Thanks for your time
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
Ran by COMPAQ (administrator) on COMPAQ-PC (25-07-2015 17:02:36)
Running from C:\Users\COMPAQ
Loaded Profiles: COMPAQ (Available Profiles: COMPAQ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Farbar) C:\Users\COMPAQ\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1838249486-1020867623-664619754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20917408 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1838249486-1020867623-664619754-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-08-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Powerproject Startup.lnk [2014-07-08]
ShortcutTarget: Powerproject Startup.lnk -> C:\Program Files (x86)\Asta\Asta Powerproject\AstaPowerproject.exe (Asta Development PLC)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1838249486-1020867623-664619754-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1838249486-1020867623-664619754-1000 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-20] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-1838249486-1020867623-664619754-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{617A6249-EF47-4F9E-94F1-48ED59343A79}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (No Name) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apkalmfikjgojeiiadpmfebhfodmgpag [2014-11-27]
CHR Extension: (YouTube) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Proofread Bot Grammar and Style Checker) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjnnmmjgjaaomkcjibnncokikbianjap [2015-05-07]
CHR Extension: (Google Search) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (Blackball Pool) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjkhefodfbgjpcmahghmfggbcpjabnag [2014-08-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Twitch Now) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-06-24]
CHR Extension: (Google Wallet) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (No Name) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip [2014-11-27]
CHR Extension: (Gmail) - C:\Users\COMPAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 088c3b28; c:\Program Files (x86)\LibrarySystem\LibrarySystem.dll [2280448 2015-07-20] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 System guard; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 17:01 - 2015-07-25 17:01 - 02146816 _____ (Farbar) C:\Users\COMPAQ\FRST64 (1).exe
2015-07-25 16:44 - 2015-07-25 16:44 - 02146816 _____ (Farbar) C:\Users\COMPAQ\FRST64.exe
2015-07-24 18:56 - 2015-07-24 18:59 - 00020227 _____ C:\Users\COMPAQ\Addition.txt
2015-07-24 18:38 - 2015-07-25 17:02 - 00011360 _____ C:\Users\COMPAQ\FRST.txt
2015-07-24 11:28 - 2015-07-24 11:29 - 02135552 _____ (Farbar) C:\Users\COMPAQ\FRST64 (2).exe
2015-07-24 11:13 - 2015-07-24 11:14 - 00000000 ____D C:\2db23f924b6870fef9969913f936
2015-07-22 13:06 - 2015-07-22 13:07 - 02135552 _____ (Farbar) C:\Users\COMPAQ\Downloads\FRST64.exe
2015-07-21 11:32 - 2015-07-15 04:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:32 - 2015-07-15 04:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:32 - 2015-07-15 04:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:32 - 2015-07-15 04:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:32 - 2015-07-15 03:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:32 - 2015-07-15 03:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:32 - 2015-07-15 03:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:32 - 2015-07-15 03:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:32 - 2015-07-15 02:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:32 - 2015-07-15 02:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 11:07 - 2015-07-25 16:48 - 00000336 _____ C:\Windows\setupact.log
2015-07-21 11:07 - 2015-07-21 11:07 - 00000000 _____ C:\Windows\setuperr.log
2015-07-21 11:06 - 2015-07-21 11:06 - 00001892 _____ C:\Windows\PFRO.log
2015-07-20 11:49 - 2015-07-20 11:49 - 00000000 ____D C:\Users\COMPAQ\AppData\Roaming\Google
2015-07-20 11:45 - 2015-07-20 11:45 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 11:45 - 2015-07-20 11:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-20 11:45 - 2015-07-20 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-20 11:44 - 2015-07-20 11:45 - 00000000 ____D C:\ProgramData\Google
2015-07-20 11:44 - 2015-07-20 11:45 - 00000000 ____D C:\Program Files\CCleaner
2015-07-20 11:44 - 2015-07-20 11:44 - 00000000 ____D C:\Program Files\Google
2015-07-20 11:36 - 2015-07-20 11:39 - 06565736 _____ (Piriform Ltd) C:\Users\COMPAQ\Downloads\ccsetup507 (1).exe
2015-07-20 11:35 - 2015-07-20 11:41 - 06565736 _____ (Piriform Ltd) C:\Users\COMPAQ\Downloads\ccsetup507.exe
2015-07-20 10:54 - 2015-07-22 13:37 - 00021111 _____ C:\Users\COMPAQ\Downloads\Addition.txt
2015-07-20 10:51 - 2015-07-22 13:37 - 00038557 _____ C:\Users\COMPAQ\Downloads\FRST.txt
2015-07-20 10:49 - 2015-07-25 17:02 - 00000000 ____D C:\FRST
2015-07-20 10:46 - 2015-07-20 10:47 - 01637888 _____ (Farbar) C:\Users\COMPAQ\Downloads\FRST.exe
2015-07-20 09:38 - 2015-07-20 09:38 - 00000000 ____D C:\Program Files (x86)\LibrarySystem
2015-07-18 18:59 - 2015-07-20 09:39 - 00000000 ____D C:\ProgramData\33e51d20000046e5
