Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to connect to Internet [Closed]


  • This topic is locked This topic is locked

#1
flyboy3300

flyboy3300

    New Member

  • Member
  • Pip
  • 1 posts

I am unable to connect to the internet, the active network just stays on "identifying" with a yellow triangle in the connection box. The troubleshooting box show "problem found" - Windows could not automatically detect this network's proxy settings. Following is the result of the Farbar Scan

 

Frst,txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by KYoung (administrator) on KYOUNG-PC on 11-07-2015 08:43:18
Running from C:\Users\KYoung\Desktop
Loaded Profiles: KYoung (Available Profiles: KYoung)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Intuit Inc. All rights reserved.) C:\Users\KYoung\AppData\Local\Intuit\SyncManager\Current\IntuitSyncManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Runscanner.net) L:\runscanner.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2020952 2015-05-05] (Trend Micro Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266688 2015-05-04] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Plantronics MyHeadset Updater] => C:\Program Files (x86)\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe [80384 2014-12-15] (Plantronics)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3775800 2014-12-06] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\...\Run: [replay_telecorder_skype] => C:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe [2088448 2013-11-11] (Applian Technologies Inc.)
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\Run: [HanaConnect] => C:\Program Files (x86)\HanaMobile\HanaConnect\StarterApp.exe [7680 2011-05-19] (Microsoft)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2014-05-01] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2014-05-01] (Jaksta Technologies Pty Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2015-02-20]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-02-20]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2015-02-20]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2015\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\KYoung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-05-03]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * autocheck ersautocheck rati???utocheck autochk * autocheck ?Qautocheck 2E5-806????Qautocheck AUTONTFS C: PAGE=MIN DIRS=NONE MFT=NONE
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.alltheint....com/search.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
URLSearchHook: HKLM-x32 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
URLSearchHook: [S-1-5-21-2624593926-3331388892-475130418-1001] ATTENTION ==> Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 - Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\Program Files (x86)\AdvancedSearchbar\advancedsearchbar.dll (Advanced Search Technologies, Inc)
SearchScopes: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> DefaultScope alltheinternet URL = http://www.alltheint...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> alltheinternet URL = http://www.alltheint...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> searchalot URL = http://www.searchalo...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> talkingbuddy URL = http://www.talkingbu...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> wikibuddy URL = http://www.wikibuddy...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> {FB48B168-84BB-CCE3-D32D-94102F37C5B0} URL = http://www.bing.com/...eferrer:source}
BHO: Trend Micro DirectPass BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-05-05] (Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll [2014-06-30] (Trend Micro Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\TmBpIe64.dll [2015-05-21] (Trend Micro Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-22] (Sun Microsystems, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-03-06] (RealDownloader)
BHO-x32: Trend Micro DirectPass BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-05-05] (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll [2014-06-30] (Trend Micro Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\TmBpIe32.dll [2015-05-21] (Trend Micro Inc.)
BHO-x32: Advanced Searchbar -> {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} -> C:\Program Files (x86)\AdvancedSearchbar\advancedsearchbar.dll [2007-10-05] (Advanced Search Technologies, Inc)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro DirectPass ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-05-05] (Trend Micro Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\Program Files (x86)\AdvancedSearchbar\advancedsearchbar.dll [2007-10-05] (Advanced Search Technologies, Inc)
Toolbar: HKLM-x32 - Trend Micro DirectPass ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-05-05] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> No Name - {57F02779-3D88-4958-8AD3-83C12D86ADC7} -  No File
Toolbar: HKU\S-1-5-21-2624593926-3331388892-475130418-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} https://lowes.2020.n...X_WEB_Win32.cab
Handler-x32: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - C:\Program Files (x86)\Intuit\QuickBooks 2015\HelpAsyncPluggableProtocol.dll [2014-12-06] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14] (Skype Technologies S.A.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\TmBpIe64.dll [2015-05-21] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\TmBpIe32.dll [2015-05-21] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll [2014-06-30] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll [2014-06-30] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2014-07-20] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2014-07-20] (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-07-01] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-07-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.1.18 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-04-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-03-06] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\firefoxextension [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2012-11-28]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1022\9.1.1022\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-06-28]
 
