This topic is locked
I have many new programs running that I did not install and ad pop-ups for malware removal and warnings running on top of eachother. Here are the logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-08-2015 01
Ran by Owner (administrator) on OWNER-PC (09-08-2015 10:04:35)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser path: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\Controller\cohc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Cinema PlusV09.08) C:\Program Files (x86)\Cinema PlusV09.08-ntf\418780ce-3d28-4b57-8fc4-c70230d4f25e-10.exe
(Cinema PlusV09.08) C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\hnsfB1D2.tmp
() C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\knsfD0EE.tmpfs
() C:\Users\Owner\AppData\Local\McAfeeSecurity\mcafee.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(eLink Industry, Inc.) C:\Users\Owner\AppData\Roaming\TWV\MediaService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
() C:\Program Files (x86)\Coupon Time\updateCouponTime.exe
() C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Users\Owner\AppData\Local\gmsd_us_005010055\upgmsd_us_005010055.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGCA.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
(Sierra Wireless Inc.) C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
() C:\Program Files (x86)\gmsd_us_005010055\gmsd_us_005010055.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\DNS Unlocker\dnswabeno.exe
() C:\Program Files (x86)\Coupon Time\bin\CouponTime.PurBrowse64.exe
() C:\Program Files (x86)\Coupon Time\bin\CouponTime.BrowserAdapter64.exe
() C:\Program Files (x86)\Coupon Time\bin\CouponTime.BrowserAdapter.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(eLink Industry, Inc.) C:\Users\Owner\AppData\Roaming\TWV\winpl.exe
(eLink Industry, Inc.) C:\Users\Owner\AppData\Roaming\TWV\winpl.exe
(eLink Industry, Inc.) C:\Users\Owner\AppData\Roaming\TWV\winpl.exe
(eLink Industry, Inc.) C:\Users\Owner\AppData\Roaming\TWV\winpl.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-02] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-05-02] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-09-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [43008 2011-04-08] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [822728 2015-07-27] (Webroot)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-10-31] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [EverioService] => C:\Program Files (x86)\CyberLink\PCM4Everio\EverioService.exe [151552 2007-11-01] (CyberLink Corp.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [300472 2010-05-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TRUUpdater] => C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe [570736 2010-07-13] (Sierra Wireless, Inc.)
HKLM-x32\...\Run: [WatcherHelper] => C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe [103792 2010-06-23] (Sierra Wireless Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\BrowserPlugInHelper.exe [400896 2013-01-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [gmsd_us_005010055] => C:\Program Files (x86)\gmsd_us_005010055\gmsd_us_005010055.exe [3986064 2015-08-08] ()
HKLM-x32\...\RunOnce: [upgmsd_us_005010055.exe] => C:\Users\Owner\AppData\Local\gmsd_us_005010055\upgmsd_us_005010055.exe [3345552 2015-08-08] ()
HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [EPSON NX420 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Run: [GoogleChromeAutoLaunch_9C0C11CE362BB547A69B6E9BF20A1C96] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048 2015-05-11] (Crossbrowse)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-09-23]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2011-11-15]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk [2012-11-15]
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk [2012-11-15]
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-07-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-23]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-23]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-08-08]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcLQac9KvezFib9CWstoW67OAiRnlLqG9XDeTal_Qzbc4cJqypSIMA-n55M4QrunQCZJIzmdHd4nf2
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3206371679-4115178929-761777742-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3206371679-4115178929-761777742-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3206371679-4115178929-761777742-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3206371679-4115178929-761777742-1000 -> {ielnksrch} URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIPc7-luTLJrDFH_OAl5xepwpv3-4PetSpjaods9wnDA5nvbYmSuSlpWW7ap_CCsSOH1dggE-RLHQxN834pnSc9ZcIfYkJQaTd2e43jD5vUfrOkEHWR2wx8kNBKNRyIGv3LeD-cQWeXvjqDFigNfEfClzMCCS1kemXJkp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2012-11-15] ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO)
BHO-x32: TunePro360 -> {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} -> C:\Program Files (x86)\adlevel\TunePRO360.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll [2013-01-19] (iSkysoft Software Co., Ltd.)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2012-11-15] ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-02] (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2012-11-15] ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2012-11-15] ()
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-05-12] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-05-12] (Citrix Systems, Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\Peakoar.dll [283488 2015-08-08] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\Peakoar.dll [283488 2015-08-08] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\Peakoar.dll [283488 2015-08-08] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\Peakoar.dll [283488 2015-08-08] ()
Winsock: Catalog9 16 C:\Windows\SysWOW64\Peakoar.dll [283488 2015-08-08] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\Peakoar64.dll [353632 2015-08-08] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\Peakoar64.dll [353632 2015-08-08] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\Peakoar64.dll [353632 2015-08-08] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\Peakoar64.dll [353632 2015-08-08] ()
Winsock: Catalog9-x64 16 C:\Windows\system32\Peakoar64.dll [353632 2015-08-08] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.226
Tcpip\..\Interfaces\{086893CE-DFF2-436F-A597-AF439872C8A2}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{B6E6BE54-A718-4AF6-95D1-75DB49F73055}: [DhcpNameServer] 192.168.0.1 205.171.2.226
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-08-07] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2011-06-30] (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-08-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2011-06-30] (Best Buy)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-09] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-09] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\user.js [2015-08-08]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2010-05-12] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2015-05-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2010-04-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2010-05-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npatgpc.dll [2012-03-03] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\searchplugins\trovi.xml [2015-08-08]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2015-08-08]
FF Extension: Cinema PlusV09.08 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] [2015-08-09]
FF Extension: SpecialSavings - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] [2012-03-18]
FF Extension: Webroot - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2012-11-15]
FF Extension: FireFTP - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-06-15]
FF Extension: Ghostery - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\lghuf863.default\Extensions\[email protected] [2013-08-21]
FF Extension: TunePro360 - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\temp [2015-08-08]
FF Extension: DrSpeedyPc - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{88d83554-2fdc-4bb9-8dcd-f2d46d175f88} [2015-08-08]
FF HKLM\...\Firefox\Extensions: [{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}] - C:\Program Files\shopperz04082015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
FF Extension: iSkysoft Video Converter Ultimate - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt [2013-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}] - C:\Program Files\shopperz04082015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
FF HKLM-x32\...\Firefox\Extensions: [{88d83554-2fdc-4bb9-8dcd-f2d46d175f88}] - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{88d83554-2fdc-4bb9-8dcd-f2d46d175f88}
FF HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles/lghuf863.default\extensions\[email protected]
FF Extension: SpecialSavings - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles/lghuf863.default\extensions\[email protected] [2012-03-18]
FF HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-09]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-09]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-09]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-09]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-09]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-09]
CHR Extension: (iSkysoft Video Converter Ultimate) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj [2013-08-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-21]
CHR Extension: (Webroot) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2013-08-01]
CHR Extension: (Cinema PlusV09.08) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-08-09]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-09]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-03-24]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 cohci1394; C:\Program Files\Controller\cohc.exe [379392 2015-08-06] () [File not signed]
R2 comyninu; C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\hnsfB1D2.tmp [161792 2015-08-08] () [File not signed]
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [498688 2011-06-14] (Red Bend Ltd.) [File not signed]
R2 dssenh; C:\Users\Owner\AppData\Local\McAfeeSecurity\mcafee.exe [37888 2015-08-08] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-09] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-09] (globalUpdate) [File not signed] <==== ATTENTION
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2013-10-31] (LeapFrog Enterprises, Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MediaService; C:\Users\Owner\AppData\Roaming\TWV\MediaService.exe [115712 2015-05-21] (eLink Industry, Inc.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [272024 2006-12-19] ()
R2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [284016 2010-07-13] (Sierra Wireless, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 Update Coupon Time; C:\Program Files (x86)\Coupon Time\updateCouponTime.exe [655088 2015-08-09] ()
R2 Util Coupon Time; C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe [655088 2015-08-09] ()
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [986112 2011-06-14] (Intel® Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [822728 2015-07-27] (Webroot)
R2 dezyloje; C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\knsfD0EE.tmpfs [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [56320 2011-04-08] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 swmsflt; C:\Windows\System32\DRIVERS\swmsflt.sys [48856 2010-04-15] ()
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [240640 2010-06-21] (Sierra Wireless Inc.)
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [210944 2010-06-21] (Sierra Wireless Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
U3 Winsock; no ImagePath
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [116224 2015-07-27] (Webroot)
R1 {949ba8b6-a9ea-4b6b-a97d-688a70f2ea0b}Gw64; C:\Windows\System32\drivers\{949ba8b6-a9ea-4b6b-a97d-688a70f2ea0b}Gw64.sys [48784 2015-08-08] (StdLib)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 snqjhjan; \??\C:\Windows\system32\drivers\snqjhjan.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-09 10:04 - 2015-08-09 10:04 - 00038096 _____ C:\Users\Owner\Desktop\FRST.txt
2015-08-09 10:04 - 2015-08-09 10:04 - 00000000 ____D C:\FRST
2015-08-09 10:02 - 2015-08-09 10:02 - 02169856 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-08-09 09:18 - 2015-08-09 09:18 - 00003260 _____ C:\Windows\System32\Tasks\Bluetooth Support Service32
2015-08-09 08:50 - 2015-08-09 09:50 - 00005510 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.job
2015-08-09 08:50 - 2015-08-09 09:50 - 00003130 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00005174 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00004486 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00003466 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00002438 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00002438 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00001014 _____ C:\Windows\Tasks\DK8is89dyPzmla2uemyT3.job
2015-08-09 08:50 - 2015-08-09 09:44 - 00000996 _____ C:\Windows\Tasks\dum3wyST49Ex.job
2015-08-09 08:50 - 2015-08-09 08:50 - 00008538 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6
2015-08-09 08:50 - 2015-08-09 08:50 - 00008204 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7
2015-08-09 08:50 - 2015-08-09 08:50 - 00007516 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4
2015-08-09 08:50 - 2015-08-09 08:50 - 00006496 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7
2015-08-09 08:50 - 2015-08-09 08:50 - 00006158 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6
2015-08-09 08:50 - 2015-08-09 08:50 - 00005468 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5
2015-08-09 08:50 - 2015-08-09 08:50 - 00004040 _____ C:\Windows\System32\Tasks\DK8is89dyPzmla2uemyT3
2015-08-09 08:50 - 2015-08-09 08:50 - 00004022 _____ C:\Windows\System32\Tasks\dum3wyST49Ex
2015-08-09 08:50 - 2015-08-09 08:50 - 00000000 ____D C:\Program Files (x86)\e0e47087-3946-45d1-aaf1-7bd4f3f3a0b2
2015-08-09 08:49 - 2015-08-09 09:54 - 00000000 ____D C:\Program Files (x86)\ORBTR
2015-08-09 08:49 - 2015-08-09 09:49 - 00002112 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user.job
2015-08-09 08:49 - 2015-08-09 09:44 - 00004486 _____ C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.job
2015-08-09 08:49 - 2015-08-09 08:50 - 00000000 ____D C:\Program Files (x86)\Cinema PlusV09.08
2015-08-09 08:49 - 2015-08-09 08:49 - 00007516 _____ C:\Windows\System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3
2015-08-09 08:49 - 2015-08-09 08:49 - 00000000 ____D C:\Program Files (x86)\Cinema PlusV09.08-ntf
2015-08-09 08:18 - 2015-08-09 08:18 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-08-08 23:36 - 2015-08-09 09:48 - 00000000 ____D C:\Users\Owner\AppData\Local\gmsd_us_005010055
2015-08-08 23:36 - 2015-08-09 08:52 - 00000000 ____D C:\Program Files (x86)\gmsd_us_005010055
2015-08-08 23:36 - 2015-08-08 23:36 - 00003490 _____ C:\Windows\System32\Tasks\snp
2015-08-08 23:36 - 2015-08-08 23:36 - 00003122 _____ C:\Windows\System32\Tasks\snf
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\Users\Owner\AppData\Local\McAfeeSecurity
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\ProgramData\Soltops
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-08 23:36 - 2015-08-08 23:36 - 00000000 ____D C:\Program Files\Controller
2015-08-08 23:35 - 2015-08-08 23:35 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-08-08 23:07 - 2015-08-08 23:07 - 00003072 _____ C:\Windows\System32\Tasks\DrspeedyPc Secure
2015-08-08 23:05 - 2015-08-09 09:55 - 00000000 ____D C:\Program Files (x86)\DrSpeedyPC
2015-08-08 23:00 - 2015-08-08 23:00 - 00003206 _____ C:\Windows\System32\Tasks\{A4190820-604B-403C-B3CC-528674BB0D72}
2015-08-08 22:52 - 2015-08-09 08:52 - 00000005 _____ C:\END
2015-08-08 22:51 - 2015-08-08 22:52 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker
2015-08-08 22:51 - 2015-08-08 22:51 - 00026348 _____ C:\Windows\System32\Tasks\DNSWABENO
2015-08-08 22:51 - 2015-08-08 22:51 - 00002065 _____ C:\Users\Owner\Desktop\Continue SpaceSoundPro Uninstaller.lnk
2015-08-08 22:51 - 2015-08-08 22:51 - 00001009 _____ C:\Users\Owner\Desktop\GUPlayer.lnk
2015-08-08 22:51 - 2015-08-08 22:51 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
2015-08-08 22:51 - 2015-08-08 22:51 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-08 22:48 - 2015-08-08 22:48 - 00000000 ____D C:\Program Files (x86)\predm
2015-08-08 22:46 - 2015-08-08 22:46 - 00000000 ____D C:\ProgramData\2e33e05a00007796
2015-08-08 22:31 - 2015-08-08 22:31 - 00555640 _____ C:\Users\Owner\Downloads\Unconfirmed 671830.crdownload
2015-08-08 22:30 - 2015-08-08 23:03 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-08 22:30 - 2015-08-08 23:03 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-08 22:30 - 2015-08-08 23:03 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-08 22:30 - 2015-08-08 22:32 - 00002828 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-08 22:30 - 2015-08-08 22:32 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-08 22:30 - 2015-08-08 22:32 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-08 22:29 - 2015-08-08 23:03 - 00000340 _____ C:\Windows\Tasks\Superclean.job
2015-08-08 22:29 - 2015-08-08 22:29 - 00613255 _____ (CMI Limited) C:\Users\Owner\AppData\Local\nsz777.tmp
2015-08-08 22:29 - 2015-08-08 22:29 - 00003252 _____ C:\Windows\System32\Tasks\Superclean
2015-08-08 22:29 - 2015-08-08 22:29 - 00000000 __SHD C:\Users\Owner\AppData\Roaming\AnyProtectEx
2015-08-08 22:29 - 2015-08-08 22:29 - 00000000 ____D C:\Windows\SysWOW64\Flash
2015-08-08 22:29 - 2015-08-08 22:29 - 00000000 ____D C:\ProgramData\{4d917b50-ca18-1849-4d91-17b50ca1ed43}
2015-08-08 22:26 - 2015-08-09 09:44 - 00001018 _____ C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW4.job
2015-08-08 22:26 - 2015-08-09 09:44 - 00001016 _____ C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW.job
2015-08-08 22:26 - 2015-08-08 22:26 - 00004044 _____ C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW4
2015-08-08 22:26 - 2015-08-08 22:26 - 00004042 _____ C:\Windows\System32\Tasks\YeUBBA7OfsskP753cAqWAW
2015-08-08 22:25 - 2015-08-09 09:44 - 00000970 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-08-08 22:25 - 2015-08-09 09:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-08 22:25 - 2015-08-09 08:54 - 00000974 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-08-08 22:25 - 2015-08-09 08:49 - 00003972 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-08-08 22:25 - 2015-08-09 08:49 - 00003718 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-08-08 22:25 - 2015-08-08 22:25 - 00000000 ____D C:\Users\Owner\AppData\Local\globalUpdate
2015-08-08 22:25 - 2015-08-08 22:25 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-08 22:24 - 2015-08-09 08:50 - 00000000 ____D C:\Program Files (x86)\adlevel
2015-08-08 22:24 - 2015-08-08 22:24 - 00154826 _____ C:\Program Files (x86)\uninstaller.exe
2015-08-08 22:24 - 2015-08-08 22:24 - 00003060 _____ C:\Windows\System32\Tasks\TunePro360 Updater
2015-08-08 22:24 - 2015-08-08 22:24 - 00002528 _____ C:\Windows\system32\PeakoarOff.ini
2015-08-08 22:24 - 2015-08-08 22:24 - 00000000 ____D C:\Program Files (x86)\TechVedic
2015-08-08 22:23 - 2015-08-09 09:44 - 00001056 _____ C:\Windows\Tasks\Crossbrowse.job
2015-08-08 22:23 - 2015-08-08 23:03 - 00000000 ____D C:\Program Files\shopperz04082015
2015-08-08 22:23 - 2015-08-08 22:24 - 00004808 _____ C:\Windows\SysWOW64\Peakoar.ini
2015-08-08 22:23 - 2015-08-08 22:24 - 00002528 _____ C:\Windows\SysWOW64\PeakoarOff.ini
2015-08-08 22:23 - 2015-08-08 22:23 - 00004082 _____ C:\Windows\System32\Tasks\Crossbrowse
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\Windows\system32\aby
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\Users\Owner\AppData\Local\Crossbrowse
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-08-08 22:23 - 2015-08-08 22:23 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-08-08 22:23 - 2015-08-02 07:50 - 00353632 _____ C:\Windows\system32\Peakoar64.dll
2015-08-08 22:23 - 2015-08-02 07:50 - 00283488 _____ C:\Windows\SysWOW64\Peakoar.dll
2015-08-08 21:53 - 2015-08-09 09:58 - 00000342 ____H C:\Windows\Tasks\SFNPKXCMWVMXYUKG.job
2015-08-08 21:53 - 2015-08-09 09:55 - 00000000 ____D C:\Users\Owner\AppData\Local\SmartWeb
2015-08-08 21:53 - 2015-08-09 09:43 - 00000330 _____ C:\Windows\Tasks\OMYQNNDMU1.job
2015-08-08 21:53 - 2015-08-09 08:49 - 00000000 ____D C:\ProgramData\FlashBeat
2015-08-08 21:53 - 2015-08-08 21:53 - 00004034 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-08 21:53 - 2015-08-08 21:53 - 00003376 _____ C:\Windows\System32\Tasks\SFNPKXCMWVMXYUKG
2015-08-08 21:53 - 2015-08-08 21:53 - 00002852 _____ C:\Windows\System32\Tasks\OMYQNNDMU1
2015-08-08 21:53 - 2015-08-08 21:53 - 00000000 ____D C:\ProgramData\Service1291
2015-08-08 21:53 - 2015-08-08 21:53 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-08 21:50 - 2015-08-08 18:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{949ba8b6-a9ea-4b6b-a97d-688a70f2ea0b}Gw64.sys
2015-08-08 21:49 - 2009-06-10 14:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-08 21:48 - 2015-08-08 21:56 - 00000000 ____D C:\Users\Owner\AppData\Local\07599E80-1439070532-81E1-3676-5404A63C37F3
2015-08-08 21:48 - 2015-08-08 21:48 - 00003542 _____ C:\Windows\System32\Tasks\Inst_Rep
2015-08-08 21:47 - 2015-08-09 09:53 - 00000000 ____D C:\Program Files (x86)\Coupoon
2015-08-08 21:47 - 2015-08-09 09:50 - 00000000 ____D C:\Program Files (x86)\Coupon Time
2015-08-08 21:47 - 2015-08-09 09:01 - 00000000 ____D C:\ProgramData\abc
2015-08-08 21:47 - 2015-08-09 08:53 - 00000000 ____D C:\Program Files\Coupoon
2015-08-08 21:47 - 2015-08-08 21:49 - 00000000 ____D C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3
2015-08-08 21:45 - 2015-08-08 21:46 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TWV
2015-08-08 21:45 - 2015-08-08 21:45 - 00750096 _____ () C:\Users\Owner\Downloads\7 Wonders_ Treasures of Seven__3422_il1095080.exe
2015-08-08 21:45 - 2015-08-08 21:45 - 00003984 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-08 21:45 - 2015-08-08 21:45 - 00001199 _____ C:\Users\Owner\Desktop\Continue installation .lnk
2015-08-07 23:21 - 2015-08-07 23:23 - 00000000 ____D C:\ProgramData\PopCap Games
2015-08-07 23:21 - 2015-08-07 23:21 - 00001315 _____ C:\Users\Public\Desktop\Plants vs. Zombies.lnk
2015-08-07 23:21 - 2015-08-07 23:21 - 00000206 _____ C:\Users\Public\Desktop\Play More Great Games!.url
2015-08-07 23:21 - 2015-08-07 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
2015-08-07 23:21 - 2015-08-07 23:21 - 00000000 ____D C:\Program Files (x86)\PopCap Games
2015-08-07 23:18 - 2015-08-07 23:19 - 42708728 _____ C:\Users\Owner\Downloads\PlantsVsZombies_20110922_EN_3_1.exe
2015-08-07 21:14 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-07 21:14 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-07 21:14 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-07 21:14 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-07 21:14 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-07 21:14 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-07 21:14 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-07 21:14 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-07 21:13 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-07 21:13 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-07 21:13 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-07 21:13 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-07 21:13 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-07 21:13 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-07 21:13 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-07 21:13 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-07 21:13 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-07 21:13 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-07 21:13 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-07 21:13 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-07 21:13 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-07 21:13 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-07 21:13 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-07 21:13 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-07 21:13 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-07 21:13 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-07 21:13 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-07 21:13 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-07 21:13 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-07 21:12 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-07 21:12 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-07 21:12 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-07 21:12 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-07 21:12 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-07 21:12 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-07 21:12 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-07 21:12 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-07 21:12 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-07 21:12 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-07 21:12 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-07 21:12 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-07 21:12 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-07 21:12 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-07 21:12 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-07 21:12 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-07 21:12 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-07 21:12 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-07 21:12 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-07 21:12 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-07 21:12 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-07 21:12 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-07 21:12 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-07 21:12 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-07 21:12 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-07 21:12 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-07 21:12 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-07 21:12 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-07 21:12 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-07 21:12 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-07 21:12 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-07 21:12 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-07 21:12 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-07 21:12 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-07 21:12 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-07 21:12 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-07 21:12 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-07 21:12 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-07 21:12 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-07 21:12 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-07 21:12 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-07 21:12 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-07 21:12 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-07 21:12 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-07 21:12 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-07 21:12 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-07 21:12 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-07 21:12 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-07 21:12 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-07 21:12 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-07 21:12 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-07 21:12 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-07 21:12 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-07 21:12 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-07 21:12 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-07 21:12 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-07 21:12 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-07 21:12 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-07 21:11 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-07 21:11 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-07 21:11 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-07 21:11 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-07 21:11 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-07 21:11 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-07 21:10 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-07 21:10 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-07 21:10 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-07 21:10 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-07 21:10 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-07 21:10 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-07 21:10 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-07 21:10 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-07 21:10 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-07 21:10 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-07 21:10 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-07 21:10 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-07 21:10 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-07 21:10 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-07 21:10 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-07 21:10 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-07 21:10 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-07 21:10 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-07 21:10 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-07 21:10 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-07 21:10 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-07 21:10 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-07 21:10 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-07 21:10 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-07 21:10 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-07 21:10 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-07 21:10 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-07 21:10 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-07 21:10 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-07 21:10 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-07 21:10 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-07 21:10 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-08-07 21:10 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-08-07 21:10 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-07 21:10 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-07 21:10 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-07 21:10 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-07 21:10 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-07 21:10 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-07 21:10 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-08-07 21:10 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-27 08:53 - 2015-07-27 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-27 08:52 - 2015-07-27 08:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-10 06:39 - 2015-08-09 09:21 - 00000000 ___HD C:\$Windows.~BT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-09 10:05 - 2012-01-18 15:02 - 00000000 ____D C:\ProgramData\WRData
2015-08-09 10:04 - 2012-01-17 21:45 - 00000000 ____D C:\Users\Owner\AppData\Local\VirtualStore
2015-08-09 10:00 - 2013-08-01 13:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-09 09:58 - 2011-11-15 00:00 - 01731252 _____ C:\Windows\WindowsUpdate.log
2015-08-09 09:53 - 2009-07-13 21:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-09 09:53 - 2009-07-13 21:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-09 09:50 - 2009-07-13 19:34 - 00000505 _____ C:\Windows\win.ini
2015-08-09 09:46 - 2012-07-02 16:03 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2015-08-09 09:44 - 2013-08-01 13:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-09 09:43 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-09 09:43 - 2009-07-13 21:51 - 00093609 _____ C:\Windows\setupact.log
2015-08-09 09:37 - 2013-10-12 10:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-09 09:35 - 2011-11-15 00:15 - 00001570 _____ C:\Windows\system32\ServiceFilter.ini
2015-08-09 09:34 - 2011-09-23 05:39 - 00393724 _____ C:\Windows\PFRO.log
2015-08-09 09:03 - 2009-07-28 23:03 - 00000000 ____D C:\Windows\Panther
2015-08-09 08:19 - 2012-01-17 21:46 - 00001427 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-09 08:18 - 2011-11-15 00:15 - 00002576 _____ C:\Windows\system32\AutoRunFilter.ini
2015-08-09 00:10 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-08 23:36 - 2013-08-01 13:46 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-08 23:07 - 2013-08-15 08:00 - 00000000 ____D C:\Windows\system32\MRT
2015-08-08 22:59 - 2012-01-17 21:46 - 00000000 ____D C:\Users\Owner\AppData\Local\Deployment
2015-08-08 22:24 - 2015-06-15 08:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-08 22:24 - 2011-09-23 05:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-08-08 22:24 - 2011-09-23 05:27 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-08-08 21:51 - 2012-01-17 21:45 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-08-08 21:35 - 2012-07-02 16:03 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 09:22 - 2009-07-13 22:13 - 00797850 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-07 23:37 - 2013-10-12 10:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-07 23:37 - 2012-07-02 00:28 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-07 23:37 - 2012-07-02 00:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 23:21 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-07 23:18 - 2015-04-06 07:55 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-07 23:14 - 2009-07-13 21:45 - 00347432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-07 23:12 - 2015-04-06 07:55 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-07 23:12 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-07 21:29 - 2012-03-03 17:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-07 21:26 - 2014-12-14 21:45 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-07 21:26 - 2014-05-18 15:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-02 19:48 - 2012-10-07 19:02 - 00000000 ____D C:\Users\Owner\Desktop\delti pics
2015-07-27 08:55 - 2013-08-01 13:46 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-27 08:55 - 2013-08-01 13:46 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-27 08:55 - 2012-01-18 15:02 - 00166128 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-07-27 08:55 - 2012-01-18 15:02 - 00116224 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-27 08:55 - 2012-01-18 15:02 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-07-27 08:53 - 2012-07-02 00:28 - 00001936 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-27 08:52 - 2015-04-15 11:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-27 08:52 - 2012-07-02 00:28 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-27 08:49 - 2012-05-05 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2015-05-12 16:22 - 2015-05-12 16:22 - 0099678 _____ () C:\Program Files (x86)\tunepro138x138.ico
2015-08-08 22:24 - 2015-08-08 22:24 - 0154826 _____ () C:\Program Files (x86)\uninstaller.exe
2012-11-15 07:32 - 2012-11-15 07:32 - 9842040 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2015-04-14 09:28 - 2015-04-14 09:28 - 0004387 _____ () C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3
2015-04-20 07:05 - 2015-04-20 07:05 - 1246720 _____ () C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3.exe
2015-04-19 05:20 - 2015-04-19 05:20 - 0005872 _____ () C:\Users\Owner\AppData\Roaming\dum3wyST49Ex
2015-04-20 07:05 - 2015-04-20 07:05 - 1579520 _____ () C:\Users\Owner\AppData\Roaming\dum3wyST49Ex.exe
2014-09-24 21:56 - 2014-09-24 21:56 - 0000000 _____ () C:\Users\Owner\AppData\Roaming\MLib.tmp
2014-09-24 21:56 - 2014-09-24 21:56 - 0000000 _____ () C:\Users\Owner\AppData\Roaming\SBLib.tmp
2015-04-14 09:28 - 2015-04-14 09:28 - 0004387 _____ () C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW
2015-04-20 07:05 - 2015-04-20 07:05 - 1246720 _____ () C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW.exe
2015-04-19 05:20 - 2015-04-19 05:20 - 0005872 _____ () C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4
2015-04-20 07:05 - 2015-04-20 07:05 - 1579520 _____ () C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4.exe
2015-08-08 22:29 - 2015-08-08 22:29 - 0613255 _____ (CMI Limited) C:\Users\Owner\AppData\Local\nsz777.tmp
2011-11-15 00:19 - 2011-11-15 00:19 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-15 00:18 - 2011-11-15 00:19 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\011md0gh.dll
C:\Users\Owner\AppData\Local\Temp\1349.exe
C:\Users\Owner\AppData\Local\Temp\2218.exe
C:\Users\Owner\AppData\Local\Temp\2958.exe
C:\Users\Owner\AppData\Local\Temp\3019.exe
C:\Users\Owner\AppData\Local\Temp\3355.exe
C:\Users\Owner\AppData\Local\Temp\7 Wonders_ Treasures of Seven__3422_il1095080.exe
C:\Users\Owner\AppData\Local\Temp\fsd119D.exe
C:\Users\Owner\AppData\Local\Temp\fsd1B8B.exe
C:\Users\Owner\AppData\Local\Temp\fsd9BE1.exe
C:\Users\Owner\AppData\Local\Temp\fsdE8E8.exe
C:\Users\Owner\AppData\Local\Temp\fuf21D2.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\mVO7E53.exe
C:\Users\Owner\AppData\Local\Temp\mVOA4B7.exe
C:\Users\Owner\AppData\Local\Temp\oprun10083.exe
C:\Users\Owner\AppData\Local\Temp\oprun32466.exe
C:\Users\Owner\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Owner\AppData\Local\Temp\SpOrder.dll
C:\Users\Owner\AppData\Local\Temp\supoptsetup.exe
C:\Users\Owner\AppData\Local\Temp\Uninstall.exe
C:\Users\Owner\AppData\Local\Temp\UninstallModule.exe
C:\Users\Owner\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Owner\AppData\Local\Temp\WRupdate325230.exe
C:\Users\Owner\AppData\Local\Temp\WRupdate327258.exe
C:\Users\Owner\AppData\Local\Temp\WRupdate336306.exe
C:\Users\Owner\AppData\Local\Temp\WRupdate372265.exe
C:\Users\Owner\AppData\Local\Temp\_is8A63.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2011-09-23 05:27] - [2015-08-08 22:24] - 0357888 ____A (Microsoft Corporation) 67529135895CE87AD5B2C33F4CBFE4F1
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-09 23:01
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
Ran by Owner (2015-08-09 10:05:23)
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3206371679-4115178929-761777742-500 - Administrator - Disabled)
Guest (S-1-5-21-3206371679-4115178929-761777742-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3206371679-4115178929-761777742-1002 - Limited - Enabled)
Owner (S-1-5-21-3206371679-4115178929-761777742-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}) (Version: 1.7.17.25416 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.7.17.25416 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS U Series ScreenSaver (HKLM-x32\...\ASUS U Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.6.125 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
AudioConverter (HKLM-x32\...\AudioConverter) (Version: - PerformerSoft LLC) <==== ATTENTION
Babylon toolbar on IE (HKLM-x32\...\BabylonToolbar) (Version: - ) <==== ATTENTION
Best Buy pc app (HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\e55b814e55744b76) (Version: 3.2.545.3 - Best Buy)
Best Buy pc app (Version: 3.2.2.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.2.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cinema PlusV09.08 (HKLM-x32\...\Cinema PlusV09.08) (Version: 1.36.01.22 - Cinema PlusV09.08) <==== ATTENTION
Citrix online plug-in (Web) (HKLM-x32\...\{B124E6D3-91B4-4E3C-AD03-BA959B223537}) (Version: 12.0.3.6 - Citrix Systems, Inc.)
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version: - )
DNS Unlocker version 1.3 (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.3 - www.vidcreek.tv) <==== ATTENTION
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON NX420 Series Printer Uninstall (HKLM\...\EPSON NX420 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Fresco Logic USB3.0 Host Controller (HKLM\...\{B1E301A1-C2B4-4B0B-AF31-C71F8A53DCDA}) (Version: 3.0.119.1 - Fresco Logic Inc.)
GamesDesktop 025.005010055 (HKLM-x32\...\gmsd_us_005010055_is1) (Version: - GAMESDESKTOP) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GUPlayer (remove only) (HKU\S-1-5-21-3206371679-4115178929-761777742-1000\...\GUPlayer) (Version: - ) <==== ATTENTION
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
iExplorer 3.7.4.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iSkysoft Video Converter Ultimate(Build 4.0.1.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 4.0.1.0 - iSkysoft Software)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.1.26.18340 - LeapFrog)
LeapFrog Connect (x32 Version: 5.1.26.18340 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (x32 Version: 5.1.26.18340 - LeapFrog) Hidden
LeapFrog MyOwnLeaptop Plugin (x32 Version: 5.1.26.18340 - LeapFrog) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 15.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 15.0.1 (x86 en-US)) (Version: 15.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
PowerCinema NE for Everio (HKLM-x32\...\{39CEE1F2-12B6-4C50-9131-04BFCA110578}) (Version: - )
PowerDirector Express (HKLM-x32\...\{EDE721EC-870A-11D8-9D75-000129760D75}) (Version: - )
PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 074511a(3.7)_Vista_JVC - CyberLink Corp.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Sierra Wireless AirCard Watcher (HKLM-x32\...\{7AC21DE8-2904-4667-99C7-732A02B1324E}) (Version: 6.0.2699.6301 - Sierra Wireless Inc.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Updater Service (HKLM-x32\...\Updater Service) (Version: 11,6,20,2 - ) <==== ATTENTION
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnLeaptop Plugin) (HKLM-x32\...\LeaptopPlugin) (Version: - LeapFrog)
VideoConverter (HKLM-x32\...\VideoConverter) (Version: - PerformerSoft LLC) <==== ATTENTION
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.1.35 - Webroot)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Wondershare Video Editor(Build 4.6.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
08-08-2015 21:48:22 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-08-2015 21:49:14 Windows Defender Checkpoint
08-08-2015 22:49:11 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-08-2015 22:53:06 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
08-08-2015 22:53:33 Removed Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
08-08-2015 22:54:31 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
08-08-2015 22:55:30 Removed Microsoft Visual C++ 2005 Redistributable (x64)
08-08-2015 22:55:59 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
08-08-2015 22:56:29 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
08-08-2015 22:57:19 Removed Microsoft Visual C++ 2005 Redistributable
08-08-2015 22:58:17 Removed Microsoft Visual C++ 2005 Redistributable
08-08-2015 22:58:48 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
08-08-2015 23:00:43 Removed Best Buy Connect.
09-08-2015 00:16:17 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {008CF8DA-6DE9-4DC6-A075-0FAB8521E08F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01] (Google Inc.)
Task: {03E9DBC6-9F50-4326-AAFC-173297FF097C} - System32\Tasks\snp => C:\ProgramData\Soltop\a2qwu22o.exe
Task: {1290AA52-EC88-4431-8DB1-A12AFAB33ACC} - System32\Tasks\OMYQNNDMU1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {184AC837-F3CE-4D07-A0B9-E34D8CCE8B7A} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Owner\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {19B545CC-5140-4AC7-88C3-B6EAC984868D} - System32\Tasks\snf => C:\ProgramData\Soltop\a2qwu22o.exe
Task: {1B7043CE-18E3-47DC-A9E0-D85BF587E190} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user => C:\Program Files (x86)\Cinema PlusV09.08-ntf\418780ce-3d28-4b57-8fc4-c70230d4f25e-10.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {209793CF-2F7A-46BB-94E7-5839D7F1D0EC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-09] (globalUpdate) <==== ATTENTION
Task: {23DBCB30-02B3-4C4A-9BDB-E6F772CB7BED} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {23F87188-439B-4D1E-9F01-4CB7BAC5AA13} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {2A6EA2D8-85D7-4D91-B0F4-FEF81D8DC820} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-08] () <==== ATTENTION
Task: {2C4FEC0C-34FC-4E12-9FB2-89026956B43E} - System32\Tasks\{A4190820-604B-403C-B3CC-528674BB0D72} => pcalua.exe -a "C:\ProgramData\Best Buy pc app\ClickOnceUninstaller.exe" -c /publisher:"Best Buy" /name:"Best Buy pc app"
Task: {417D8296-86E9-44C1-A842-150D0E81971D} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {5056504F-6CE5-4BD7-9665-286431E81D7D} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {570A1AD0-975E-4E8B-8C79-A55973A92FE2} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5787D16F-8B36-468B-B00A-D993BE5F4D5E} - System32\Tasks\DK8is89dyPzmla2uemyT3 => C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3.exe [2015-04-20] () <==== ATTENTION
Task: {5A83F9D6-EB46-425F-B12F-89B5768FF848} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {5E57DCEA-B730-4E34-B747-B3B2F8DBFDFD} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {66BF42E4-3DEC-46B5-9173-08F913E4966C} - System32\Tasks\DNSWABENO => C:\Program Files (x86)\DNS Unlocker\dnswabeno.exe [2015-07-15] ()
Task: {6A2D9BBF-9585-4DB7-871A-2C50751E5942} - \AdobeFlashPlayerUpdate 2 -> No File <==== ATTENTION
Task: {7258C0C7-1D18-4A99-9C7D-7D094BA06E37} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {73BF7A7B-53F0-4B43-9B19-5F45809C414D} - System32\Tasks\bProtector => Sc.exe start bProtector
Task: {7BE0C2FB-9FED-4218-9C95-2F75C6CD836F} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {8A89261B-9149-4D70-8C86-004AC210BAD2} - System32\Tasks\dum3wyST49Ex => C:\Users\Owner\AppData\Roaming\dum3wyST49Ex.exe [2015-04-20] () <==== ATTENTION
Task: {8AA9E63F-BF5B-4896-9C74-09383AAA3A30} - System32\Tasks\YeUBBA7OfsskP753cAqWAW4 => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4.exe [2015-04-20] () <==== ATTENTION
Task: {92FEAD3D-5CA4-414D-8242-01D83E308F78} - System32\Tasks\YeUBBA7OfsskP753cAqWAW => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW.exe [2015-04-20] () <==== ATTENTION
Task: {9B061F3F-012E-4613-8FC2-DEF45441DFD7} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {9F9CBAFE-4063-4658-AAC8-5A7E770711BB} - System32\Tasks\Superclean => c:\programdata\{4d917b50-ca18-1849-4d91-17b50ca1ed43}\hqghumeaylnlf.exe [2014-08-08] (Super PC Tools Ltd) <==== ATTENTION
Task: {A0150A35-6F4B-4E69-9ACC-F319AAB271AB} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {A0B36402-EBDA-4D05-B40A-5151EC10AD82} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-09] (globalUpdate) <==== ATTENTION
Task: {A0DCA9D5-BBBE-427D-90C1-1F3E9877CE95} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-07] (Adobe Systems Incorporated)
Task: {A1C5E39C-8392-481E-9CA2-4F070AEA782B} - System32\Tasks\TunePro360 Updater => C:\Program Files (x86)\adlevel\TunePro360Updater.exe [2015-08-08] ()
Task: {AD3C4602-C0E1-4CA4-9E72-AA85A1480A45} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B01A05AD-48EF-48F7-98F8-9452D0B1F72F} - System32\Tasks\ASUS Patch 10430001 => C:\Windows\AsPatch10430001.exe [2010-07-29] ()
Task: {B308FD4F-2BB2-4FE8-82AA-7FC233CC8E6F} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {CA0BC427-A516-45EA-90AE-F324662E45E1} - System32\Tasks\Bluetooth Support Service32 => C:\Windows\system32\config\systemprofile\AppData\Local\BluetoothSupport\kbdindev.exe [2015-08-08] ()
Task: {CA586909-A8D8-4F2F-8AED-F473EB14C968} - \AdobeFlashPlayerUpdate -> No File <==== ATTENTION
Task: {CC694E9E-259C-48EB-89AC-4BB0B713F4F5} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-11] ()
Task: {DBC13FF3-DA83-4E8F-BF4A-4C49D5A800B0} - System32\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6 => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.exe [2015-08-09] (Cinema PlusV09.08) <==== ATTENTION
Task: {DE63DC20-24F5-4278-B4C8-20D688B15AF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01] (Google Inc.)
Task: {E57A1D11-C2B9-4423-904C-45352BA05DEC} - System32\Tasks\SFNPKXCMWVMXYUKG => C:\ProgramData\Service1291\Service1291.exe [2015-06-28] () <==== ATTENTION
Task: {EB31BCEC-BF3F-4549-A96F-225D0B175682} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-01] (ASUS)
Task: {F03A0068-6773-4A95-8A6C-E8FF9FB18614} - System32\Tasks\DrspeedyPc Secure => C:\Program Files (x86)\DrSpeedyPC\secure\secureupdater.exe [2015-05-26] () <==== ATTENTION
Task: {F0BF0259-B9B1-43EF-AC92-D47976342F14} - System32\Tasks\Inst_Rep => C:\Users\Owner\AppData\Local\Installer\Install_24213\DCbrakieamo_amobl_setup.exe [2015-08-08] ()
Task: {F2EFC929-73AC-457B-AF5A-0C7E2E09177E} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {F9CF4761-D978-4B2F-9A08-1D88C88CDF51} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-10_user.job => C:\Program Files (x86)\Cinema PlusV09.08-ntf\418780ce-3d28-4b57-8fc4-c70230d4f25e-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-5_user.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.job => C:\Program Files (x86)\Cinema PlusV09.08\418780ce-3d28-4b57-8fc4-c70230d4f25e-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\DK8is89dyPzmla2uemyT3.job => C:\Users\Owner\AppData\Roaming\DK8is89dyPzmla2uemyT3.exe <==== ATTENTION
Task: C:\Windows\Tasks\dum3wyST49Ex.job => C:\Users\Owner\AppData\Roaming\dum3wyST49Ex.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OMYQNNDMU1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\Windows\Tasks\SFNPKXCMWVMXYUKG.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{4d917b50-ca18-1849-4d91-17b50ca1ed43}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW.job => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW.exe <==== ATTENTION
Task: C:\Windows\Tasks\YeUBBA7OfsskP753cAqWAW4.job => C:\Users\Owner\AppData\Roaming\YeUBBA7OfsskP753cAqWAW4.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-08-08 22:23 - 2015-08-02 07:50 - 00353632 _____ () C:\Windows\system32\Peakoar64.dll
2011-05-02 14:41 - 2011-05-02 14:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-03-24 20:43 - 2013-01-08 10:32 - 00721917 _____ () C:\Windows\SysWOW64\ISCM64.dll
2015-08-06 00:11 - 2015-08-06 00:11 - 00379392 _____ () C:\Program Files\Controller\cohc.exe
2010-04-02 20:21 - 2008-10-01 00:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-05-11 18:35 - 2010-05-11 18:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-11-15 00:14 - 2007-11-30 12:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2015-08-08 21:49 - 2015-08-08 21:49 - 00161792 _____ () C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\hnsfB1D2.tmp
2015-08-08 21:21 - 2015-08-08 21:21 - 00750080 _____ () C:\Program Files (x86)\07599E80-1439095677-81E1-3676-5404A63C37F3\knsfD0EE.tmpfs
2015-08-08 23:36 - 2015-08-08 23:36 - 00037888 _____ () C:\Users\Owner\AppData\Local\McAfeeSecurity\mcafee.exe
2015-08-08 22:37 - 2015-08-09 08:29 - 00655088 _____ () C:\Program Files (x86)\Coupon Time\updateCouponTime.exe
2015-08-08 23:10 - 2015-08-09 08:24 - 00655088 _____ () C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe
2012-01-21 23:41 - 2006-12-19 15:23 - 00272024 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-08 23:36 - 2015-08-08 07:45 - 03345552 _____ () C:\Users\Owner\AppData\Local\gmsd_us_005010055\upgmsd_us_005010055.exe
2011-07-15 01:15 - 2011-05-05 05:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-05-02 14:41 - 2011-05-02 14:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-07-15 01:14 - 2011-01-26 17:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-23 17:53 - 2010-09-23 17:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-08-11 20:52 - 2010-08-11 20:52 - 00060928 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
2015-08-08 23:36 - 2015-08-08 07:45 - 03986064 _____ () C:\Program Files (x86)\gmsd_us_005010055\gmsd_us_005010055.exe
2015-08-08 22:51 - 2015-07-15 19:30 - 00537088 _____ () C:\Program Files (x86)\DNS Unlocker\dnswabeno.exe
2015-08-08 23:10 - 2015-08-09 08:32 - 00353520 _____ () C:\Program Files (x86)\Coupon Time\bin\CouponTime.PurBrowse64.exe
2015-08-08 22:37 - 2015-08-09 08:31 - 00126192 _____ () C:\Program Files (x86)\Coupon Time\bin\CouponTime.BrowserAdapter64.exe
2015-08-08 22:37 - 2015-08-09 08:31 - 00108272 _____ () C:\Program Files (x86)\Coupon Time\bin\CouponTime.BrowserAdapter.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-01-18 14:21 - 2011-01-18 14:21 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
2012-01-21 23:38 - 2007-11-01 18:13 - 00012288 ____N () C:\Program Files (x86)\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll
2010-07-13 19:19 - 2010-07-13 19:19 - 00243056 _____ () C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll
2014-09-15 21:31 - 2014-07-09 12:01 - 01459712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-09-15 21:31 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-08-08 22:23 - 2015-05-11 09:01 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll
2015-08-08 22:23 - 2015-05-11 09:01 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll
2015-08-08 22:23 - 2015-05-11 09:01 - 09003008 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\pdf.dll
2015-08-08 22:23 - 2015-05-11 09:01 - 00896512 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\ffmpegsumo.dll
2015-01-15 03:02 - 2015-01-15 03:02 - 40555520 _____ () C:\Users\Owner\AppData\Roaming\TWV\libcef.dll
2015-01-15 03:02 - 2015-01-15 03:02 - 01359360 _____ () C:\Users\Owner\AppData\Roaming\TWV\libglesv2.dll
2015-01-15 03:02 - 2015-01-15 03:02 - 00212992 _____ () C:\Users\Owner\AppData\Roaming\TWV\libegl.dll
2015-01-15 03:02 - 2015-01-15 03:02 - 09301504 _____ () C:\Users\Owner\AppData\Roaming\TWV\pdf.dll
2015-01-15 03:02 - 2015-01-15 03:02 - 00985088 _____ () C:\Users\Owner\AppData\Roaming\TWV\ffmpegsumo.dll
2015-02-01 11:19 - 2015-02-01 11:19 - 16844976 _____ () C:\Users\Owner\AppData\Roaming\TWV\plugins\NPSWF32_16_0_0_296.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Owner\Downloads\7 Wonders_ Treasures of Seven__3422_il1095080.exe:typelib
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3206371679-4115178929-761777742-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.2.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{971ECBD0-029F-40E0-9A58-8AC6FDEB5240}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BD0BEA2A-8059-4F00-B27A-59CBF24842F9}] => (Allow) LPort=2869
FirewallRules: [{FF166191-502D-4474-AB35-56B29DF72699}] => (Allow) LPort=1900
FirewallRules: [{B87DEACC-75E4-42E4-B8AE-45D17B4094C9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{94D57A9D-82D4-4819-801F-5C580C5F10E1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{0CECF09F-7F53-4DE5-BAD1-70F17C800115}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{56D7E544-6B1D-4764-8AA1-BD06EB2D3FB0}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{47DEB5A5-0E90-477C-8884-5A61AF5FB907}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{21D28BA4-7579-4806-9251-73D99F27B866}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{F92E7C54-A565-477C-87E4-FEFA4E88C401}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{0EA81692-61A8-408C-B609-7B26679D76A0}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{D77A872E-8CF6-4F6C-998F-3F64E961E880}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector Express\PDX.EXE
FirewallRules: [{4E81B0FF-3BA0-4AF2-B90C-E0E0C6877671}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{6F082AF8-BFDE-4FB9-B989-52479AC6FC3F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{0AF121D4-C84F-4A71-9F9B-1F4216CE9932}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{442D7FC3-D5D1-4C13-9D85-D82014621323}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{715A7F41-612C-49C8-993E-9A458172C0DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14FA5589-EC60-403B-AAA9-77F725D0A349}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A0300A6D-5AA3-461B-9801-414C836C01B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF97939D-46D2-4135-9F45-A9D3734330E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B23BEDE7-0F39-402C-9DC4-2FD1EEEC0230}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56842EB6-8B4D-409B-90E1-ECD875E23024}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [TCP Query User{6EC1A75F-F416-49DB-8B5B-D583B1ED7374}C:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe] => (Allow) C:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe
FirewallRules: [UDP Query User{23BCFB8C-C5C4-4FE2-936E-2499F1AC110F}C:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe] => (Allow) C:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe
FirewallRules: [{2D419864-6670-441C-8AEE-AF796079CCE0}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{B1A0592A-0087-4214-8650-D596D3101743}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E6027A77-1296-42D9-AB3A-2F2EE7F41D24}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{716D0095-327B-4509-AF9A-58150BF568F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3847B58A-D1AE-4424-9450-6EBD7AA85BD3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C2275A14-EF6F-4CE2-9D52-502E06AED029}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{94F4A426-4DCA-4775-97C3-AD107747957B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5B4FF5D8-5C69-4F81-9B06-8B4A183067B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9B1B5C3D-CBF9-4495-B64F-AA7FE3C5B489}] => (Allow) C:\Users\Owner\AppData\Roaming\TWV\TWV.exe
FirewallRules: [{8D2B5048-9D0B-44F4-8FCF-EAFE9C0A31F5}] => (Allow) C:\Users\Owner\AppData\Roaming\TWV\upd.exe
FirewallRules: [{A31AA8E0-B0EB-4912-A9F1-B53421EE4B6F}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\TRUUpdater.exe] => C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\SwiApiMuxX.exe] => Enabled:SwiApiMuxX
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMuxX.exe] => Enabled:SwiApiMuxX
StandardProfile\AuthorizedApplications: [C:\Windows\TEMP\x20su.exe] => Enabled:Policy
StandardProfile\AuthorizedApplications: [C:\Windows\TEMP\xmd2e.exe] => Enabled:Policy
StandardProfile\AuthorizedApplications: [C:\Windows\TEMP\67o5xxn.exe] => Enabled:Policy
==================== Faulty Device Manager Devices =============
Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2015 08:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iiwjljrnpc64.exe, version: 0.0.0.0, time stamp: 0x551bf9ee
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000005
Fault offset: 0x000000000005162c
Faulting process id: 0x23e8
Faulting application start time: 0xiiwjljrnpc64.exe0
Faulting application path: iiwjljrnpc64.exe1
Faulting module path: iiwjljrnpc64.exe2
Report Id: iiwjljrnpc64.exe3
Error: (08/09/2015 08:50:00 AM) (Source: MsiInstaller) (EventID: 11316) (User: Owner-PC)
Description: Product: globalupdate Helper -- Error 1316. The specified account already exists.
Error: (08/09/2015 08:19:40 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (284) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
Error: (08/09/2015 12:16:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary netfilter64.
System Error:
The system cannot find the file specified.
.
Error: (08/08/2015 11:40:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gentlemjmp_ieeuu.tmp, version: 51.52.0.0, time stamp: 0x2a425e19
Faulting module name: gentlemjmp_ieeuu.tmp, version: 51.52.0.0, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x00007911
Faulting process id: 0x25f0
Faulting application start time: 0xgentlemjmp_ieeuu.tmp0
Faulting application path: gentlemjmp_ieeuu.tmp1
Faulting module path: gentlemjmp_ieeuu.tmp2
Report Id: gentlemjmp_ieeuu.tmp3
Error: (08/08/2015 11:04:59 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (5116) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
Error: (08/08/2015 11:00:56 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Uninstall OK button not found and not automatically clicked.
Error: (08/08/2015 11:00:56 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Uninstall dialog not found while trying to automatically push the OK button.
Error: (08/08/2015 11:00:43 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Remove option not found and button not clicked.
Error: (08/08/2015 11:00:43 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Uninstall dialog not found while trying to automatically select the remove option.
System errors:
=============
Error: (08/09/2015 09:58:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
Error: (08/09/2015 09:45:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya
Error: (08/09/2015 09:36:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya
Error: (08/09/2015 09:05:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (08/09/2015 09:04:33 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/09/2015 09:01:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The UpdateCheck service terminated unexpectedly. It has done this 1 time(s).
Error: (08/09/2015 08:53:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CoupoonService64 service terminated unexpectedly. It has done this 1 time(s).
Error: (08/09/2015 08:18:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya
Error: (08/09/2015 12:16:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (08/08/2015 11:46:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The UpdateCheck service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office:
=========================
Error: (08/09/2015 08:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iiwjljrnpc64.exe0.0.0.0551bf9eentdll.dll6.1.7601.18869556366f2c0000005000000000005162c23e801d0d2bb5a5483b4C:\Program Files (x86)\coupoon\iiwjljrnpc64.exeC:\Windows\SYSTEM32\ntdll.dllb8e4ca06-3eae-11e5-a57f-5404a63c37f3
Error: (08/09/2015 08:50:00 AM) (Source: MsiInstaller) (EventID: 11316) (User: Owner-PC)
Description: Product: globalupdate Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/09/2015 08:19:40 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail284WindowsMail0:
Error: (08/09/2015 12:16:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary netfilter64.
System Error:
The system cannot find the file specified.
Error: (08/08/2015 11:40:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gentlemjmp_ieeuu.tmp51.52.0.02a425e19gentlemjmp_ieeuu.tmp51.52.0.02a425e19c00000050000791125f001d0d26e3d84b1f1C:\Users\Owner\AppData\Local\Temp\is-4BH7M.tmp\gentlemjmp_ieeuu.tmpC:\Users\Owner\AppData\Local\Temp\is-4BH7M.tmp\gentlemjmp_ieeuu.tmp81605609-3e61-11e5-a5a8-5404a63c37f3
Error: (08/08/2015 11:04:59 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail5116WindowsMail0:
Error: (08/08/2015 11:00:56 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Uninstall OK button not found and not automatically clicked.
Error: (08/08/2015 11:00:56 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Uninstall dialog not found while trying to automatically push the OK button.
Error: (08/08/2015 11:00:43 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Remove option not found and button not clicked.
Error: (08/08/2015 11:00:43 PM) (Source: Best Buy pc app) (EventID: 0) (User: )
Description: ClickOnceUninstaller: Uninstall dialog not found while trying to automatically select the remove option.
CodeIntegrity:
===================================
Date: 2015-08-08 22:36:37.388
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:36:02.068
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:35:57.958
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:34:23.314
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:34:17.884
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:34:01.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:33:53.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:32:43.448
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:32:38.109
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-08-08 22:31:58.172
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core™ i7-2620M CPU @ 2.70GHz
Percentage of memory in use: 40%
Total physical RAM: 8102.76 MB
Available physical RAM: 4856.82 MB
Total Virtual: 16203.72 MB
Available Virtual: 12603.94 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:673.64 GB) (Free:422.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=673.6 GB) - (Type=07 NTFS)
==================== End of log ============================
Sign In
Create Account