2015-07-18 12:04 - 2015-07-18 12:04 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 19:42 - 2015-06-25 19:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 19:42 - 2015-06-25 18:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:42 - 2015-06-20 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 19:42 - 2015-06-20 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 19:42 - 2015-06-20 20:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 19:42 - 2015-06-20 20:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 19:42 - 2015-06-20 20:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 19:42 - 2015-06-20 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 19:42 - 2015-06-20 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:42 - 2015-06-20 19:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 19:42 - 2015-06-19 19:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 19:42 - 2015-06-19 19:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 19:42 - 2015-06-19 19:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 19:42 - 2015-06-19 19:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:42 - 2015-06-19 19:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 19:42 - 2015-06-19 19:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 19:42 - 2015-06-19 19:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 19:42 - 2015-06-19 19:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 19:42 - 2015-06-19 19:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 19:42 - 2015-06-19 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 19:42 - 2015-06-19 18:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:42 - 2015-06-19 18:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:42 - 2015-06-19 18:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:42 - 2015-06-19 18:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 19:42 - 2015-06-19 18:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 19:41 - 2015-06-20 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 19:41 - 2015-06-20 20:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 19:41 - 2015-06-20 20:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 19:41 - 2015-06-20 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:41 - 2015-06-20 20:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 19:41 - 2015-06-20 20:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 19:41 - 2015-06-20 20:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 19:41 - 2015-06-20 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 19:41 - 2015-06-20 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:41 - 2015-06-20 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:41 - 2015-06-20 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 19:41 - 2015-06-20 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 19:41 - 2015-06-20 19:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 19:41 - 2015-06-20 19:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 19:41 - 2015-06-20 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 19:41 - 2015-06-19 19:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 19:41 - 2015-06-19 18:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:41 - 2015-06-19 18:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 19:41 - 2015-06-19 18:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 19:06 - 2015-07-15 21:14 - 00000000 ____D C:\Users\COMPAQ\AppData\Roaming\dvdcss
2015-07-15 19:04 - 2015-07-01 21:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 19:04 - 2015-07-01 21:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 19:04 - 2015-07-01 21:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 19:03 - 2015-07-01 21:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 19:03 - 2015-07-01 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 19:03 - 2015-07-01 21:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 19:03 - 2015-07-01 21:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 19:03 - 2015-07-01 21:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 19:03 - 2015-07-01 21:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 19:03 - 2015-07-01 21:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 19:03 - 2015-07-01 21:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 19:03 - 2015-07-01 21:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 19:03 - 2015-07-01 21:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 19:03 - 2015-07-01 21:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 19:03 - 2015-07-01 21:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 19:03 - 2015-07-01 21:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 19:03 - 2015-07-01 21:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 19:03 - 2015-07-01 21:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 19:03 - 2015-07-01 21:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 19:03 - 2015-07-01 21:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 19:03 - 2015-07-01 21:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 19:03 - 2015-07-01 21:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 19:03 - 2015-07-01 20:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 19:03 - 2015-07-01 20:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 19:03 - 2015-07-01 20:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 19:02 - 2015-07-01 21:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 19:02 - 2015-07-01 21:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 19:02 - 2015-07-01 21:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 19:02 - 2015-07-01 21:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 19:02 - 2015-07-01 21:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 19:02 - 2015-07-01 21:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 19:02 - 2015-07-01 21:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 19:02 - 2015-07-01 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 19:02 - 2015-07-01 21:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 19:02 - 2015-07-01 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 19:02 - 2015-07-01 21:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 19:02 - 2015-07-01 21:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 19:02 - 2015-07-01 21:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 18:57 - 2015-07-02 22:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 18:57 - 2015-07-02 22:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 18:57 - 2015-07-02 21:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 18:57 - 2015-07-02 21:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 18:57 - 2015-07-02 21:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 18:57 - 2015-07-02 20:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 18:57 - 2015-07-02 19:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 18:56 - 2015-07-02 21:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 18:56 - 2015-07-02 21:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 18:56 - 2015-07-02 20:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 18:55 - 2015-07-02 21:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 18:55 - 2015-07-02 21:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 18:43 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 18:43 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 18:41 - 2015-04-27 20:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 18:41 - 2015-04-27 20:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 18:41 - 2015-04-27 20:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 18:41 - 2015-04-27 20:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 18:41 - 2015-04-27 20:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 18:41 - 2015-04-27 20:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 18:41 - 2015-04-27 20:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 18:41 - 2015-04-27 20:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 09:23 - 2015-06-15 22:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 09:23 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:23 - 2015-06-15 22:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:23 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 09:23 - 2015-06-15 22:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 09:23 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:23 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:23 - 2015-06-15 22:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:23 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 09:23 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:23 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 09:23 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 09:19 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 09:19 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 09:18 - 2015-07-09 18:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 09:18 - 2015-07-09 18:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 09:18 - 2015-07-09 18:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 09:18 - 2015-07-09 18:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 09:18 - 2015-07-09 18:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 09:18 - 2015-07-09 18:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 09:18 - 2015-07-09 18:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 09:18 - 2015-07-09 18:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 09:15 - 2015-06-25 09:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:14 - 2015-06-27 03:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 09:14 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:14 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:13 - 2015-06-27 03:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 09:13 - 2015-06-27 02:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 09:13 - 2015-06-27 02:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 20:20 - 2015-07-09 18:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-14 20:20 - 2015-07-09 18:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-14 20:20 - 2015-07-09 18:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-14 20:20 - 2015-07-09 18:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-14 20:20 - 2015-07-09 18:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-14 20:20 - 2015-07-09 18:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-14 20:20 - 2015-07-09 18:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-14 20:20 - 2015-07-09 18:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-14 16:31 - 2015-07-14 16:32 - 58130592 _____ (Microsoft Corporation) C:\Users\COMPAQ\Downloads\Internet Explorer.EXE
2015-07-14 09:05 - 2015-07-14 09:06 - 00000000 ____D C:\ec105dded2098b84051c7c5818
2015-07-07 11:20 - 2015-07-11 10:39 - 00000000 ____D C:\Program Files (x86)\Stunning Park
2015-07-04 22:45 - 2015-07-04 22:45 - 01700284 _____ C:\Users\COMPAQ\Downloads\rota030715.html
2015-07-04 22:45 - 2015-07-04 22:45 - 00000000 ____D C:\Users\COMPAQ\Downloads\rota030715_files
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 17:16 - 2015-05-07 20:50 - 00000000 ____D C:\ProgramData\3018555522115249011
2015-07-25 17:09 - 2014-04-14 11:20 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 17:01 - 2014-04-14 11:01 - 00000000 ____D C:\Users\COMPAQ
2015-07-25 17:00 - 2014-04-14 10:49 - 01069274 _____ C:\Windows\WindowsUpdate.log
2015-07-25 16:59 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 16:59 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 16:49 - 2014-04-14 11:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 16:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 16:31 - 2014-08-07 18:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 16:28 - 2014-04-14 11:18 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{245C4CA2-F3D7-4958-ADE6-F49987DBA58F}
2015-07-25 16:17 - 2015-04-04 21:43 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 16:03 - 2014-04-14 11:34 - 00000000 ____D C:\Users\COMPAQ\AppData\Roaming\Skype
2015-07-24 20:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-24 10:44 - 2015-05-20 19:17 - 00000024 _____ C:\Users\COMPAQ\AppData\Roaming\appdataFr25.bin
2015-07-24 10:44 - 2014-04-14 11:43 - 00000000 ____D C:\Users\COMPAQ\AppData\Local\Microsoft Help
2015-07-23 17:46 - 2014-06-18 11:01 - 00000000 ____D C:\Users\COMPAQ\AppData\Local\CrashDumps
2015-07-22 11:21 - 2009-07-14 05:45 - 00409520 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 11:55 - 2014-05-31 13:46 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-20 11:53 - 2014-04-14 19:46 - 00000000 ____D C:\Windows\Panther
2015-07-20 11:49 - 2014-04-14 11:20 - 00000000 ____D C:\Users\COMPAQ\AppData\Local\Google
2015-07-20 11:44 - 2014-04-14 11:20 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-20 09:47 - 2014-08-07 18:57 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 09:47 - 2014-08-07 18:57 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-20 09:47 - 2014-08-07 18:57 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 18:57 - 2014-11-12 16:10 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2015-07-18 12:47 - 2015-04-04 21:43 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-18 12:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-18 12:04 - 2014-04-14 11:20 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 11:57 - 2014-04-14 11:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 21:32 - 2014-04-19 07:19 - 00000000 ____D C:\Users\COMPAQ\AppData\Roaming\vlc
2015-07-15 20:02 - 2014-12-11 04:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:02 - 2014-06-12 20:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 19:28 - 2014-06-08 21:34 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 19:02 - 2009-07-14 06:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-14 16:05 - 2014-04-14 11:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 16:02 - 2015-06-24 10:58 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 14:28 - 2014-04-14 11:21 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-11 10:55 - 2015-06-01 13:19 - 00000000 ____D C:\Users\COMPAQ\Downloads\holiday form_files
2015-07-11 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2015-07-11 10:39 - 2014-08-07 18:57 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-11 10:39 - 2014-08-07 18:57 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-11 10:39 - 2014-04-14 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-11 10:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-07-08 14:47 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-05 11:08 - 2014-04-14 11:35 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 22:55 - 2015-06-18 09:41 - 00000000 ____D C:\Program Files (x86)\offerAepppu
2015-07-04 22:54 - 2015-06-24 12:12 - 00000000 ____D C:\Program Files (x86)\quickshOp
2015-07-04 22:48 - 2014-11-29 13:29 - 00000000 __SHD C:\Users\COMPAQ\AppData\Local\EmieUserList
2015-07-04 22:48 - 2014-11-29 13:29 - 00000000 __SHD C:\Users\COMPAQ\AppData\Local\EmieBrowserModeList
2015-07-04 22:47 - 2014-11-29 13:29 - 00000000 __SHD C:\Users\COMPAQ\AppData\Local\EmieSiteList
2015-07-03 08:43 - 2014-06-08 21:33 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-05-20 19:17 - 2015-07-24 10:44 - 0000024 _____ () C:\Users\COMPAQ\AppData\Roaming\appdataFr25.bin
2015-05-07 09:20 - 2015-05-14 00:51 - 0000020 _____ () C:\Users\COMPAQ\AppData\Roaming\appdataFr3.bin
2014-05-31 13:52 - 2014-06-02 15:15 - 0012841 _____ () C:\Users\COMPAQ\AppData\Roaming\Bubble Dock.installation.log
2015-04-22 16:45 - 2015-04-22 16:45 - 0004096 ____H () C:\Users\COMPAQ\AppData\Local\keyfile3.drm
2015-05-12 09:05 - 2015-05-12 09:05 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\Temp.dat
2015-03-24 06:01 - 2015-03-24 06:01 - 0000057 _____ () C:\ProgramData\Ament.ini
Files to move or delete:
====================
C:\Users\COMPAQ\FRST64 (1).exe
C:\Users\COMPAQ\FRST64 (2).exe
C:\Users\COMPAQ\FRST64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-15 23:11
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015
Ran by COMPAQ at 2015-07-25 17:19:33
Running from C:\Users\COMPAQ
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1838249486-1020867623-664619754-500 - Administrator - Disabled)
COMPAQ (S-1-5-21-1838249486-1020867623-664619754-1000 - Administrator - Enabled) => C:\Users\COMPAQ
Guest (S-1-5-21-1838249486-1020867623-664619754-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1838249486-1020867623-664619754-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Asta Powerproject - Trial (HKLM-x32\...\{95E874C3-E1A5-479C-911A-C8C5D778CC94}) (Version: 12.5.00 - Asta Development PLC)
Blipshot one click screenshots (HKLM-x32\...\{0B750649-0E5A-78CB-A6AE-E2D6E2AD8882}) (Version: - "")
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
cheapcoup (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - cheapcoup) <==== ATTENTION
Google Chrome (HKLM-x32\...\{5F6C7C79-9E78-3694-8827-E4F4936BA25F}) (Version: 65.205.49268 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
History Trends (HKLM-x32\...\{D790D3FB-670B-6EF4-3686-4CB69E4ADE96}) (Version: - "") <==== ATTENTION
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LibrarySystem (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{88c3b28}) (Version: - Software Publisher) <==== ATTENTION
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
offerAepppu (HKLM-x32\...\{BDA14B0B-4672-3ABF-B189-A5958FE3A42F}) (Version: - "") <==== ATTENTION
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Skype™ 6.14 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.14.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Official DVSA Theory Test for Car Drivers (HKLM-x32\...\{E9DF3ECB-00F3-4992-955D-ABC9AAD23BFA}) (Version: 1.00.0000 - TSO)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
24-06-2015 11:37:45 Windows Backup
24-06-2015 11:48:13 Windows Update
28-06-2015 00:26:36 Windows Update
30-06-2015 14:51:18 Windows Backup
03-07-2015 12:09:35 Windows Update
07-07-2015 08:35:22 Windows Backup
07-07-2015 10:06:32 Windows Update
11-07-2015 10:29:31 Restore Operation
11-07-2015 11:23:15 Windows Update
13-07-2015 12:51:52 Windows Backup
15-07-2015 08:52:24 Windows Update
15-07-2015 19:35:42 Windows Modules Installer
18-07-2015 11:44:42 Windows Update
23-07-2015 10:07:14 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0107BE11-A893-47DA-A739-377F280A8AC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14] (Google Inc.)
Task: {11F3BF2D-FC08-4977-863A-97E22AC34EA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {62AEAAFC-A7F6-48AF-ABEC-6A0D02040697} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-20] (Adobe Systems Incorporated)
Task: {9C7DF717-0D13-4C90-AAB2-5DDDC7AC2745} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {A5B0BA26-1994-483E-9F61-2184CF622573} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {EA8D952B-43D8-4F06-87BA-4CF28A1EBA2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-20 09:38 - 2015-07-20 09:38 - 02280448 _____ () c:\Program Files (x86)\LibrarySystem\LibrarySystem.dll
2015-07-14 14:28 - 2015-07-13 22:55 - 01281864 _____ () c:\program files (x86)\google\chrome\application\43.0.2357.134\libglesv2.dll
2015-07-14 14:28 - 2015-07-13 22:55 - 00080712 _____ () c:\program files (x86)\google\chrome\application\43.0.2357.134\libegl.dll
2015-07-14 14:28 - 2015-07-13 22:55 - 16308040 _____ () c:\program files (x86)\google\chrome\application\43.0.2357.134\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1838249486-1020867623-664619754-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\COMPAQ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2DD6A4DD-8968-4EF3-85AD-981C44A24495}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CF9419EB-E6D6-4946-AFC4-7A2DE0A331D9}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{C983F07A-474A-46AA-B851-7B67CF82DCF5}] => (Allow) LPort=5357
FirewallRules: [{0F0F29C9-A229-4CB6-9933-119522DC34AA}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{8AA88E01-79B6-4D6E-B08A-D081A7CEAA09}] => (Allow) C:\Users\COMPAQ\AppData\Local\Temp\7zS1D16\HPDiagnosticCoreUI.exe
FirewallRules: [{D55D2806-8A8D-456D-B8E6-1AE77B551D6F}] => (Allow) C:\Users\COMPAQ\AppData\Local\Temp\7zS1D16\HPDiagnosticCoreUI.exe
FirewallRules: [{EE8B8A00-759E-4496-83D3-44901C485EB4}] => (Allow) C:\Users\COMPAQ\AppData\Local\Temp\7zS6F18\HPDiagnosticCoreUI.exe
FirewallRules: [{3182B4FC-CF54-4C6E-8AB3-59BCE0826047}] => (Allow) C:\Users\COMPAQ\AppData\Local\Temp\7zS6F18\HPDiagnosticCoreUI.exe
FirewallRules: [{6EDF871B-2C3B-4CDD-853B-C1275ABABE18}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2015 03:20:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17923, time stamp: 0x55945dbd
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000005
Fault offset: 0x000000000004ada4
Faulting process id: 0x1258
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
Error: (07/22/2015 11:16:22 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x81000101).
Error: (07/22/2015 01:11:44 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{a9f504fe-c3b9-11e3-8844-806e6f6e6963} - 000000000000012C,0x0053c008,000000000040C9F0,0,000000000040DA00,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.
Operation:
Processing EndPrepareSnapshots
Context:
Execution Context: System Provider
Error: (07/22/2015 01:11:39 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
Error: (07/21/2015 11:37:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17923, time stamp: 0x55945dbd
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000005
Fault offset: 0x000000000004ada4
Faulting process id: 0x1274
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
Error: (07/21/2015 11:09:09 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/21/2015 11:09:09 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/21/2015 11:09:09 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/21/2015 11:09:09 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (07/21/2015 11:08:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (07/25/2015 04:52:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (07/25/2015 04:50:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (07/25/2015 04:49:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The System guard service failed to start due to the following error:
%%3
Error: (07/25/2015 04:46:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (07/25/2015 04:04:07 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
Feature: %%834
Error Code: 0x80004005
Error description: Unspecified error
Reason: %%838
Error: (07/25/2015 04:03:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BEBA2AA5-B5A7-4DD3-9AD6-43B24CDD3B7D}
Error: (07/25/2015 01:14:53 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.4 with the system
having network hardware address D8-FE-E3-5E-E8-CF. Network operations on this system may
be disrupted as a result.
Error: (07/25/2015 03:38:25 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{617A6249-EF47-4F9E-94F1-48ED59343A79} because another computer on the network has the same name. The server could not start.
Error: (07/24/2015 07:05:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Error: (07/24/2015 05:49:53 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialization failed because the transport refused to open initial addresses.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: AMD E-300 APU with Radeon HD Graphics
Percentage of memory in use: 41%
Total physical RAM: 3690.91 MB
Available physical RAM: 2173.98 MB
Total Virtual: 7380.02 MB
Available Virtual: 5438.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:447.35 GB) (Free:395.75 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:14.34 GB) (Free:0 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
Drive f: (HP EN4500) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E10DB753)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End of log ============================
Process CPU Private Bytes Working Set PID Verified Signer
System Idle Process 0 K 24 K 0
System 0.97 192 K 612 K 4
Interrupts 2.59 0 K 0 K n/a
smss.exe 440 K 316 K 276 (Verified) Microsoft Windows
csrss.exe 0.01 2,040 K 1,896 K 380 (Verified) Microsoft Windows
wininit.exe 1,468 K 324 K 452 (Verified) Microsoft Windows
services.exe 0.05 5,600 K 5,308 K 560 (Verified) Microsoft Windows
svchost.exe 0.33 4,432 K 3,880 K 692 (Verified) Microsoft Windows
WmiPrvSE.exe 2,456 K 6,176 K 4596 (Verified) Microsoft Windows
svchost.exe 0.18 5,088 K 5,220 K 768 (Verified) Microsoft Windows
MsMpEng.exe 1.90 141,380 K 73,608 K 816 (Verified) Microsoft Corporation
atiesrxx.exe 1,452 K 656 K 940 (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,188 K 1,628 K 1092 (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 0.10 21,732 K 13,300 K 980 (Verified) Microsoft Windows
audiodg.exe 1.88 16,912 K 14,932 K 2676 (Verified) Microsoft Windows
svchost.exe 0.28 125,576 K 119,176 K 1020 (Verified) Microsoft Windows
dwm.exe 4.60 33,480 K 42,496 K 1392 (Verified) Microsoft Windows
svchost.exe 0.58 12,744 K 14,256 K 324 (Verified) Microsoft Windows
svchost.exe 0.52 30,516 K 24,640 K 376 (Verified) Microsoft Windows
taskeng.exe 1,984 K 5,728 K 2572 (Verified) Microsoft Windows
HPCustPartic.exe 0.07 5,116 K 6,380 K 4572 (Verified) Hewlett Packard
taskeng.exe 0.32 380 K 120 K 3260 (Verified) Microsoft Windows
svchost.exe 0.07 14,920 K 9,864 K 1128 (Verified) Microsoft Windows
spoolsv.exe 7,700 K 4,832 K 1504 (Verified) Microsoft Windows
svchost.exe 0.01 11,948 K 11,460 K 1548 (Verified) Microsoft Windows
taskhost.exe 0.03 8,208 K 4,244 K 1584 (Verified) Microsoft Windows
rundll32.exe 876 K 324 K 1872 (Verified) Microsoft Windows
rundll32.exe 14,344 K 2,128 K 1088 (Verified) Microsoft Windows
armsvc.exe 1,164 K 380 K 1564 (Verified) Adobe Systems
svchost.exe 4,704 K 5,728 K 1580 (Verified) Microsoft Windows
svchost.exe 4,552 K 2,728 K 1460 (Verified) Microsoft Windows
NisSrv.exe 0.04 12,896 K 6,764 K 2112 (Verified) Microsoft Corporation
svchost.exe 2,580 K 2,920 K 2164 (Verified) Microsoft Windows
SearchIndexer.exe 0.02 24,636 K 10,120 K 2948 (Verified) Microsoft Windows
svchost.exe 0.11 7,972 K 6,988 K 2840 (Verified) Microsoft Windows
wmpnetwk.exe 22.76 2,490,036 K 436,412 K 2956 (Verified) Microsoft Windows
svchost.exe 11,364 K 9,952 K 3176 (Verified) Microsoft Windows
svchost.exe 1,504 K 1,368 K 3832 (Verified) Microsoft Windows
TrustedInstaller.exe 4,140 K 1,956 K 5028 (Verified) Microsoft Windows
taskhost.exe 0.17 6,684 K 14,156 K 4176 (Verified) Microsoft Windows
lsass.exe 0.39 5,252 K 6,808 K 568 (Verified) Microsoft Windows
lsm.exe 2,392 K 1,760 K 576 (Verified) Microsoft Windows
csrss.exe 0.94 2,600 K 3,380 K 472 (Verified) Microsoft Windows
winlogon.exe 2,860 K 1,536 K 520 (Verified) Microsoft Windows
explorer.exe 0.41 70,280 K 42,040 K 1416 (Verified) Microsoft Windows
msseces.exe 5,984 K 1,400 K 2444 (Verified) Microsoft Corporation
Skype.exe 0.59 81,868 K 35,164 K 2452 (Verified) Skype Software Sarl
sidebar.exe 14,708 K 19,104 K 2460 (Verified) Microsoft Windows
SSScheduler.exe 3,412 K 932 K 2488 (Verified) McAfee
notepad.exe 1,872 K 6,528 K 4080 (Verified) Microsoft Windows
wmpnscfg.exe 1.59 1,428 K 4,416 K 4436 (Verified) Microsoft Windows
GWX.exe 3,048 K 916 K 2024 (Verified) Microsoft Windows
hpwuschd2.exe 948 K 844 K 2708 (Verified) Hewlett-Packard Company
CCleaner64.exe 0.02 8,236 K 1,396 K 2656 (Verified) Piriform Ltd
FRST64 (1).exe 0.36 24,264 K 5,028 K 4344 (No signature was present in the subject) Farbar
notepad.exe 1,872 K 2,920 K 5080 (Verified) Microsoft Windows
notepad.exe 1,816 K 1,840 K 4244 (Verified) Microsoft Windows
chrome.exe 7.11 73,312 K 105,576 K 3684 (Verified) Google Inc
chrome.exe 5.69 48,104 K 49,208 K 284 (Verified) Google Inc
chrome.exe 22,524 K 2,276 K 3632 (Verified) Google Inc
chrome.exe 25,868 K 2,288 K 3756 (Verified) Google Inc
chrome.exe 17,752 K 2,248 K 4696 (Verified) Google Inc
chrome.exe 0.42 29,992 K 13,460 K 3728 (Verified) Google Inc
chrome.exe 22,560 K 2,288 K 2124 (Verified) Google Inc
chrome.exe 0.05 28,264 K 13,248 K 3772 (Verified) Google Inc
chrome.exe 28.91 549,472 K 560,580 K 3356 (Verified) Google Inc
chrome.exe 1.32 220,044 K 172,968 K 3784 (Verified) Google Inc
chrome.exe 1.65 90,644 K 75,536 K 4456 (Verified) Google Inc
procexp.exe 2,564 K 6,712 K 4732 (Verified) Microsoft Corporation
procexp64.exe 9.40 24,880 K 43,128 K 4584 (Verified) Microsoft Corporation