Chrome: 
=======
CHR Profile: C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-04]
CHR Extension: (Google Search) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-04]
CHR Extension: (sellhack) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmcmgkmooimomjcinimbhfoephdhmgbc [2014-12-12]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-29]
CHR Extension: (RealDownloader) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-02-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Skype Click to Call) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]
CHR Extension: (Trend Micro Password Manager) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg [2014-04-06]
CHR Extension: (Gmail) - C:\Users\KYoung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-04]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.goo...ice/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2012-10-08] (Adobe Systems Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] () [File not signed]
R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2435960 2012-07-28] (Diskeeper Corporation)
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
S2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187328 2015-05-04] (Trend Micro Inc.)
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [333848 2015-05-05] (Trend Micro Inc.)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-12-06] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2014-12-06] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2014-12-06] (Intuit Inc.) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
S1 AFD; C:\Windows\system32\drivers\afd.sys [498688 2011-12-27] (Microsoft Corporation) [File not signed]
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcx64.sys [38400 2014-08-28] (CSR plc.)
R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [52144 2010-03-10] (Diskeeper Corporation)
R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [32768 2009-09-11] (Hauppauge Computer Works, Inc.)
R3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2015-01-29] (Trend Micro Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [122432 2015-04-24] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [307344 2015-04-24] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93616 2015-04-24] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U2 TMAgent; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-11 08:43 - 2015-07-11 08:43 - 00034160 _____ C:\Users\KYoung\Desktop\FRST.txt
2015-07-11 08:35 - 2015-07-11 08:35 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\Runscanner.net
2015-07-11 08:24 - 2015-07-11 08:24 - 00001099 _____ C:\Users\KYoung\Desktop\ParetoLogic PC Health Advisor.lnk
2015-07-11 08:24 - 2015-07-11 08:24 - 00000496 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-07-11 08:24 - 2015-07-11 08:24 - 00000444 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-07-11 08:24 - 2015-07-11 08:24 - 00000422 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2015-07-11 08:24 - 2015-07-11 08:24 - 00000402 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2015-07-11 08:24 - 2015-07-11 08:24 - 00000384 _____ C:\Windows\Tasks\PC Health Advisor.job
2015-07-11 08:24 - 2015-07-11 08:24 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2015-07-11 08:24 - 2015-07-11 08:24 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\DriverCure
2015-07-11 08:24 - 2015-07-11 08:24 - 00000000 ____D C:\Program Files (x86)\ParetoLogic
2015-07-11 08:23 - 2015-07-11 08:16 - 05964208 _____ (ParetoLogic Inc.) C:\Users\KYoung\Desktop\ParetoLogic PC Health Advisor.exe
2015-07-11 08:11 - 2015-07-11 08:24 - 00000000 ___SH C:\DkHyperbootSync
2015-07-11 08:04 - 2015-07-11 08:04 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2015-07-11 07:57 - 2015-07-11 07:57 - 00001232 _____ C:\Users\KYoung\Desktop\JRT.txt
2015-07-11 07:43 - 2015-06-27 10:23 - 04009167 _____ C:\Users\KYoung\Desktop\ServicesRepair.exe
2015-07-11 07:39 - 2015-07-11 08:10 - 00001566 _____ C:\Users\KYoung\Desktop\FSS.txt
2015-07-11 07:39 - 2015-06-27 09:53 - 00415232 _____ (Farbar) C:\Users\KYoung\Desktop\FSS.exe
2015-07-11 07:02 - 2015-07-11 08:05 - 00000948 _____ C:\Windows\Tasks\Trend Micro Inspect of Platinum.job
2015-07-04 11:47 - 2015-07-04 11:47 - 00386667 _____ C:\Users\KYoung\Downloads\cwi_iasst_er_cm_2.ppt
2015-07-04 10:23 - 2015-07-04 14:11 - 00000000 ____D C:\Users\KYoung\Desktop\ERP
2015-07-04 07:42 - 2015-07-04 07:42 - 00003344 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2624593926-3331388892-475130418-1001
2015-07-04 07:42 - 2015-07-04 07:42 - 00003212 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2624593926-3331388892-475130418-1001
2015-07-03 09:53 - 2015-07-03 09:53 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-03 09:53 - 2015-07-03 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-03 09:52 - 2015-07-03 09:53 - 00000000 ____D C:\Program Files\iTunes
2015-07-03 09:52 - 2015-07-03 09:52 - 00000000 ____D C:\Program Files\iPod
2015-07-03 09:52 - 2015-07-03 09:52 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-03 07:11 - 2015-07-03 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-06-30 22:31 - 2015-06-30 22:31 - 00003664 ____N C:\bootsqm.dat
2015-06-28 08:48 - 2015-06-28 08:49 - 09019904 _____ C:\Users\KYoung\Downloads\MOD_1_presentation_ppt
2015-06-28 00:16 - 2015-07-04 12:26 - 00000320 ____H C:\Users\KYoung\AppData\Roaming\c1972b1a7030edbaa8a0231998d2d434906484f2
2015-06-28 00:16 - 2015-07-04 12:26 - 00000320 ____H C:\ProgramData\c1972b1a7030edbaa8a0231998d2d434906484f2
2015-06-28 00:13 - 2015-06-28 00:13 - 00000000 ___HD C:\TMRescueDisk
2015-06-28 00:10 - 2015-06-28 00:10 - 00001443 _____ C:\Users\KYoung\Desktop\Trend Micro Maximum Security.lnk
2015-06-28 00:10 - 2015-06-28 00:10 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security
2015-06-28 00:09 - 2015-04-24 01:52 - 00307344 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-06-28 00:09 - 2015-04-24 01:52 - 00122432 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-06-28 00:09 - 2015-04-24 01:52 - 00093616 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-06-28 00:09 - 2014-07-09 12:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-06-28 00:09 - 2014-07-09 12:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-06-28 00:08 - 2015-06-28 00:20 - 00003540 _____ C:\Windows\System32\Tasks\Trend Micro Inspect of Platinum
2015-06-28 00:08 - 2015-06-28 00:08 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2015-06-28 00:08 - 2014-07-09 12:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-06-28 00:08 - 2014-06-30 07:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-06-27 18:56 - 2015-06-27 18:56 - 00290544 _____ C:\Windows\Minidump\062715-61667-01.dmp
2015-06-27 12:11 - 2015-06-27 18:56 - 653016211 _____ C:\Windows\MEMORY.DMP
2015-06-27 12:11 - 2015-06-27 12:12 - 00291624 _____ C:\Windows\Minidump\062715-54101-01.dmp
2015-06-27 11:59 - 2015-06-27 12:01 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-06-27 11:59 - 2015-06-27 12:01 - 00000000 ____D C:\Windows\system32\vbox
2015-06-27 11:42 - 2015-06-28 00:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-27 11:26 - 2015-06-27 11:26 - 00000000 ____D C:\32788R22FWJFW
2015-06-27 11:22 - 2015-06-27 11:22 - 00035715 _____ C:\ComboFix.txt
2015-06-27 10:52 - 2015-06-27 11:22 - 00000000 ____D C:\Qoobox
2015-06-27 10:52 - 2015-06-27 11:19 - 00000000 ____D C:\Windows\erdnt
2015-06-27 10:52 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-27 10:52 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-27 10:52 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-27 10:52 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-27 10:52 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-27 10:52 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-27 10:52 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-27 10:52 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-27 10:38 - 2015-06-27 10:38 - 00000207 _____ C:\Windows\tweaking.com-regbackup-KYOUNG-PC-Windows-7-Ultimate-(64-bit).dat
2015-06-27 10:38 - 2015-06-27 10:38 - 00000000 ____D C:\RegBackup
2015-06-27 10:37 - 2015-06-27 10:23 - 02950961 _____ (Malwarebytes Corporation) C:\Users\KYoung\Desktop\JRT.exe
2015-06-27 10:33 - 2015-07-11 08:02 - 00001841 _____ C:\Users\KYoung\Desktop\Search.txt
2015-06-27 10:29 - 2015-07-11 08:43 - 00000000 ____D C:\FRST
2015-06-27 10:28 - 2015-06-27 10:21 - 02112512 _____ (Farbar) C:\Users\KYoung\Desktop\FRST64.exe
2015-06-27 08:03 - 2004-08-18 21:38 - 00184370 _____ C:\macshift.exe
2015-06-27 08:03 - 2004-08-18 21:38 - 00008294 _____ C:\macshift.cpp
2015-06-27 08:03 - 2004-08-17 19:44 - 00084391 _____ C:\validmacs.h
2015-06-21 07:20 - 2015-06-21 07:20 - 00249660 _____ C:\Users\KYoung\Downloads\presentation_kellymorris.ppt
2015-06-17 00:23 - 2015-06-17 00:23 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-06-17 00:23 - 2015-06-17 00:23 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2015-06-13 11:42 - 2015-06-13 11:42 - 01003520 _____ C:\Users\KYoung\Downloads\fundamentalsframworkguidance-131022101806-phpapp01.ppt
2015-06-13 11:41 - 2015-06-13 11:41 - 01941504 _____ C:\Users\KYoung\Downloads\fundamentalssa-131022101700-phpapp02.ppt
2015-06-13 07:24 - 2015-06-13 07:24 - 00000000 ____D C:\Users\KYoung\Desktop\Log
2015-06-13 07:09 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-13 07:09 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-13 07:09 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-13 07:09 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-13 07:09 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-13 07:09 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-13 07:09 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-13 07:09 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-13 07:09 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-13 07:09 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-13 07:09 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-13 07:09 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-13 07:09 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-13 07:09 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-13 07:09 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-13 07:09 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-13 07:09 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-13 07:09 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-13 07:08 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-13 07:08 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-13 07:08 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-13 07:08 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-13 07:08 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-13 07:08 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-13 07:08 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-13 07:08 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-13 07:08 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-13 07:08 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-13 07:08 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-13 07:08 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-13 07:08 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-13 07:08 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-13 07:08 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-13 07:08 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-13 07:08 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-13 07:08 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-13 07:08 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-13 07:08 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-13 07:08 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-13 07:08 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-13 07:08 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-13 07:08 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-13 07:08 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-13 07:08 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-13 07:08 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-13 07:08 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-13 07:08 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-13 07:08 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-13 07:08 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-13 07:08 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-13 07:08 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-13 07:08 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-13 07:08 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-13 07:08 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-13 07:08 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-13 07:08 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-13 07:08 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-13 07:08 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-13 07:08 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-13 07:08 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-13 07:08 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-13 07:08 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-13 07:08 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-13 07:08 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-13 07:08 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-13 07:08 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-13 07:08 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-13 07:08 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-13 07:08 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-13 07:08 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-13 07:08 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-13 07:08 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-13 07:08 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-13 07:08 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-13 07:08 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-13 07:08 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-13 07:08 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-13 07:08 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-13 07:08 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-13 07:08 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-13 07:08 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-13 07:08 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-13 07:08 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-13 07:08 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-13 07:08 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-13 07:08 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-13 07:08 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-13 07:08 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-13 07:08 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-13 07:08 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-13 07:08 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-13 07:08 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-13 07:08 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-13 07:08 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-13 07:08 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-13 07:08 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-13 07:08 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-13 07:08 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-13 07:08 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-13 07:08 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-13 07:08 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-13 07:08 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-13 07:08 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-13 07:08 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-13 07:08 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-13 07:08 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-13 07:08 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-13 07:08 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-13 07:08 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-13 07:08 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-13 07:08 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-13 07:08 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-13 07:08 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-13 07:08 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-11 08:32 - 2009-07-14 00:45 - 00026416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 08:32 - 2009-07-14 00:45 - 00026416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 08:24 - 2014-09-22 07:58 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\ParetoLogic
2015-07-11 08:24 - 2014-09-22 07:57 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-07-11 08:13 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-11 08:08 - 2013-05-25 07:27 - 00000000 _____ C:\defragme.dat
2015-07-11 08:08 - 2009-07-14 01:10 - 01749139 _____ C:\Windows\WindowsUpdate.log
2015-07-11 08:05 - 2014-11-16 23:00 - 00031890 _____ C:\Windows\setupact.log
2015-07-11 08:05 - 2011-11-22 20:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-11 08:05 - 2009-07-14 01:08 - 00032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-11 08:05 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 07:47 - 2012-11-04 22:58 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\Skype
2015-07-11 07:12 - 2009-07-14 01:13 - 00848106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 14:20 - 2011-11-22 19:54 - 00000000 ____D C:\Users\KYoung\Documents\Outlook Files
2015-07-04 14:00 - 2012-08-02 16:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-04 13:25 - 2015-02-21 07:04 - 00000000 ____D C:\Users\KYoung\Documents\Quicken
2015-07-04 13:24 - 2012-06-04 17:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 12:37 - 2013-07-14 22:18 - 00000000 ____D C:\Users\KYoung\AppData\Roaming\FLV and Media Player
2015-07-04 07:40 - 2012-06-04 17:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-03 12:33 - 2013-04-13 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab Passkey
2015-07-03 12:33 - 2013-04-13 09:08 - 00000000 ____D C:\Program Files (x86)\DVDFab Passkey
2015-07-03 09:52 - 2015-04-11 05:50 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-03 09:52 - 2011-12-08 14:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-03 07:11 - 2011-11-22 22:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-01 00:01 - 2012-08-02 16:57 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-01 00:00 - 2012-04-07 00:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-01 00:00 - 2011-11-22 18:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-28 12:35 - 2011-11-23 21:05 - 00000000 ____D C:\ProgramData\Trend Micro
2015-06-28 02:04 - 2014-11-29 00:54 - 00000010 _____ C:\Users\KYoung\AppData\Local\sponge.last.runtime.cache
2015-06-28 00:20 - 2014-11-16 23:00 - 05515928 _____ C:\Windows\PFRO.log
2015-06-28 00:07 - 2012-11-28 13:21 - 00000000 ____D C:\Program Files\Trend Micro
2015-06-28 00:06 - 2011-11-23 21:19 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2015-06-27 18:56 - 2013-12-07 13:21 - 00000000 ____D C:\Windows\Minidump
2015-06-27 12:20 - 2015-02-20 20:27 - 00000000 ____D C:\Program Files (x86)\Quicken
2015-06-27 11:27 - 2011-11-22 23:27 - 00000000 ____D C:\Program Files (x86)\AdvancedSearchbar
2015-06-27 11:26 - 2012-12-13 09:35 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-06-27 11:22 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Default
2015-06-27 11:12 - 2009-07-13 22:34 - 00000215 ____N C:\Windows\system.ini
2015-06-27 11:06 - 2009-07-13 22:34 - 24903680 _____ C:\Windows\system32\config\SYSTEM.bak
2015-06-27 11:06 - 2009-07-13 22:34 - 130809856 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-06-27 11:06 - 2009-07-13 22:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-06-27 11:06 - 2009-07-13 22:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-06-27 11:06 - 2009-07-13 22:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-06-21 06:42 - 2009-07-13 22:34 - 66584576 _____ C:\Windows\system32\config\COMPONENTS.bak
2015-06-21 06:39 - 2014-10-11 10:44 - 00000000 ____D C:\Users\KYoung\Documents\ASI
2015-06-21 06:32 - 2012-11-29 10:40 - 00000000 ____D C:\ProgramData\TEMP
2015-06-20 09:34 - 2014-08-02 11:56 - 00011362 _____ C:\Users\KYoung\Desktop\Rebekah owes Rachael.xlsx
2015-06-14 10:32 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-06-14 09:07 - 2014-11-24 15:19 - 00000000 __SHD C:\Users\KYoung\AppData\Local\EmieBrowserModeList
2015-06-14 09:07 - 2014-04-19 13:17 - 00000000 __SHD C:\Users\KYoung\AppData\Local\EmieUserList
2015-06-14 09:07 - 2014-04-19 13:17 - 00000000 __SHD C:\Users\KYoung\AppData\Local\EmieSiteList
2015-06-14 08:48 - 2014-08-22 10:27 - 00000000 ____D C:\Users\KYoung\AppData\Local\Adobe
2015-06-14 08:27 - 2009-07-14 00:45 - 03282688 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 08:23 - 2014-12-10 11:21 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-14 08:23 - 2014-04-27 08:40 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-14 08:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-13 15:38 - 2011-11-22 18:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-13 15:35 - 2013-07-27 00:45 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 15:25 - 2011-11-22 18:57 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== Files in the root of some directories =======
 
2015-06-28 00:16 - 2015-07-04 12:26 - 0000320 ____H () C:\Users\KYoung\AppData\Roaming\c1972b1a7030edbaa8a0231998d2d434906484f2
2012-11-30 12:00 - 2012-11-30 12:02 - 0016518 _____ () C:\Users\KYoung\AppData\Roaming\ClearRegCodeLog.log
2012-12-23 10:52 - 2015-05-10 14:07 - 0018006 _____ () C:\Users\KYoung\AppData\Roaming\RegistrationLog.log
2011-11-22 20:50 - 2015-05-10 14:07 - 0141634 _____ () C:\Users\KYoung\AppData\Roaming\ReplayConverterLog.log
2011-11-22 20:43 - 2013-11-03 20:57 - 3230321 _____ () C:\Users\KYoung\AppData\Roaming\ReplayMusicLog.log
2012-11-28 14:15 - 2012-11-28 14:15 - 0000000 _____ () C:\Users\KYoung\AppData\Roaming\tmcef.log
2011-11-22 20:47 - 2012-07-28 13:50 - 0003052 _____ () C:\Users\KYoung\AppData\Roaming\VideoPadlockLog.log
2015-05-10 08:30 - 2015-05-10 13:10 - 0004608 _____ () C:\Users\KYoung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-28 13:18 - 2012-11-28 13:18 - 0000036 _____ () C:\Users\KYoung\AppData\Local\housecall.guid.cache
2015-02-22 10:37 - 2015-02-22 10:37 - 0004096 ____H () C:\Users\KYoung\AppData\Local\keyfile3.drm
2014-11-29 00:54 - 2015-06-28 02:04 - 0000010 _____ () C:\Users\KYoung\AppData\Local\sponge.last.runtime.cache
2012-07-21 13:59 - 2012-12-25 16:26 - 0000125 ___SH () C:\ProgramData\.zreglib
2015-06-28 00:16 - 2015-07-04 12:26 - 0000320 ____H () C:\ProgramData\c1972b1a7030edbaa8a0231998d2d434906484f2
2012-01-28 10:11 - 2012-01-28 10:59 - 0000469 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-27 22:56
 
==================== End of log ============================
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by KYoung at 2015-07-11 08:43:50
Running from C:\Users\KYoung\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2624593926-3331388892-475130418-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2624593926-3331388892-475130418-1004 - Limited - Enabled)
Guest (S-1-5-21-2624593926-3331388892-475130418-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2624593926-3331388892-475130418-1002 - Limited - Enabled)
KYoung (S-1-5-21-2624593926-3331388892-475130418-1001 - Administrator - Enabled) => C:\Users\KYoung
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Trend Micro Maximum Security (Disabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AS: Trend Micro Maximum Security (Disabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
767 Captain (767-300 Base Pack) (HKLM-x32\...\767CAPTAIN) (Version: 1.5.00 - © 1999-2011 Captain Sim)
777 Captain (777-200) 1.3 (HKLM-x32\...\x772) (Version: 1.3.00 - © 1999-2013 Captain Sim)
777 Captain (777-200) 1.50 (HKLM-x32\...\x772_fsx) (Version: 1.5.00 - © 1999-2014 Captain Sim)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_e7e6bb3ae60aaa1c5b11aa97d8f15b0) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_7e74552a59eaf9fafd13f90894ac9bd) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Searchbar (HKLM-x32\...\Advanced Searchbar) (Version: 3.36 - Advanced Search Technologies, Inc.)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
A-PDF Restrictions Remover (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version:  - A-PDF Solution)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian Director (HKLM-x32\...\Applian Director2.2) (Version: 2.2 - Applian Technologies Inc.)
Applian Director (HKLM-x32\...\Applian Director3.0) (Version: 3.0 - Applian Technologies Inc.)
Aventail Access Manager (HKU\S-1-5-21-2624593926-3331388892-475130418-1001\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.54.42 - SonicWALL Inc)
Aventail Access Manager (x32 Version: 10.54.42 - SonicWALL Inc) Hidden
Aventail OPSWAT End Point Control (x32 Version: 10.54.41 - SonicWALL Inc) Hidden
Aventail Web Proxy Agent (HKLM-x32\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.54.41 - SonicWALL Inc)
Aventail Webifiers (HKLM-x32\...\{54D44AD1-A083-48B9-BD6F-AFD517B7C775}) (Version: 10.54.41 - SonicWALL Inc)
Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
AVS Audio Converter 7.3 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.3.1.535 - Online Media Technologies Ltd.)
AVS Audio Editor 7.3 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.3.1.493 - Online Media Technologies Ltd.)
AVS Audio Recorder version 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version:  - Online Media Technologies Ltd.)
AVS Cover Editor 2.0.1.3 (HKLM-x32\...\AVSCoverEditor2_is1) (Version:  - Online Media Technologies Ltd.)
AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.2.532 - Online Media Technologies Ltd.)
AVS Document Converter 2.3.2 (HKLM-x32\...\AVS Document Converter_is1) (Version: 2.3.2.233 - Online Media Technologies Ltd.)
AVS DVD Copy version 4.1.2 (HKLM-x32\...\AVS DVD Copy_is1) (Version:  - Online Media Technologies Ltd.)
AVS Image Converter 2.3.3.249 (HKLM-x32\...\AVS Image Converter_is1) (Version: 2.3.3.249 - Online Media Technologies Ltd.)
AVS Media Player 4.2.3.106 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.3.106 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.1.144 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.1.144 - Online Media Technologies Ltd.)
AVS Registry Cleaner 2.3.4.261 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 2.3.4.261 - Online Media Technologies Ltd.)
AVS Registry Cleaner version 2.2 (HKLM-x32\...\AVSRegistryCleaner_is1) (Version:  - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version:  - Online Media Technologies Ltd.)
AVS Screen Capture version 2.0.2 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.1.568 - Online Media Technologies Ltd.)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version: 2.5.6.87 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.3.2.166 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.3.2.166 - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Basketball Statwiz Upgrade 4.15 (HKLM-x32\...\Basketball Statwiz Upgrade 4.15) (Version:  - )
BERNINA Embroidery Software 5.0W (HKLM-x32\...\{1919D96B-79F5-465E-8D81-1C22C9A7CD57}) (Version: 5.0.0085 - BERNINA)
BERNINA Universal Communication Server (HKLM-x32\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.1.2 - BERNINA)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Color Network ScanGear Ver.2.71 (HKLM-x32\...\{4E5CA273-5771-450A-AFDD-C58DAD9205DC}) (Version: 2.71.0000 - CANON INC.)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.1 - Corel Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Digital Aviation Reference Library (HKLM-x32\...\{9930D15E-94E7-4F3E-9203-15BCC66799F3}) (Version: 4.5 - )
Digital Copy (HKLM-x32\...\Digital Copy) (Version:  - )
Diskeeper 2010  (HKLM\...\{512CBDBD-E880-4D78-8A4F-D06624EDE2CE}) (Version: 14.0.915.64 - Diskeeper Corporation)
DVDFab Passkey 8.2.4.1 (12/06/2015) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version:  - Fengtao Software Inc.)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Embroidery Software (x32 Version: 5.0.0035 - BERNINA) Hidden
EN (x32 Version: 13.1 - Corel Corporation) Hidden
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version:  - )
FLV and Media Player (3.2.0.3) (HKLM-x32\...\FLV and Media Player) (Version: 3.2.0.3 - Applian Technologies)
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Freecorder 5 (HKLM-x32\...\Freecorder5.1) (Version: 5.1 - Applian Technologies Inc.)
Freecorder 5 (HKLM-x32\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
Freecorder Toolbar (HKLM-x32\...\Freecorder Toolbar) (Version: 6.8.5.1 - Freecorder) <==== ATTENTION
Freecorder Toolbar (HKLM-x32\...\freecordertoolbar) (Version: 5.0.0.0 - ) <==== ATTENTION
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HanaConnect (HKLM-x32\...\{CC1040C7-6626-44A9-8450-689EB32E9106}) (Version: 1.0.0 - HanaMobile)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
iSpring Presenter 5 (HKLM\...\{2B2DB9C6-7D97-489E-815B-EA910CD2786F}) (Version: 5.7.0 - iSpring Solutions Inc.)
iSpring Presenter 5 (HKLM-x32\...\{D212E07E-E2DF-45B0-BB88-984F69BA0841}) (Version: 5.7.0 - iSpring Solutions Inc.)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Money Plus (HKLM-x32\...\Money2008b) (Version: 17 - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MP3 Magic 2.02 (HKLM-x32\...\MP3_Magic_2.0) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower)
Multimedia Card Reader (x32 Version: 1.4.915.1 - Fitipower) Hidden
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.7.0 - ParetoLogic, Inc.)
PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Plantronics CSR Driver (64-bit) (Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics CsrDfu Installer (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics HidDfu Installer (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater (HKLM-x32\...\{782cbc1e-3ae8-4a3f-9b3a-fa2206396621}) (Version: 3.1.50883.11482 - Plantronics, Inc.)
Plantronics MyHeadset Updater (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Device Handlers (32-bit) (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater DFU Handlers (32-bit) (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Install Check (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater MLS (Version: 3.0.0.0 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Runtime (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Startup (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
QuickBooks (x32 Version: 25.0.4005.2506 - Intuit Inc.) Hidden
QuickBooks Premier: Accountant Edition 2015 (HKLM-x32\...\{D58E14D8-963A-4CCD-852E-065655D45004}) (Version: 25.0.4005.2506 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.8.1 - Intuit)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Replay Converter 4 (HKLM-x32\...\Replay Converter 4) (Version: 4.40 - Applian Technologies Inc.)
Replay Media Catcher 5 (5.0.1.54) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.1.54 - Applian Technologies)
Replay Media Splitter 2.2.1409.56 (HKLM-x32\...\Replay_Media_Splitter_1.2) (Version: 2.2.1409.56 - Applian Technologies Inc.)
Replay Music 5 (HKLM-x32\...\ReplayMusic5.60) (Version: 5.60 - Applian Technologies Inc.)
Replay Music 6 (HKLM-x32\...\ReplayMusic6.00) (Version: 6.00 - Applian Technologies Inc.)
Replay Music 6 (HKLM-x32\...\ReplayMusic6.10) (Version: 6.10 - Applian Technologies Inc.)
Replay Radio 9 (9.0.1.46) (HKLM-x32\...\Replay Radio 9) (Version: 9.0.1.46 - Applian Technologies)
Replay Telecorder for Skype 1.3.0.23 (HKLM-x32\...\Replay Telecorder for Skype_is1) (Version: 1.3.0.23 - Applian Technologies Inc.)
Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.2) (Version: 7.2 - Applian Technologies Inc.)
Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.4) (Version: 7.4 - Applian Technologies Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Trend Micro DirectPass (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1176 - Trend Micro Inc.)
Trend Micro DirectPass (Version: 1.3.0.5013 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
VC12X64Redist (HKLM\...\{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}) (Version: 1.00.0000 - Intuit Inc.)
VC12X86Redist (HKLM-x32\...\{EA9886ED-21F8-4867-A049-CE6817291EE6}) (Version: 1.00.0000 - Intuit Inc.)
VCRT for DirectPass x64 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (x32 Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
Video Padlock (HKLM-x32\...\Video Padlock1.20) (Version: 1.20 - Applian Technologies Inc.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB  (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zinio Alert Messenger (HKLM-x32\...\ZinioAlertMessenger.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2570 - Zinio LLC)
Zinio Alert Messenger (x32 Version: 4.0.2570 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.2.3972 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.3972 - Zinio LLC) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2624593926-3331388892-475130418-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> No File path
 
==================== Restore Points =========================
 
27-06-2015 10:52:36 ComboFix created restore point
27-06-2015 11:44:23 avast! antivirus system restore point
27-06-2015 11:53:18 Revo Uninstaller's restore point - iSEEK AnswerWorks English Runtime
27-06-2015 11:53:43 Removed iSEEK AnswerWorks English Runtime
27-06-2015 11:58:59 Device Driver Package Install: Avast Network Service
27-06-2015 23:16:31 Revo Uninstaller's restore point - Avast Premier
27-06-2015 23:32:48 Revo Uninstaller's restore point - Avast Premier
27-06-2015 23:33:44 avast! antivirus system restore point
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-06-27 11:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1471CF59-8A09-4478-A46F-34D54EF40BAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {16CE81E2-F42B-4B0A-9D1E-0EB1E6487F37} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2624593926-3331388892-475130418-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {36C9BBD1-5436-49F8-AB45-C05CA0532576} - System32\Tasks\{02B9FA5B-CE2A-4D0D-9C36-1B1D074FB3F3} => pcalua.exe -a "D:\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\7e74552a59eaf9fafd13f90894ac9bd" -c -silent
Task: {557F271B-5FB9-4939-BB21-9DBAA0A2985C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2624593926-3331388892-475130418-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {5C64C9C8-7C07-4481-AF0F-9C0E43498C8C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {6B1744D8-8151-49BA-AC60-4492DFFB50C3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {782B8801-B3C4-434E-A01F-B893ECA1F748} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {8177E847-9204-433D-BCF4-77CF8A5E4509} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {81F3D4BD-6307-4898-AEB3-8650FD4B5AD3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {8A93AC80-F940-4825-9A51-FA21C799FB0C} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-22] (Microsoft Corporation)
Task: {90582F24-BEB2-441E-93FB-B9B87502D52F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {984A4151-6FAC-4AAE-9A4E-1008276AFA16} - System32\Tasks\{1892543C-5C25-404E-83E5-DC8E7A0CCD45} => pcalua.exe -a D:\setup.exe -d D:\
Task: {BA4031DD-A06A-498A-8B05-AE0D40898BF0} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2624593926-3331388892-475130418-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {BBB2BC7A-B293-4527-BCC6-6C593AEB4693} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {CD6C1CC9-1E3C-42FF-83E5-3E236A8B15E3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E0C6FABE-3F3B-498B-8AAD-A2AFC30E0BFF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E4570609-1536-49D5-84DB-CE1E454A7F58} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2624593926-3331388892-475130418-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {EBCB8459-1592-435F-BC72-1867D663EBD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {F720E088-E358-49B5-89CE-6561FCA39792} - System32\Tasks\Trend Micro Inspect of Platinum => C:\Program Files\Trend Micro\Titanium\plugin\Pt\win32\Inspect\Inspect.exe [2015-05-04] (Trend Micro Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\Trend Micro Inspect of Platinum.job => C:\Program Files\Trend Micro\Titanium\plugin\Pt\win32\Inspect\Inspect.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-05-04 12:36 - 2015-02-03 22:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-28 00:07 - 2014-07-09 12:03 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2015-06-28 00:07 - 2014-07-09 12:02 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2015-06-28 00:07 - 2014-07-09 12:03 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2015-06-28 00:07 - 2014-07-09 12:03 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2015-06-28 00:07 - 2014-07-09 12:02 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2015-06-28 00:17 - 2015-05-04 02:23 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2015-06-28 00:17 - 2015-05-04 02:23 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2015-06-28 00:17 - 2015-05-04 02:23 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2015-06-28 00:17 - 2015-05-04 02:23 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2013-03-06 02:21 - 2013-03-06 02:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-11-23 13:42 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-06-28 00:05 - 2014-07-20 15:05 - 00065560 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-11-22 19:00 - 2009-10-02 15:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-05-29 18:40 - 2015-05-05 03:19 - 00039424 _____ () C:\Program Files\Trend Micro\TMIDS\boost_date_time-vc110-mt-1_49.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData:iSpring Presenter 5
AlternateDataStreams: C:\ProgramData:iSpring Pro 6
AlternateDataStreams: C:\Users\All Users:iSpring Presenter 5
AlternateDataStreams: C:\Users\All Users:iSpring Pro 6
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Presenter 5
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Pro 6
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\KYoung\Application Data:iSpring Presenter 5
AlternateDataStreams: C:\Users\KYoung\Application Data:iSpring Pro 6
AlternateDataStreams: C:\Users\KYoung\AppData\Roaming:iSpring Presenter 5
AlternateDataStreams: C:\Users\KYoung\AppData\Roaming:iSpring Pro 6
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2624593926-3331388892-475130418-1001\...\intuit.com -> hxxps://ttlc.intuit.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2624593926-3331388892-475130418-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\KYoung\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: DockLoginService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: PCToolsSSDMonitorSvc => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: UniversalCommunicationServer => 2
MSCONFIG\startupfolder: C:^Users^KYoung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^KYoung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^KYoung^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zinio Alert Messenger.lnk => C:\Windows\pss\Zinio Alert Messenger.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0ENQBO => C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: Adobe_ID0EYTHM => C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DVDFab Passkey => "C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe"
MSCONFIG\startupreg: Freecorder FLV Service => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Nvtmru => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: replay_telecorder_skype => C:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe /start_context sys_auto
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{6697DDBA-6123-487D-838A-16FAA3FCA0EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{75957DB6-F70C-4CC5-9273-B120D6DCD035}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EC306251-0F97-487A-84D2-289B91CB0EBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1422A6F9-06E9-4468-97CF-9513522DF9F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{20637FA7-9A92-4028-A630-A613DD2EA3C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{579BA0F5-9400-490B-95A2-2E030BB96566}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AEA6941E-D8B7-4D57-9B29-4A5794AB083A}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
FirewallRules: [{D208A4D4-083F-454B-896C-16F2EB32D87D}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
FirewallRules: [{04DC8AE3-5CAD-4DDF-93D6-CF8A26CBF531}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jbp.exe
FirewallRules: [{9335D80E-F661-4842-AE92-941F9319B5A6}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jbp.exe
FirewallRules: [{A98CC9D5-ED4D-43AC-AE76-AD2F12F01D26}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jwmpp.exe
FirewallRules: [{404A4EAE-AE3C-4F7C-A161-0E58A0E17401}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jwmpp.exe
FirewallRules: [{3840B2B0-2C34-4635-8DFE-06E27BCA60B1}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\ffmpeg.exe
FirewallRules: [{B4615131-EE8E-4192-9215-654694190FCE}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\ffmpeg.exe
FirewallRules: [{33F03351-97E6-4643-82E4-C5E6D49A6935}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{2BBA1A55-190E-42C9-9770-A6D3A7B64676}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{6AEB2D87-5A63-42DD-AC66-ABF0D2C90F0F}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [{B650C1F2-9E7C-4C4A-BFD0-32DD4AA0AB51}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [{5037CAF1-2D1E-4E40-8C92-4B9750E3F3C2}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe
FirewallRules: [{8FFE1297-9394-4495-87FE-3B15CF0FB630}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe
FirewallRules: [{EB77D26E-E24A-475A-81AC-6663DF40BA8C}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jbp.exe
FirewallRules: [{9571CA5A-CC4F-4E03-92C4-4FA81A477647}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jbp.exe
FirewallRules: [{73AAA5A0-64CE-42C5-98CE-3B0675AFC55F}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jwmpp.exe
FirewallRules: [{9C482438-88FA-4A14-AE06-638F4CB99B19}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jwmpp.exe
FirewallRules: [TCP Query User{6E9684D5-D4E1-475C-8E5D-8EED3E07320C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A726988B-3840-45AF-8428-4319EBF8865E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{672B15F3-57F8-4022-86F5-58D48E718EDB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E4ACF1D4-41AB-4A9E-B264-B64F4188A4D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9B3A3EF9-2094-4DD9-9E1C-E3539D320351}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AFD
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HTTP
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/11/2015 08:44:01 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:56 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:51 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:46 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:41 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:36 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:31 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:25 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:20 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
Error: (07/11/2015 08:43:15 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).
 
 
System errors:
=============
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1068
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: 
%%577
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ancillary Function Driver for Winsock service failed to start due to the following error: 
%%577
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1068
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: 
%%577
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ancillary Function Driver for Winsock service failed to start due to the following error: 
%%577
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1068
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: 
%%577
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ancillary Function Driver for Winsock service failed to start due to the following error: 
%%577
 
Error: (07/11/2015 08:42:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office:
=========================
Error: (07/11/2015 08:44:01 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:56 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:51 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:46 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:41 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:36 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:31 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:25 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:20 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
Error: (07/11/2015 08:43:15 AM) (Source: WcesComm) (EventID: 7) (User: )
Description: Fatal (0x80004005)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-07-11 08:43:48.519
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.489
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.469
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.439
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.299
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.269
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.239
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:48.219
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:12.319
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-11 08:43:12.289
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AFD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 870 @ 2.93GHz
Percentage of memory in use: 32%
Total physical RAM: 8151.08 MB
Available physical RAM: 5471.22 MB
Total Pagefile: 16300.36 MB
Available Pagefile: 13557.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.86 GB) (Free:321.22 GB) NTFS
Drive l: () (Removable) (Total:0.49 GB) (Free:0.27 GB) FAT
Drive n: (Seagate Expansion Drive) (Fixed) (Total:2794.51 GB) (Free:1716.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 0E259418)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=920.9 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.
 
========================================================
Disk: 10 (Size: 500 MB) (Disk ID: 12BA1E44)
Partition 1: (Active) - (Size=499 MB) - (Type=06)
 
==================== End of log ============================
 
Thanks for any help

 

Attached Files


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, sorry for the delay. If you still require assistance could you post a fresh FRST scan please
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP