F358-4C9A-8789-E47B7CF89B57} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B2506001-B35E-4031-B0BB-C1658B659EFC} - System32\Tasks\{B1A6B38D-CF56-473C-8A16-040E4566DC0E} => Chrome.exe http://ui.skype.com/...?LastError=1618
Task: {B2D56531-6275-4DB2-909A-18DBF2BF1E9B} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {B8E9C903-3870-4ABD-B2E8-D827F928B408} - System32\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404 => C:\Program Files (x86)\WinUtilities\ToolDiskDefrag.exe [2013-12-18] (YL Software)
Task: {BCA35813-FA3D-4EBC-8C15-26E4F6220449} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {BCEE4BED-DD1B-409A-8F77-DBB880221E3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BF67E03B-1BD2-4FE2-9C81-0BFB4A06D267} - System32\Tasks\Divx online update program => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-01] ()
Task: {BFCD8497-683D-4D14-9E9B-E6991F6D9BD4} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-27] (Glarysoft Ltd)
Task: {C40D6D90-5FCA-4899-8F49-E991F6EB1A80} - System32\Tasks\{556A306A-81C6-4559-8B6E-48FBB5615393} => C:\Program Files (x86)\Adobe\Photoshop 7.0\ImageReady.exe [2002-04-04] (Adobe Systems Incorporated)
Task: {CEC3F4B7-B094-4BC0-8C65-6EB742B42A8B} - System32\Tasks\Google Updater and Installer => C:\Users\Will\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {DA365633-5361-4A0A-8AAE-803D46A4011E} - System32\Tasks\{65070978-79DA-44F1-B2F4-1927999227BB} => C:\Users\Will\Downloads\Thief.exe
Task: {DD30679F-685D-461C-86C1-36F84665D3C3} - System32\Tasks\WiseCleaner\AidSkipUAC => C:\Program Files (x86)\Wise\Wise PC 1stAid\WisePCAid.exe [2015-08-21] (WiseCleaner.com)
Task: {DEC07E2C-E8B1-4DE4-9C15-8F9529356D0B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E092B0AD-1833-45F0-AD0D-10064BAC3C1D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e086eb37eae7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {E191C386-4B11-4190-996D-52D55F6A09A4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2812265994-3346922550-1866879431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {E73D0859-50CE-4849-80FE-0D91DC57CF5C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-04-05] (Adobe Systems Incorporated)
Task: {F24627A2-935A-40D9-873C-82B8B2B87973} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-31] (Oracle Corporation)
Task: {F546C50C-75A9-4B1C-AE5C-78527EB6AC2B} - System32\Tasks\{8976BB68-0E68-4899-9445-963CD4042517} => pcalua.exe -a C:\Users\Will\AppData\Local\Temp\7zS5DDD\setup\BlockSysUserInstall.exe -d C:\Users\Will\AppData\Local\Temp\7zS5DDD\setup
Task: {F96A2544-29EA-4453-9042-0094A2E1E5CE} - System32\Tasks\WiseCleaner\WMOSkipUAC => C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [2015-08-12] (WiseCleaner.com)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FA4E48EE-EECC-48F6-A50F-29894534D8AD} - System32\Tasks\{920B29B9-6D94-4498-BC4B-049B02C7A276} => C:\Users\Will\Documents\JigSawedME.exe
Task: {FE8B0482-C603-4472-9BCE-DC59AECB7055} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2014-11-21] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e086eadf438e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e086eb37eae7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job => C:\Program Files (x86)\WinUtilities\ToolDiskDefrag.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-09 13:10 - 2014-09-10 11:24 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-18 09:46 - 2011-06-28 20:48 - 00470016 _____ () C:\Program Files (x86)\Smart OCR Pro\ExplorerExt_x64.dll
2015-04-15 16:13 - 2015-04-15 16:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-11-19 15:53 - 2015-04-27 10:16 - 38951016 _____ () C:\Program Files (x86)\Scanner Mouse\Scanner Mouse.exe
2013-11-19 15:33 - 2015-04-27 10:16 - 01991168 _____ () C:\Program Files (x86)\Scanner Mouse\Scanner Mouse Monitoring.exe
2015-08-21 14:21 - 2015-08-21 14:21 - 00009064 _____ () C:\Program Files\PointsPanel\UsageMonitor.DependencyInjection.dll
2015-08-21 14:21 - 2015-08-21 14:21 - 00016744 _____ () C:\Program Files\PointsPanel\UsageMonitor.CPUID.SDK.dll
2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-07-19 08:19 - 2015-07-19 08:19 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-07-19 08:19 - 2015-07-19 08:19 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-07-19 08:19 - 2015-02-26 00:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-07-14 10:55 - 2013-07-14 10:55 - 00000000 _____ () C:\Windows\system32\olepro32.dll
2015-09-02 19:37 - 2015-09-02 19:37 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-08-11 08:14 - 2015-08-11 08:14 - 00860160 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2013-11-19 15:29 - 2013-11-19 15:29 - 01825280 _____ () C:\Program Files (x86)\Scanner Mouse\XOcr.dll
2013-11-19 15:30 - 2013-11-19 15:30 - 01234944 _____ () C:\Program Files (x86)\Scanner Mouse\XSkin.dll
2013-11-19 15:31 - 2013-11-19 15:31 - 00064000 _____ () C:\Program Files (x86)\Scanner Mouse\XRegister.dll
2013-07-24 16:01 - 2013-07-24 16:01 - 00033792 _____ () C:\Program Files (x86)\Scanner Mouse\DLL_OvtApi.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 00019968 _____ () C:\Program Files (x86)\Scanner Mouse\SCCBCore.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 00028160 _____ () C:\Program Files (x86)\Scanner Mouse\OVBaseIF.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 00027648 _____ () C:\Program Files (x86)\Scanner Mouse\DXCore.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 01927680 _____ () C:\Program Files (x86)\Scanner Mouse\isam.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 00153088 _____ () C:\Program Files (x86)\Scanner Mouse\libsvm.dll
2013-07-14 10:55 - 2013-07-14 10:55 - 00000000 _____ () C:\Windows\system32\OLEPRO32.DLL
2015-04-27 10:18 - 2015-04-27 10:18 - 00348160 _____ () C:\Users\Will\AppData\Local\Scanner Mouse\extensions\Evernote\Evernote.dll
2013-11-19 15:28 - 2013-11-19 15:28 - 00096256 _____ () C:\Program Files (x86)\Scanner Mouse\XLogger.dll
2015-04-27 10:18 - 2015-04-27 10:18 - 00359936 _____ () C:\Users\Will\AppData\Local\Scanner Mouse\extensions\GoogleTranslate\GoogleTranslate.dll
2015-04-27 10:18 - 2015-04-27 10:18 - 00179712 _____ () C:\Users\Will\AppData\Local\Scanner Mouse\extensions\ShareFacebook\SharePlugin.dll
2015-04-27 10:18 - 2015-04-27 10:18 - 00179712 _____ () C:\Users\Will\AppData\Local\Scanner Mouse\extensions\ShareFlickr\SharePlugin.dll
2015-04-27 10:18 - 2015-04-27 10:18 - 00179712 _____ () C:\Users\Will\AppData\Local\Scanner Mouse\extensions\ShareTwitter\SharePlugin.dll
2015-04-27 10:18 - 2015-04-27 10:18 - 00101888 _____ () C:\Users\Will\AppData\Local\Scanner Mouse\extensions\WinMail\WinMail.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 00051272 _____ () C:\Program Files (x86)\Scanner Mouse\StartScreenHandler.dll
2014-04-19 10:14 - 2014-11-21 11:57 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-16 04:07 - 2014-10-16 04:07 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-07-27 09:39 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-08-30 16:15 - 2011-09-07 10:43 - 00042280 _____ () C:\Program Files (x86)\Hercules\Dualpix Chat and Show\x86\WebCamKSProxyPlugin.ax
2015-09-03 09:26 - 2015-08-27 20:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 09:26 - 2015-08-27 20:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\ampa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID
AlternateDataStreams: C:\Windows\py.exe:$CmdTcID
AlternateDataStreams: C:\Windows\pyw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ambakdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ammntdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ampa.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amwrtdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\detoured.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pwdrvio.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pwdspio.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pwNative.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\python27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RaCertMgr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RaCoInstx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RAEXTUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RAIHV.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ampa.sys:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\LDMinMax6.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MSINET.OCX:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\RAEXTUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\RAIHV.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\userinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\netr28x.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\Temp:0CFF5F08
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7
AlternateDataStreams: C:\Users\Will\Desktop\MiniToolBox.exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Desktop\MiniToolBox.exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\Attachment.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\chromeinstall-8u60.exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\chromeinstall-8u60.exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\code.zip:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\c_ado65.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\c_cloe01.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\c_wile08.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\c_winh01.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\EmsisoftEmergencyKit.exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\EmsisoftEmergencyKit.exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\HPSupportSolutionsFramework-12.0.30.81 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\HPSupportSolutionsFramework-12.0.30.81 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\MediaCreationToolx64 (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\MediaCreationToolx64 (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\MSNHomepage.EXE:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\MSNHomepage.EXE:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\onlineStatement.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\pwfree9.exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\pwfree9.exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\py4inf-003.zip:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\pygame-1.9.2a0-hg_5974ff8dae3c%2B.win32-py3.4.msi:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\python-3.4.3.msi:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\SAS_302D809.EXE:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\SAS_302D809.EXE:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\serial.zip:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\spsetup128.exe:$CmdTcID
AlternateDataStreams: C:\Users\Will\Downloads\spsetup128.exe:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\worldstarts-exclusive-monthly-emagazine-august-2015-issue-instant-download.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Will\Downloads\w_pacb01.pdf:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 12709 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2812265994-3346922550-1866879431-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Will\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Reminder.lnk => C:\Windows\pss\Event Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1100 Smart Wizard.lnk => C:\Windows\pss\NETGEAR WNA1100 Smart Wizard.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM =>
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: Ditto => C:\Program Files\Ditto\Ditto.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MotoCast => "C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk"
MSCONFIG\startupreg: MyTomTomSA.exe =>
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: Postimage => C:\Program Files (x86)\Postimage\postimage.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_ROC_NT =>
MSCONFIG\startupreg: SweetIM =>
MSCONFIG\startupreg: Sweetpacks Communicator =>
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: WinPatrol Background Change Monitor => C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{5BCCDD31-2909-4A2E-B8DD-3B1773CCD303}C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe] => (Allow) C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe
FirewallRules: [UDP Query User{FAC4243A-2490-45C8-A52E-287258252068}C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe] => (Allow) C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe
FirewallRules: [TCP Query User{94307A84-0A6D-4155-B9D8-4E53C7A12F38}C:\program files (x86)\leawo\video converter\loadingscreen.exe] => (Allow) C:\program files (x86)\leawo\video converter\loadingscreen.exe
FirewallRules: [UDP Query User{2008EB86-F2B6-474B-AA51-A3F6344A924E}C:\program files (x86)\leawo\video converter\loadingscreen.exe] => (Allow) C:\program files (x86)\leawo\video converter\loadingscreen.exe
FirewallRules: [{76BFC24F-4659-4CB7-A0C0-1DD8BD0F6309}] => (Allow) C:\Program Files (x86)\Motorola Media Link\Lite\mml.exe
FirewallRules: [{0A104CDC-7718-4EE5-AEEE-9490898FB83B}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\motocast.exe
FirewallRules: [{87AC3D97-F1BF-46A3-B06F-FCA0870C0568}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\motocast.exe
FirewallRules: [{9C7D6666-E682-4795-B60C-F1BD55612F7B}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
FirewallRules: [{FD1774A6-EFC9-4DAF-A7A5-AB12C44E46AB}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
FirewallRules: [{71BF7640-0F80-4075-B1B4-058BF586BA84}] => (Allow) C:\Users\Will\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EE28FE09-4B5E-4102-B892-E04C123B6224}] => (Allow) C:\Users\Will\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{091C674F-437E-4A77-BF7D-8201FC4A850A}C:\users\will\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\will\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B993F857-8D5A-4012-BD0E-55930F8E8C50}C:\users\will\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\will\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{C1273ACC-00F6-44E1-AE18-647347084CAE}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{18232F44-9A7F-45DF-ABF4-9D0D598EC354}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [{88304F3C-787A-416B-AADF-810661C1361B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A1E77780-282D-4820-A5BD-5B6E546004DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{90574BC6-C8A6-47B3-9D7F-1EEDFC24B2C9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8B5BA6FC-D0E8-48C6-B5F1-656647EBA36E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5A56E3AF-7A6D-43C3-AFE9-9064A0F65511}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{2128855D-9815-4CFD-B471-0337B471986C}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8BA11B32-7E49-4DA3-AEFA-49CEAE1F806E}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2933E5F6-DA8F-46DA-B371-C78C067BDED6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{26A67AFE-FA2B-4969-B54F-AC7D76724A9B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{32A610F9-FDBE-44EB-BA00-68797EA4D90F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{08989100-1A9E-4B4B-BC66-55CC1281A748}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{4C874506-B9A7-4F81-9F66-0B47A135A6B0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{BD00E45B-FA7C-4496-B270-D0AAC9634955}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EE1EBD33-9F75-4752-9ABD-F88E872AD5E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{CB17FC86-BB84-4BF7-A15D-B78B0F44DDCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FA5A0A1A-E505-420D-AFDE-328BDA175D3B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{4B8B6679-CF53-44AD-B11A-81761A87243B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{E45E4577-7F39-4F5E-BCA1-203C4E0F5915}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{8C63609B-4F0C-4F38-8503-2E9982B7A0E9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{2F64864B-489E-4C80-AE0A-01CAF187CB4B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{26BDCF86-ED33-4F1F-8D95-E03BAD36B7F9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{955EEB99-CFF2-41B9-8813-759954E1DB99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{6162DADB-8F89-415D-B787-FE7D8E9BDC77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C4A67A0E-7783-4F1C-9235-702EE6667E46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{81274C9C-3194-4B7C-BD39-FA2715BCCEC8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{250BD566-100B-4969-96D9-CAD8E3A4346B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{18EC1441-EDB1-4B9B-A846-702B3234B461}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{90842A31-F225-49A0-B44F-2EC5C2F9FFB4}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
FirewallRules: [UDP Query User{09BDA57C-E2D0-461E-9FE3-595B4D23C76F}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
FirewallRules: [TCP Query User{8B66525D-34DB-4A16-9536-315A0390F07E}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
FirewallRules: [UDP Query User{290F45ED-8495-494D-9F69-15FF93E7F3B6}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
FirewallRules: [{B8A388CD-6C18-4CA4-9743-EA56925CCA30}] => (Allow) D:1\New folder\TeamViewer.exe
FirewallRules: [{4A75F07A-B9E2-4A8D-A307-618A08C1CA8B}] => (Allow) D:1\New folder\TeamViewer.exe
FirewallRules: [{07A2AD19-EBF5-4E4D-B889-F15F4DB8A41D}] => (Allow) D:1\New folder\TeamViewer_Service.exe
FirewallRules: [{FDD40F2E-89C7-41BB-98FB-74D986A28916}] => (Allow) D:1\New folder\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7439642F-7586-4CD7-97B9-49240084B86B}C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe] => (Block) C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe
FirewallRules: [UDP Query User{63010D71-7B3C-4A5D-A927-41E47AA33F90}C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe] => (Block) C:\program files (x86)\hercules\dualpix chat and show\xtrctrlex.exe
FirewallRules: [{4B0E33E7-4704-496B-B728-3A76E67C4844}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A6C6D7CA-F590-49B8-8580-9CA52366F007}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{86ACCB03-6F3E-42CB-8923-621CD994590A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CB6F5FDB-8A0C-4E61-8DCD-56116956D6AE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{845A0433-95C7-4A7E-839C-DBE952F4C273}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55A94199-BF48-4883-A662-5FB2BE4EE30E}] => (Allow) LPort=2869
FirewallRules: [{54D37346-878B-47D8-A202-7ED2D471DD53}] => (Allow) LPort=1900
FirewallRules: [{4C7C48E4-A29E-47CC-803F-7BA624B4F51F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D28A8DA6-BFC5-4F30-945D-56F2B268A290}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E6358685-1C6E-469F-BC3C-7935AECBC3AA}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{2874F811-1545-480E-B35A-FE88AE60C9E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{306CAF17-AF33-409D-A0C2-36B78C0D2BC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B21CF7A0-D6D1-4C30-A55F-B5BE51F0DF6F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{1258C9F2-84D0-4E22-A70E-0BCE046A9C77}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{687DC99B-0992-489F-A624-EAC3A1B5AAA5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{74D6F4AC-59D6-49E3-8190-ED7593FA61CB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{CC6A1573-BA35-4F0E-8494-8E9D10918C7D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{251804EB-DDDE-4CE3-A743-CAFD499E7FA1}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{EA33D33E-9537-4117-A83F-6C54344075E1}] => (Allow) C:\Users\Will\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{59ADB5DF-BFBB-4FB0-B702-A55F160B6EBA}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{7466C0C9-E57A-42B4-95EB-C995D3682550}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5F500124-A7A2-41A1-8CDB-421AF85103E2}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [UDP Query User{F7AB0502-79A7-4047-BBFF-E55ADFECCF91}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [{125A7584-0DB4-4004-98C6-9256A3855A53}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{9B3F5039-DFBF-48E5-93A3-D0E35C569504}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{246EC93A-CF72-4778-BAE5-0F1A10909FC8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{55CB7406-4CB1-4D1A-9882-0B068F08B915}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{8C0AA895-59D5-4FA7-8963-2BF6F433E044}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{71262888-F9CB-44BD-BA0C-49A891D27978}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{2AA266BC-A325-494C-9CE7-5E4611ABA735}C:\program files (x86)\maxtor\managerapp\maxutilities.exe] => (Allow) C:\program files (x86)\maxtor\managerapp\maxutilities.exe
FirewallRules: [UDP Query User{0B024280-EEE7-40D9-8AF9-5B674B5FBF69}C:\program files (x86)\maxtor\managerapp\maxutilities.exe] => (Allow) C:\program files (x86)\maxtor\managerapp\maxutilities.exe
FirewallRules: [TCP Query User{0A31AA76-9632-4A8E-A8DF-E1B03868F8B5}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
FirewallRules: [UDP Query User{2B2348C2-A31C-42D3-A87F-8B1E54928C13}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
FirewallRules: [{802B1A67-E632-4E78-A347-98CA3E1293B3}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{E2A9DDAF-B6DB-462F-B18C-1D0815075998}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{9D614707-B32C-4DBC-9BCF-1BD0053B8D9F}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{243ED907-2D9F-4E80-9D68-D4FF57C8E322}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{B0304390-53F1-4A44-8601-D78718E1F21D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{59C7DE66-54F6-41DC-AEFA-1C47ECF8706F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{BC8C7036-47D7-4FCD-904F-D2DA59DADCFD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{407A015E-E683-46CE-8BCD-F79456C50A26}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{C23EC438-2F69-4020-A44C-5C0956251C6E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{93DE9A3F-86AE-48E3-B37A-252E361E70B4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{99837A55-582F-4868-B1D0-8BF18123E204}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{5430D1C9-C11E-418F-8B2A-C464A6AE668C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart C5100 series
Description: Photosmart C5100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/05/2015 11:34:28 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (09/05/2015 11:34:28 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (09/05/2015 11:24:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: services.exe, version: 6.1.7601.18829, time stamp: 0x552b23d3
Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196
Exception code: 0xc0000005
Fault offset: 0x00000000000200ea
Faulting process id: 0x294
Faulting application start time: 0xservices.exe0
Faulting application path: services.exe1
Faulting module path: services.exe2
Report Id: services.exe3

Error: (09/04/2015 04:05:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1832) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Will\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (09/03/2015 09:14:34 AM) (Source: MsiInstaller) (EventID: 11706) (User: Will-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (09/03/2015 09:09:34 AM) (Source: MsiInstaller) (EventID: 11706) (User: Will-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (09/03/2015 09:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 44.0.2403.157, time stamp: 0x55d29eef
Faulting module name: chrome.dll, version: 44.0.2403.157, time stamp: 0x55d299e2
Exception code: 0x80000003
Fault offset: 0x000151f1
Faulting process id: 0x24a0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (09/03/2015 09:07:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 44.0.2403.157, time stamp: 0x55d29eef
Faulting module name: chrome.dll, version: 44.0.2403.157, time stamp: 0x55d299e2
Exception code: 0x80000003
Fault offset: 0x000151f1
Faulting process id: 0x1ffc
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (09/03/2015 09:07:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 44.0.2403.157, time stamp: 0x55d29eef
Faulting module name: chrome.dll, version: 44.0.2403.157, time stamp: 0x55d299e2
Exception code: 0x80000003
Fault offset: 0x000151f1
Faulting process id: 0x222c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (09/03/2015 09:06:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 44.0.2403.157, time stamp: 0x55d29eef
Faulting module name: chrome.dll, version: 44.0.2403.157, time stamp: 0x55d299e2
Exception code: 0x80000003
Fault offset: 0x000151f1
Faulting process id: 0x1b34
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

System errors:
=============
Error: (09/05/2015 11:32:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG PC TuneUp Service service failed to start due to the following error:
%%2

Error: (09/05/2015 11:32:28 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.

Error: (09/05/2015 11:32:28 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.

Error: (09/05/2015 11:32:28 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.

Error: (09/05/2015 11:32:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows CardSpace service failed to start due to the following error:
%%1053

Error: (09/05/2015 11:32:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows CardSpace service to connect.

Error: (09/05/2015 11:31:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The FreemakeVideoCapture service failed to start due to the following error:
%%1053

Error: (09/05/2015 11:31:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FreemakeVideoCapture service to connect.

Error: (09/05/2015 11:30:33 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (09/05/2015 11:30:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Microsoft Office:
=========================
Error: (09/05/2015 11:34:28 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/05/2015 11:34:28 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/05/2015 11:24:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: services.exe6.1.7601.18829552b23d3ntdll.dll6.1.7601.1893355a6a196c000000500000000000200ea29401d0e74cfc493a2cC:\Windows\system32\services.exeC:\Windows\SYSTEM32\ntdll.dll30ba8ad6-53e2-11e5-83ef-10bf487cbedb

Error: (09/04/2015 04:05:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1832WebCacheLocal: C:\Users\Will\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (09/03/2015 09:14:34 AM) (Source: MsiInstaller) (EventID: 11706) (User: Will-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2015 09:09:34 AM) (Source: MsiInstaller) (EventID: 11706) (User: Will-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2015 09:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefchrome.dll44.0.2403.15755d299e280000003000151f124a001d0e649941a33b3C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\chrome.dlld1d506d5-523c-11e5-b68f-10bf487cbedb

Error: (09/03/2015 09:07:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefchrome.dll44.0.2403.15755d299e280000003000151f11ffc01d0e6496dbf0827C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\chrome.dllab7779e8-523c-11e5-b68f-10bf487cbedb

Error: (09/03/2015 09:07:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefchrome.dll44.0.2403.15755d299e280000003000151f1222c01d0e6496d98f222C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\chrome.dllab5626a4-523c-11e5-b68f-10bf487cbedb

Error: (09/03/2015 09:06:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefchrome.dll44.0.2403.15755d299e280000003000151f11b3401d0e64968e93c98C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\chrome.dlla6a40fba-523c-11e5-b68f-10bf487cbedb

CodeIntegrity:
===================================
Date: 2015-09-05 05:32:56.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 05:32:56.733
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 05:32:56.592
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 05:32:56.546
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-04 16:16:20.083
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-04 16:16:20.024
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-04 16:16:19.723
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-04 16:16:19.670
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-27 12:10:56.813
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-27 12:10:56.793
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 71%
Total physical RAM: 4078.28 MB
Available physical RAM: 1147.54 MB
Total Virtual: 8154.77 MB
Available Virtual: 4184.23 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:658.64 GB) (Free:262.43 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (ImageBackup) (Fixed) (Total:40 GB) (Free:39.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 58361309)
Partition 1: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=658.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#6 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 05 September 2015 - 03:10 PM

Will,

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ <-- You have a ton of programs running at start up, this may be one of the reasons your computer is slowing down, go to this directory and remove any programs that you dont need to run at start up, if your not sure what to remove let me know and when where done you can post in our windows forum to let them decide what and what not to have in start up

You also have Wise Cleaner and a few programs related to Wise, I have been into computing since the days of Windows 3.1 / 95 and I never had any need for any of these so called cleaners , reg cleaners and what not, its not malicious but really sucking up some system resources, I would uninstall anything related to Wise, anything you need is built into windows and there is no need for programs like this. When you run a registry cleaner and are not sure what its removing, remove the wrong entry or entries can sometime leave your computer unbootable, remove legit entries that are no longer needed and you will see no difference in system performance

I have to tell ya, you have so many programs installed , I would uninstall any that you have not used in the last 6 months and dont plan on using it in the future

You also have a ton of programs running as a task and some are not needed

Let me know what you want to do about Wise as I am working up a fix for you using FRST and I will add Wise if you decide to uninstall it

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#7 Wilbert Hippenst

Authentic Member

Authentic Member
203 posts

Posted 07 September 2015 - 02:13 PM

good afternoon and happy labor day

I was about to follow your advice when I got home today. Hard drive crashed on my puter when I booted it.

I don't have to worry bout it will follow your advice and not be a program hoarder :wall:

Thank you for all the help :wavey:

#8 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 07 September 2015 - 03:45 PM

Your more than welcome Will,

Are you sure your HD failed or did you just get a boot up error

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#9 Wilbert Hippenst

Authentic Member

Authentic Member
203 posts

Posted 07 September 2015 - 06:29 PM

It made a grinding noise and smelled burnt :pullhair:

#10 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 07 September 2015 - 07:07 PM

Wow, sounds like your ready for a new one

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#11 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 08 September 2015 - 07:51 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

Body Background

skin color theme

slow puter [Solved]

#1 Wilbert Hippenst

Advertisements

Register to Remove

#2 ken545

#3 Wilbert Hippenst

#4 ken545

#5 Wilbert Hippenst

#6 ken545

#7 Wilbert Hippenst

#8 ken545

#9 Wilbert Hippenst

#10 ken545

#11 ken545

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

slow puter [Solved]

#1 Wilbert Hippenst

Advertisements Register to Remove

#2 ken545

#3 Wilbert Hippenst

#4 ken545

#5 Wilbert Hippenst

#6 ken545

#7 Wilbert Hippenst

#8 ken545

#9 Wilbert Hippenst

#10 ken545

#11 ken545

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove