Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Kiersten (administrator) on KIERSTEN (15-08-2015 10:14:29)
Running from C:\Users\Kiersten\Desktop
Loaded Profiles: Kiersten (Available Profiles: & Kiersten & CareBear17)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\hnsq5471.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Windows Discount\FindingDiscount\findingdiscount.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\jnsi33E7.tmp
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\sushileads\NpUpdaterService.exe
() C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\InternetEnhancerService.exe
(WeWatcher) C:\Program Files (x86)\ServiceUpdater\WeWatcherProxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Word Surfer) C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe
() C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\knsc1441.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
() C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\InternetEnhancer.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
() C:\Program Files (x86)\SpaceSondPro_v53.1434\SpaceSondPro_Service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Program Files (x86)\sushileads\SushiLeadsApplication.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Installer Technology Co.) C:\Program Files (x86)\OpenSoftwareUpdater\OpenSoftwareUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\vnsvFAD5.tmp
(Farbar) C:\Users\Kiersten\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-16] (Synaptics)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-10-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-10-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [257224 2010-08-24] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-03] (Lenovo)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [OpenSoftwareUpdater] => C:\Program Files (x86)\OpenSoftwareUpdater\OpenSoftwareUpdater.exe [3733504 2014-04-08] (Installer Technology Co.)
HKLM-x32\...\RunOnce: [SpaceSondPro_v53.1434] => C:\Program Files (x86)\SpaceSondPro_v53.1434\SpaceSondPro_Service.exe [33480 2015-08-12] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1272704 2013-09-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [GoogleChromeAutoLaunch_25A8A4F1613307037910DB1CD61EA586] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-07] (Google Inc.)
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-04-06] (SUPERAntiSpyware)
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [SushiLeadsApplication] => C:\Program Files (x86)\sushileads\SushiLeadsApplication.exe [381440 2015-08-03] ()
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [247032 2015-08-03] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [219896 2015-08-03] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-01-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-03-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\CareBear17\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2013-05-11]
ShortcutTarget: IMVU.lnk -> C:\Users\Kiersten\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\CareBear17\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2013-03-17]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1505448478-352576845-3373465650-1004\User: Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1505448478-352576845-3373465650-1001\User: Restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:47574
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D032015-AC44713A88D0B45FFA7F&form=CONMHP&conlogo=CT3331981
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_installertech_15_32&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyC0B0D0E0DyDyE0BtCyCyEtN0D0Tzu0StCtAtCyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1Czu1R1B1E1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0DyC0Ezz0DtB0FtGyB0CyEtDtG0FzyyDtBtGyCyB0E0EtG0B0E0CzyyC0CyD0EtBtA0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtByD0DtC0ByCtG0FtCyDtAtGyEtAyDtAtGzzyC0C0EtGtAyC0EtCyB0Azy0E0CyB0EtA2QtN0A0LzuyE&cr=2047286878&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_installertech_15_32&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyC0B0D0E0DyDyE0BtCyCyEtN0D0Tzu0StCtAtCyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1Czu1R1B1E1V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2SyD0DyC0Ezz0DtB0FtGyB0CyEtDtG0FzyyDtBtGyCyB0E0EtG0B0E0CzyyC0CyD0EtBtA0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtByD0DtC0ByCtG0FtCyDtAtGyEtAyDtAtGzzyC0C0EtGtAyC0EtCyB0Azy0E0CyB0EtA2QtN0A0LzuyE&cr=2047286878&ir=
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1505448478-352576845-3373465650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D032015-AC44713A88D0B45FFA7F&form=CONBDF&conlogo=CT3331981&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1505448478-352576845-3373465650-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3325283&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2A3F2634-37E6-4F8D-912E-937AEB6007EF&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1505448478-352576845-3373465650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D032015-AC44713A88D0B45FFA7F&form=CONBDF&conlogo=CT3331981&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1505448478-352576845-3373465650-1001 -> {6E1F3657-4FA0-428B-ACC9-0670D408AD84} URL =
SearchScopes: HKU\S-1-5-21-1505448478-352576845-3373465650-1001 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D032015-AC44713A88D0B45FFA7F&form=CONBDF&conlogo=CT3331981&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-20] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19] (Google Inc.)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\WeWatcherLSP.dll [305960 2015-08-12] (WeWatcher)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\WeWatcherLSP64.dll [357432 2015-08-12] (WeWatcher)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
Tcpip\..\Interfaces\{6E81E6E8-CCD9-4B50-9CC0-E32B757BD967}: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
Tcpip\..\Interfaces\{E236AC00-1294-4A29-AC64-CCEDC682C7FD}: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Kiersten\AppData\Roaming\Mozilla\Firefox\Profiles\1ixhj4a4.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=&D=081215
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.bing.com/?pc=COSP&ptag=D032015-AC44713A88D0B45FFA7F&form=CONMHP&conlogo=CT3331981
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-07-16] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.0.3942197\npmathplugin.dll [2012-12-19] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1505448478-352576845-3373465650-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kiersten\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-02] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Kiersten\AppData\Roaming\Mozilla\Firefox\Profiles\1ixhj4a4.default\searchplugins\cassiopesa.xml [2015-08-12]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Kiersten\AppData\Roaming\Mozilla\Firefox\Profiles\1ixhj4a4.default\Extensions\[email protected] [2015-04-26]
FF Extension: Ad-Aware Security Add-on - C:\Users\Kiersten\AppData\Roaming\Mozilla\Firefox\Profiles\1ixhj4a4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2013-07-31]
FF Extension: Roaming Rate - C:\Users\Kiersten\AppData\Roaming\Mozilla\Firefox\Profiles\1ixhj4a4.default\Extensions\{ce6c03f1-0fd5-4d72-bbdb-eaa0c0124531}.xpi [2015-03-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-07]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Kiersten\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kiersten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-19]
CHR Extension: (Google Wallet) - C:\Users\Kiersten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FindingDiscount" service was unlocked. <===== ATTENTION
RuntimeManager" service was unlocked. <===== ATTENTION
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-20] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-17] (Broadcom Corporation.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3240184 2015-08-03] (Client Connect LTD)
R2 comyninu; C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\hnsq5471.tmp [161792 2015-08-08] () [File not signed]
R2 FindingDiscount; C:\Program Files (x86)\Windows Discount\FindingDiscount\FindingDiscount.exe [330240 2015-06-10] () [File not signed]
R2 hyverumu; C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\jnsi33E7.tmp [209920 2015-08-08] () [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-06] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RuntimeManager; C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe [101888 2015-06-10] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SushiLeadsUpdaterService; C:\Program Files (x86)\sushileads\NpUpdaterService.exe [10240 2015-08-03] () [File not signed]
R2 WaInterEnhancer Service; C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1182720 2015-08-07] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WeWatcherProxy; C:\Program Files (x86)\ServiceUpdater\WeWatcherProxy.exe [1741016 2015-08-06] (WeWatcher)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 wsasvc_1.10.0.19; C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608 2015-06-15] (Word Surfer)
R2 wyhumyqu; C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\knsc1441.tmp [647680 2015-08-14] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 consumerinput_update; no ImagePath
S3 consumerinput_updatem; no ImagePath
S2 RelevantKnowledge; no ImagePath <==== ATTENTION
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-03-20] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-31] (GFI Software)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-20] (REALiX)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-03-20] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2015-03-20] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1059064 2012-08-24] (Sunplus)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [57728 2015-06-15] (Word Surfer)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)
S1 netfilter64; system32\drivers\netfilter64.sys [X]
S3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-15 10:14 - 2015-08-15 10:15 - 00032940 _____ C:\Users\Kiersten\Desktop\FRST.txt
2015-08-15 10:07 - 2015-08-15 10:14 - 00000000 ____D C:\FRST
2015-08-15 10:06 - 2015-08-15 10:06 - 02173952 _____ (Farbar) C:\Users\Kiersten\Desktop\FRST64(1).exe
2015-08-15 10:05 - 2015-08-15 10:06 - 02173952 _____ (Farbar) C:\Users\Kiersten\Downloads\FRST64.exe
2015-08-14 19:24 - 2015-08-14 19:24 - 00291000 _____ C:\WINDOWS\Minidump\081415-34265-01.dmp
2015-08-14 19:22 - 2015-08-14 19:22 - 00000000 ____D C:\ProgramData\FlashBeat
2015-08-14 19:12 - 2015-08-15 10:15 - 00001154 _____ C:\Users\Kiersten\Desktop\Continue Live Installation.lnk
2015-08-14 18:50 - 2015-08-14 18:50 - 00288360 _____ C:\WINDOWS\Minidump\081415-38546-01.dmp
2015-08-14 18:28 - 2015-08-14 18:29 - 00289936 _____ C:\WINDOWS\Minidump\081415-29500-01.dmp
2015-08-14 06:32 - 2015-08-14 06:32 - 00003102 _____ C:\WINDOWS\System32\Tasks\{ED9F8D0B-4A34-4DE7-8103-6CEC5E3CBBB8}
2015-08-14 05:39 - 2015-08-14 06:38 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP3.job
2015-08-14 05:39 - 2015-08-14 06:38 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP2.job
2015-08-14 05:39 - 2015-08-14 05:59 - 00000378 _____ C:\WINDOWS\Tasks\APSnotifierPP1.job
2015-08-14 05:39 - 2015-08-14 05:39 - 00002830 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP1
2015-08-14 05:39 - 2015-08-14 05:39 - 00002828 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP3
2015-08-14 05:39 - 2015-08-14 05:39 - 00002828 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP2
2015-08-14 05:36 - 2015-08-13 21:26 - 00613255 _____ (CMI Limited) C:\Users\Kiersten\AppData\Local\nscB0F3.tmp
2015-08-13 21:26 - 2015-08-13 21:26 - 00000000 __SHD C:\Users\Kiersten\AppData\Roaming\AnyProtectEx
2015-08-13 21:23 - 2015-08-14 18:39 - 00000000 ____D C:\Users\Kiersten\AppData\Local\SmartWeb
2015-08-13 03:22 - 2015-07-30 10:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 03:22 - 2015-07-30 09:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 02:56 - 2015-08-15 09:53 - 00000616 _____ C:\WINDOWS\setupact.log
2015-08-13 02:56 - 2015-08-14 18:44 - 00019562 _____ C:\WINDOWS\PFRO.log
2015-08-13 02:56 - 2015-08-13 02:57 - 00291000 _____ C:\WINDOWS\Minidump\081315-24968-01.dmp
2015-08-13 02:56 - 2015-08-13 02:56 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-12 21:01 - 2015-06-12 13:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 21:01 - 2015-06-12 12:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 20:55 - 2015-07-16 17:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-12 20:55 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 20:55 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 20:55 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 20:55 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 20:55 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 20:55 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 20:55 - 2015-07-16 16:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-12 20:55 - 2015-07-16 15:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 20:55 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 20:55 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 20:55 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 20:55 - 2015-07-16 15:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 20:55 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 20:55 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 20:55 - 2015-07-16 15:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 20:55 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 20:55 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 20:55 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 20:55 - 2015-07-16 15:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 20:55 - 2015-07-16 15:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 20:55 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 20:55 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 20:55 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 20:55 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 20:55 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 20:55 - 2015-07-16 14:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 20:55 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 20:55 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 20:55 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 20:55 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 20:48 - 2015-07-13 23:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 20:48 - 2015-07-13 23:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 20:48 - 2015-07-10 13:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 20:48 - 2015-07-10 12:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 20:47 - 2015-07-28 19:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 20:47 - 2015-07-28 10:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 20:47 - 2015-07-28 10:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 20:47 - 2015-07-28 10:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 20:47 - 2015-07-28 10:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 20:47 - 2015-07-28 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 20:47 - 2015-07-28 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 20:46 - 2015-07-07 05:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 20:46 - 2015-07-07 05:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 20:46 - 2015-07-07 05:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 20:42 - 2015-06-11 16:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 20:42 - 2015-06-11 16:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 20:42 - 2015-06-09 14:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 20:39 - 2015-07-14 17:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 20:39 - 2015-07-14 17:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 20:39 - 2015-07-14 17:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 20:37 - 2015-07-18 21:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 20:37 - 2015-07-18 14:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 20:37 - 2015-07-18 14:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 20:37 - 2015-07-18 14:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 20:37 - 2015-07-18 14:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 20:37 - 2015-07-18 14:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 20:37 - 2015-07-18 14:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 20:37 - 2015-07-18 14:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 20:37 - 2015-07-18 14:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 20:37 - 2015-07-18 14:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 20:37 - 2015-07-18 14:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 20:37 - 2015-07-18 14:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 20:33 - 2015-07-15 20:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 20:33 - 2015-07-15 20:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 20:33 - 2015-07-15 20:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 20:33 - 2015-07-15 20:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 20:33 - 2015-07-10 13:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 20:33 - 2015-07-01 18:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 20:33 - 2015-07-01 18:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 20:33 - 2015-07-01 17:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 20:33 - 2015-07-01 17:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 20:29 - 2015-07-13 15:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 20:29 - 2015-07-13 15:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 20:28 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 20:28 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 20:28 - 2015-07-09 12:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 20:28 - 2015-05-11 20:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 20:23 - 2015-08-12 20:23 - 00000000 ____D C:\Users\Kiersten\Documents\DailyPCClean
2015-08-12 20:22 - 2015-08-14 05:37 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support
2015-08-12 20:21 - 2015-08-13 02:58 - 00009848 _____ C:\WINDOWS\SysWOW64\WeWatcherProxyOff.ini
2015-08-12 20:21 - 2015-08-13 02:58 - 00009848 _____ C:\WINDOWS\system32\WeWatcherProxyOff.ini
2015-08-12 20:21 - 2015-08-12 20:21 - 00003252 _____ C:\WINDOWS\System32\Tasks\runTask
2015-08-12 20:21 - 2015-08-12 20:21 - 00003156 _____ C:\WINDOWS\System32\Tasks\updateTask
2015-08-12 20:21 - 2015-08-12 20:21 - 00000217 _____ C:\task.vbs
2015-08-12 20:21 - 2015-08-12 20:21 - 00000000 ____D C:\Program Files (x86)\ServiceUpdater
2015-08-12 20:21 - 2015-08-06 18:19 - 00357432 _____ (WeWatcher) C:\WINDOWS\system32\WeWatcherLSP64.dll
2015-08-12 20:21 - 2015-08-06 18:18 - 00305960 _____ (WeWatcher) C:\WINDOWS\SysWOW64\WeWatcherLSP.dll
2015-08-12 20:18 - 2015-07-10 14:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 20:18 - 2015-07-10 13:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 20:18 - 2015-07-10 13:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 20:18 - 2015-07-10 12:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 20:14 - 2015-08-13 00:19 - 00000000 ____D C:\ProgramData\sushileads
2015-08-12 20:14 - 2015-08-12 20:14 - 00003518 _____ C:\WINDOWS\System32\Tasks\SushiLeads
2015-08-12 20:14 - 2015-08-12 20:14 - 00000000 ____D C:\Program Files (x86)\sushileads
2015-08-12 20:08 - 2015-07-29 10:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 20:08 - 2015-07-29 10:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 20:08 - 2015-07-29 10:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 20:08 - 2015-07-24 14:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 20:08 - 2015-07-24 14:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 20:08 - 2015-07-24 14:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 20:08 - 2015-07-24 13:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 20:08 - 2015-07-24 13:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 19:39 - 2015-08-14 18:44 - 00000000 ____D C:\Program Files\SpaceSoundPro
2015-08-12 19:39 - 2015-08-12 20:21 - 00000000 _____ C:\END
2015-08-12 19:39 - 2015-08-12 19:44 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.1434
2015-08-12 19:39 - 2015-08-12 19:39 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro
2015-08-12 19:39 - 2015-08-12 19:39 - 00000000 _____ C:\WINDOWS\SysWOW64\Number of results
2015-08-12 19:29 - 2015-08-12 19:29 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\Compete
2015-08-08 12:21 - 2015-07-21 12:17 - 01084696 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll
2015-08-08 12:20 - 2015-08-08 12:20 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\Compete
2015-08-08 12:19 - 2015-08-08 12:19 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\OpenSoftwareUpdater
2015-08-08 12:19 - 2015-08-08 12:19 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\InstantSupport
2015-08-08 12:18 - 2015-08-08 12:18 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\PCAcceleratePro
2015-08-08 12:17 - 2015-08-08 12:17 - 00003488 _____ C:\WINDOWS\System32\Tasks\bvxvyxvec
2015-08-08 12:16 - 2015-08-15 09:54 - 00000354 _____ C:\WINDOWS\Tasks\OMYQNNDMU1.job
2015-08-08 12:16 - 2015-08-14 07:16 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-08-08 12:16 - 2015-08-12 19:25 - 00000000 ____D C:\Users\Kiersten\AppData\Local\SearchProtect
2015-08-08 12:16 - 2015-08-08 12:18 - 00000000 ____D C:\ProgramData\Service1291
2015-08-08 12:16 - 2015-08-08 12:17 - 00000000 ____D C:\Users\Kiersten\AppData\Local\bvxvyxvec
2015-08-08 12:16 - 2015-08-08 12:16 - 00002868 _____ C:\WINDOWS\System32\Tasks\OMYQNNDMU1
2015-08-08 12:16 - 2015-08-08 12:16 - 00000000 ____D C:\Users\CareBear17\AppData\Local\SearchProtect
2015-08-08 12:16 - 2015-08-08 12:16 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-08 12:15 - 2015-08-08 12:15 - 00004180 _____ C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-08-08 12:15 - 2015-08-08 12:15 - 00004170 _____ C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-08-08 12:15 - 2015-08-08 12:15 - 00000000 ____D C:\Program Files (x86)\WordSurfer_1.10.0.19
2015-08-08 12:07 - 2015-08-15 10:12 - 00000992 _____ C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job
2015-08-08 12:07 - 2015-08-15 09:54 - 00000988 _____ C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job
2015-08-08 12:07 - 2015-08-08 12:07 - 00003862 _____ C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2015-08-08 12:07 - 2015-08-08 12:07 - 00003626 _____ C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2015-08-08 12:07 - 2015-08-08 12:07 - 00001162 _____ C:\Users\Public\Desktop\OpenSoftwareUpdater.lnk
2015-08-08 12:07 - 2015-08-08 12:07 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\OpenSoftwareUpdater
2015-08-08 12:07 - 2015-08-08 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSoftwareUpdater
2015-08-08 12:07 - 2015-08-08 12:07 - 00000000 ____D C:\Program Files (x86)\OpenSoftwareUpdater
2015-08-08 12:06 - 2015-08-08 12:06 - 00000000 ____D C:\ProgramData\Windows Discount
2015-08-08 12:06 - 2015-08-08 12:06 - 00000000 ____D C:\Program Files (x86)\Windows Discount
2015-08-08 12:05 - 2015-08-14 05:37 - 00000000 ____D C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E
2015-08-08 12:05 - 2015-08-12 19:30 - 00000000 ____D C:\Program Files (x86)\OneSystemCare
2015-08-08 12:05 - 2015-08-08 12:05 - 00003256 _____ C:\WINDOWS\System32\Tasks\One System Care Monitor
2015-08-08 12:05 - 2015-08-08 12:05 - 00001090 _____ C:\Users\Public\Desktop\Launch One System Care.lnk
2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhancer
2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2015-08-08 12:05 - 2015-08-08 12:05 - 00000000 ____D C:\Program Files (x86)\WaInterEnhancer
2015-08-08 12:05 - 2015-08-05 21:14 - 00000854 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-08 12:04 - 2015-08-08 12:04 - 03719524 _____ C:\Users\CareBear17\Downloads\forge-1.8-11.14.3.1502-installer.jar
2015-08-08 12:04 - 2015-08-08 12:04 - 00000000 ____D C:\Users\Kiersten\AppData\Local\59790140
2015-08-08 12:04 - 2015-08-08 12:04 - 00000000 ____D C:\Users\Kiersten\AppData\Local\{C35BF507-E7F3-99BF-8A6B-BC57AE0340CF}
2015-08-08 12:04 - 2015-08-08 12:04 - 00000000 ____D C:\Program Files (x86)\TestXp
2015-08-08 12:03 - 2015-08-08 12:23 - 00000000 ____D C:\Program Files (x86)\OSDownloader
2015-08-08 12:03 - 2015-08-08 12:03 - 00000003 _____ C:\Users\CareBear17\Desktop\2.txt
2015-08-08 12:03 - 2015-08-08 12:03 - 00000003 _____ C:\Users\CareBear17\Desktop\1.txt
2015-08-08 10:36 - 2015-08-08 12:10 - 02125197 _____ C:\Users\CareBear17\Downloads\BattleTowers-1.7.10.zip
2015-08-08 10:31 - 2015-08-08 12:06 - 01164029 _____ C:\Users\CareBear17\Downloads\GraveStone-2.11.3.jar
2015-08-08 10:30 - 2015-08-08 10:30 - 00625453 _____ C:\Users\CareBear17\Downloads\DoomlikeDungeons-1.7.5-MC1.7.10.jar
2015-08-08 10:26 - 2015-08-08 10:26 - 00117768 _____ C:\Users\CareBear17\Downloads\EasyCrafting-1.7.10-2.0.1.16.jar
2015-08-08 10:23 - 2015-08-08 10:23 - 00063764 _____ C:\Users\CareBear17\Downloads\FinderCompass-1.7.10.jar
2015-08-08 10:20 - 2015-08-08 10:20 - 00133784 _____ C:\Users\CareBear17\Downloads\xaeros_minimap_v1.4.9.2_1.7.10_Forge.jar
2015-08-07 19:27 - 2015-08-08 09:55 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-07 19:27 - 2015-08-08 09:55 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 16:13 - 2015-08-06 16:14 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-08-06 16:13 - 2015-08-06 16:13 - 00000984 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-08-06 16:13 - 2015-08-06 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-08-06 06:35 - 2015-08-06 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2015-08-06 06:34 - 2015-08-06 06:34 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-08-05 21:52 - 2015-07-09 14:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-08-05 21:52 - 2015-06-28 01:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-08-05 21:52 - 2015-06-28 01:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-08-05 21:52 - 2015-06-28 01:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-05 21:52 - 2015-06-28 01:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-08-05 21:52 - 2015-06-27 12:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-05 21:52 - 2015-06-26 23:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-08-05 21:52 - 2015-06-26 23:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-08-05 21:52 - 2015-06-26 23:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-05 21:52 - 2015-06-26 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-08-05 21:52 - 2015-06-26 23:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-05 21:52 - 2015-06-26 22:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-08-05 21:52 - 2015-06-26 22:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-08-05 21:52 - 2015-06-26 22:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-05 21:52 - 2015-06-26 22:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-08-05 21:52 - 2015-06-26 21:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-08-05 21:52 - 2015-06-26 21:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-08-05 21:52 - 2015-06-15 18:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-05 21:52 - 2015-06-15 18:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-05 21:52 - 2015-06-15 17:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-05 21:52 - 2015-06-15 17:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-05 21:52 - 2015-06-15 16:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-08-05 21:52 - 2015-06-15 15:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-08-05 21:52 - 2015-05-30 17:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-08-05 21:52 - 2015-05-30 15:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-05 21:52 - 2015-05-30 15:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-05 21:52 - 2015-05-07 13:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-05 21:52 - 2015-05-07 12:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-05 21:52 - 2015-05-07 11:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-05 21:52 - 2015-05-07 11:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-05 21:52 - 2015-05-02 20:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-05 21:52 - 2015-04-29 19:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-05 21:51 - 2015-05-11 14:17 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-05 21:51 - 2015-05-07 13:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-05 21:51 - 2015-05-07 12:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-05 21:51 - 2015-04-24 22:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-05 21:50 - 2015-05-03 11:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 21:50 - 2015-05-03 10:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 21:50 - 2015-05-03 10:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-05 21:50 - 2015-05-03 10:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-05 21:49 - 2015-06-15 18:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-05 21:49 - 2015-06-15 18:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-05 21:49 - 2015-06-15 17:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-08-05 21:49 - 2015-06-15 17:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-05 21:49 - 2015-06-15 17:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-05 21:49 - 2015-06-15 17:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-05 21:49 - 2015-06-15 16:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-05 21:49 - 2015-06-15 16:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-08-05 21:49 - 2015-06-15 16:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-05 21:49 - 2015-06-15 16:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-05 21:49 - 2015-06-15 16:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-05 21:49 - 2015-06-15 16:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-08-05 21:49 - 2015-06-15 16:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-08-05 21:49 - 2015-06-15 16:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-08-05 21:48 - 2015-06-26 19:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-05 21:48 - 2015-06-16 01:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-08-05 21:48 - 2015-06-16 01:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-08-05 21:48 - 2015-06-10 23:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-05 21:48 - 2015-06-10 12:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-05 21:48 - 2015-05-11 12:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-08-05 21:48 - 2015-04-28 09:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-08-05 21:48 - 2015-04-28 09:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-08-05 21:48 - 2015-04-23 11:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-05 21:48 - 2015-04-23 11:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-05 21:47 - 2015-05-12 09:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-08-05 21:47 - 2015-05-07 12:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-08-05 21:47 - 2015-05-03 11:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-05 21:47 - 2015-05-03 10:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-05 21:14 - 2015-08-05 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-05 21:14 - 2015-08-05 21:14 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-15 10:12 - 2014-09-08 22:55 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-15 10:11 - 2014-10-27 23:52 - 01420939 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-15 10:07 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-15 10:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-15 10:00 - 2013-01-26 01:11 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1505448478-352576845-3373465650-1001
2015-08-15 09:59 - 2014-10-28 00:14 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{631CFC46-6FD0-4139-B4FF-7409B198DDA2}
2015-08-15 09:58 - 2015-03-18 19:50 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-15 09:56 - 2013-01-26 11:59 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-15 09:55 - 2015-03-20 20:16 - 00002208 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-08-15 09:55 - 2014-10-28 00:05 - 00000000 ___RD C:\Users\Kiersten\OneDrive
2015-08-15 09:53 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-14 19:24 - 2015-07-09 22:27 - 677955010 _____ C:\WINDOWS\MEMORY.DMP
2015-08-14 18:50 - 2014-12-26 11:29 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-14 18:40 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-14 18:36 - 2015-03-20 20:17 - 00003372 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Kiersten
2015-08-14 18:35 - 2014-10-27 23:18 - 00000000 ____D C:\Users\CareBear17
2015-08-14 18:29 - 2014-10-27 23:18 - 00000000 ____D C:\Users\Kiersten
2015-08-14 07:28 - 2013-01-26 11:59 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-14 07:17 - 2014-09-07 21:55 - 00106469 _____ C:\WINDOWS\wininit.ini
2015-08-14 06:46 - 2014-09-24 03:15 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-14 06:40 - 2015-03-20 20:17 - 00000000 ____D C:\ProgramData\ProductData
2015-08-13 21:18 - 2013-01-26 01:03 - 00000000 ____D C:\Users\Kiersten\AppData\Local\Packages
2015-08-13 03:37 - 2013-08-22 10:44 - 00509824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 03:34 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 03:34 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 03:34 - 2013-08-22 09:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-08-13 03:33 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 03:33 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 03:23 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-13 03:22 - 2013-08-04 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 03:22 - 2013-08-04 22:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 03:22 - 2013-08-04 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 03:21 - 2013-07-21 01:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 03:17 - 2013-01-27 16:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 03:17 - 2013-01-26 10:46 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 03:15 - 2014-12-14 20:30 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 03:15 - 2014-09-24 05:50 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-13 03:14 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 03:14 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 03:14 - 2012-07-26 01:26 - 00000167 _____ C:\WINDOWS\win.ini
2015-08-13 02:39 - 2014-11-01 08:56 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D957F1F4-BC28-4951-902D-C2055D430341}
2015-08-12 21:47 - 2013-01-26 14:57 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1505448478-352576845-3373465650-1004
2015-08-12 19:58 - 2015-03-18 19:50 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-09 15:40 - 2013-11-01 22:47 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\.minecraft
2015-08-09 14:12 - 2015-02-13 11:19 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\IMVU
2015-08-08 12:09 - 2015-04-26 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-08 12:04 - 2014-11-02 08:35 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-08-08 12:04 - 2014-09-14 21:36 - 00001158 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-07 19:20 - 2015-04-05 13:07 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-08-07 19:20 - 2015-04-05 13:07 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-07 19:20 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-07 19:20 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-07 17:41 - 2014-07-02 12:27 - 00000000 ____D C:\Users\CareBear17\AppData\Local\Screencast-O-Matic
2015-08-06 09:46 - 2014-12-26 09:36 - 00001419 _____ C:\Users\CareBear17\Desktop\ROBLOX Player.lnk
2015-08-06 09:46 - 2014-12-26 09:34 - 00001234 _____ C:\Users\CareBear17\Desktop\ROBLOX Studio.lnk
2015-08-06 09:46 - 2014-12-26 09:34 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2015-08-06 09:46 - 2013-01-26 15:03 - 00000000 ____D C:\Users\CareBear17\AppData\Local\Google
2015-08-06 06:35 - 2013-05-29 12:47 - 00003062 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-08-06 06:35 - 2013-05-29 12:46 - 00003060 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-08-06 06:35 - 2013-01-26 16:26 - 00003118 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-08-06 06:35 - 2013-01-26 16:26 - 00003092 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-08-06 06:35 - 2013-01-26 16:26 - 00003090 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-08-05 21:14 - 2015-03-18 19:50 - 00001961 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-08-05 21:14 - 2015-03-18 19:50 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-08-05 20:18 - 2013-08-22 11:36 - 00000000 __RSD C:\WINDOWS\Media
2015-08-05 20:18 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-08-05 20:18 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-08-05 20:18 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-05 20:18 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-05 20:17 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-05 20:17 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\servicing
2015-08-05 20:16 - 2015-04-03 07:45 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\ProductData
2015-08-05 20:16 - 2015-03-20 20:18 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\ProductData
2015-08-05 20:16 - 2015-03-20 20:16 - 00000000 ____D C:\Users\Kiersten\AppData\Roaming\IObit
2015-08-05 20:16 - 2014-07-02 14:16 - 00000000 ____D C:\Users\CareBear17\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screencast-O-Matic
2015-08-05 20:16 - 2013-11-08 23:11 - 00000000 ____D C:\Users\Public\StarStableOnline
2015-08-05 20:14 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-05 19:25 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\registration
2015-08-02 20:10 - 2014-10-28 03:01 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-02 20:04 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-02 19:17 - 2014-11-14 21:58 - 00000000 __SHD C:\Users\Kiersten\AppData\Local\EmieBrowserModeList
2015-08-02 19:17 - 2014-10-28 00:13 - 00000000 __SHD C:\Users\Kiersten\AppData\Local\EmieUserList
2015-08-02 19:17 - 2014-10-28 00:13 - 00000000 __SHD C:\Users\Kiersten\AppData\Local\EmieSiteList
2015-07-19 18:23 - 2013-01-26 11:59 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-19 18:23 - 2013-01-26 11:59 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2014-03-05 00:25 - 2014-03-05 00:25 - 0000476 _____ () C:\Users\Kiersten\AppData\Roaming\com.zoosk.Desktop_state.xml
2013-01-30 12:06 - 2014-10-10 23:15 - 0000173 _____ () C:\Users\Kiersten\AppData\Local\msmathematics.qat.Kiersten
2015-08-14 05:36 - 2015-08-13 21:26 - 0613255 _____ (CMI Limited) C:\Users\Kiersten\AppData\Local\nscB0F3.tmp
2012-10-07 04:39 - 2012-10-07 04:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-10-08 20:46 - 2015-03-21 09:40 - 0003173 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\CareBear17\AppData\Local\Temp\InstallIMVU_516.0.exe
C:\Users\Kiersten\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-13 04:16
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Kiersten (2015-08-15 10:16:46)
Running from C:\Users\Kiersten\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1505448478-352576845-3373465650-500 - Administrator - Disabled)
CareBear17 (S-1-5-21-1505448478-352576845-3373465650-1004 - Limited - Enabled) => C:\Users\CareBear17
Guest (S-1-5-21-1505448478-352576845-3373465650-501 - Limited - Disabled)
Kiersten (S-1-5-21-1505448478-352576845-3373465650-1001 - Administrator - Enabled) => C:\Users\Kiersten
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_G510nz_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.8 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ATTENTION
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12212.0 - Cisco Consumer Products LLC)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
EasyTether (HKLM-x32\...\{8d3ac0f3-14ee-49ab-9193-a8dbdc6fec0c}) (Version: 1.1.17 - Mobile Stream)
EasyTether (Version: 1.1.17 - Mobile Stream) Hidden
EasyTether ADB USB driver (HKLM\...\{7DD41AE3-10F5-4C46-961C-FAE786519FFF}) (Version: 1.0.0 - Mobile Stream)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
Enterprise (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version: - SEIKO EPSON Corporation)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FindingDiscount (HKLM-x32\...\FindingDiscount) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510n-z 14.0 Rel. 6 (HKLM\...\{6B9B2E57-D988-4258-8A2C-6F3657A600BD}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intelligent Touchpad (HKLM-x32\...\{DD7D6D84-93AB-48CA-A759-94324E341CBA}) (Version: 2.00.0012.0723 - Lenovo)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1900 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.7 - Lenovo EasyCamera)
Lenovo MuteSync (HKLM-x32\...\{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}) (Version: 1.0.10 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0828 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0828 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mathematica Extras 9.0 (3942197) (HKLM\...\A-WIN-Extras 9.0.0 3942197_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 en-US)) (Version: 24.5.0 - Mozilla)
Nitro Pro 7 (HKLM\...\{72D264E5-0C44-42DF-820B-621303E5C183}) (Version: 7.4.1.21 - Nitro PDF Software)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
One System Care (HKLM-x32\...\OneSystemCare) (Version: 2.00.00.1 - OneSystemCare)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.0.9 - Lenovo)
OpenSoftwareUpdater (HKLM-x32\...\OpenSoftwareUpdater) (Version: - )
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 3.0.10.64 - Client Connect LTD) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
ServiceUpdater (HKLM-x32\...\ServiceUpdater) (Version: - )
ServiceUpdater (HKLM-x32\...\WebWatcherInstall) (Version: - )
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SpaceSoundPro Service (HKLM-x32\...\zz.1434.ssp) (Version: 1.0.0 - CSDI)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
SushiLeads (HKLM-x32\...\sushileads) (Version: 2.4.1.4 - SushiLeads)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
TI-83 Plus Flash Debugger (HKLM-x32\...\TI-83 Plus Flash Debugger) (Version: - )
Tny_Cassiopesa (HKLM-x32\...\Tny_Cassiopesa) (Version: - Tny_Cassiopesa)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-1505448478-352576845-3373465650-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Wajam (HKLM-x32\...\WaInterEnhancer) (Version: 2.34.2.52 (i2.6) - WaInterEnhancer) <==== ATTENTION
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Wolfram CDF Player (M-WIN-D 9.0.0 3942419) (HKLM-x32\...\M-WIN-D 9.0.0 3942419_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
WordSurfer 1.10.0.19 (HKLM-x32\...\WordSurfer_1.10.0.19) (Version: 1.10.0.19 - WordSurfer)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
05-08-2015 18:45:13 Windows Update
05-08-2015 19:11:03 Restore Operation
13-08-2015 03:11:31 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2015-08-05 21:14 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AAB1B5D-C707-4706-B31E-1FA577F47CEF} - System32\Tasks\bvxvyxvec => C:\Users\Kiersten\AppData\Local\bvxvyxvec\bvxvyxvec.exe [2015-08-03] () <==== ATTENTION
Task: {0C1AD099-B7C9-459C-94B8-304166BBDFA9} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {0F23281E-688D-406A-937D-B9D31FD51139} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2015-07-31] ()
Task: {16DF8F86-86A7-4051-8D7B-C06E8664273C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {1CEFB9CD-0DFE-47CA-A74A-6B18DEF92CAB} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {2E230C96-DC86-4858-9ED7-768E6FED8C5A} - System32\Tasks\OMYQNNDMU1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {326BDB2B-3C16-4A4F-8B3F-ACD8EACA30CC} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {380B84BB-F8F2-4C71-B65B-0393429F1242} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5151ED8B-07EE-45AC-8E74-7107D2752C55} - System32\Tasks\{ED9F8D0B-4A34-4DE7-8103-6CEC5E3CBBB8} => pcalua.exe -a "C:\Program Files (x86)\AnyProtectEx\uninstall.exe" <==== ATTENTION
Task: {57153552-5504-4A39-B869-361C2C873914} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {5AE75F92-C3B5-4D07-AD60-FCAF3CA63CE3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5D4E11FF-6143-43E8-B8A8-44A41B05AE8C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {61195080-B284-4AEA-8C83-7B536CBEEC1A} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {66BD1350-62D0-4011-A248-1F276B18066C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {7375A6A9-E560-48AE-A811-DD1FBF702843} - \One System Care Run Delay -> No File <==== ATTENTION
Task: {76DB686F-AC50-43EE-8971-FEFD12BB88C6} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: {7BD84A73-1020-424B-97CE-9CDE65B8BC9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {7C0AEB60-255E-40A8-B941-BB8460204D64} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {7C8EA910-6B1F-4251-B74A-8AA54F8D89B3} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {7DDB85A3-5086-477B-8D93-1FD7B3CEE020} - System32\Tasks\Kaomonaenuvn => C:\ProgramData\Kaomonaenuvn\1.0.1.0\jlewroan.exe <==== ATTENTION
Task: {820F8488-4F1B-4C16-8B2E-FA99306D80AC} - System32\Tasks\runTask => %TEMP%/Updater.exe
Task: {83C4FBA0-2389-48DF-9A3F-531F055C89C8} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {84E5164E-1A4D-4834-ABE1-CD184C7B634E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: {8675385C-87AA-4D64-AF15-2B55C8347137} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [2015-06-15] (Word Surfer)
Task: {8C0B3E81-F4D7-4D4F-8BC8-1B5AD7F2CC69} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {8E87B4FA-A509-453D-9F36-DEBCB87BD3EC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {9AFB7AD6-53F0-4FD0-B40F-B5D90F731EA3} - System32\Tasks\SushiLeads => C:\Program Files (x86)\sushileads\ScheduledTask.exe [2015-08-03] ()
Task: {A5F3B644-7F68-4BC4-B5F2-881E9341C414} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {A9A7318B-4F3E-48DB-8D19-AB71D683953F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {AA43EE18-EC9A-4DFF-9BC3-AC656808AAD3} - \PennyBee -> No File <==== ATTENTION
Task: {AB864495-C7A3-4D17-B8B8-30C9E3C4897B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B19B4CBE-ABAA-4CD9-890A-E0107E90E234} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {C834974A-52E6-4A4F-9BF9-2F3E7C9487B2} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {E27805AE-0FAF-4443-8156-E833317E3DD7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E43B0E03-346F-42A6-AF28-4CEA6CB9D05E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-13] (Microsoft Corporation)
Task: {EC44560A-1013-4015-8820-528768360B8A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {EDC411FF-FC17-421C-A3B3-78562294A7C0} - System32\Tasks\updateTask => c:\task.vbs [2015-08-12] ()
Task: {F39034BB-F7FD-49FA-BD3F-41AC9D2ED566} - System32\Tasks\Uninstaller_SkipUac_Kiersten => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {F65CC83F-2FE4-43ED-A8CB-364874510AF6} - System32\Tasks\ASC8_SkipUac_Kiersten => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-04-09] (IObit)
Task: {F8C498A3-C4A9-4ABB-A093-7C53DBA1FCA4} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {FC34BC7A-110D-41BB-B52F-C875FA80F7CB} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [2015-06-15] (Word Surfer)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\OMYQNNDMU1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2012-08-17 13:23 - 2012-08-17 13:23 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2015-08-08 12:05 - 2015-08-08 12:05 - 00161792 _____ () C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\hnsq5471.tmp
2015-06-10 16:59 - 2015-06-10 16:59 - 00330240 _____ () C:\Program Files (x86)\Windows Discount\FindingDiscount\FindingDiscount.exe
2015-08-08 12:05 - 2015-08-08 12:05 - 00209920 _____ () C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\jnsi33E7.tmp
2015-06-10 16:59 - 2015-06-10 16:59 - 00101888 _____ () C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe
2015-08-03 11:14 - 2015-08-03 11:14 - 00010240 _____ () C:\Program Files (x86)\sushileads\NpUpdaterService.exe
2015-08-03 11:14 - 2015-08-03 11:14 - 00006144 _____ () C:\Program Files (x86)\sushileads\AppResources.dll
2015-08-07 10:25 - 2015-08-07 10:25 - 01182720 _____ () C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\InternetEnhancerService.exe
2015-08-14 05:11 - 2015-08-14 05:11 - 00647680 _____ () C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\knsc1441.tmp
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-07-16 03:49 - 2012-07-16 03:49 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2015-07-31 07:19 - 2015-07-31 07:19 - 00581216 _____ () C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
2015-08-07 10:25 - 2015-08-07 10:25 - 00266752 _____ () C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\InternetEnhancer.exe
2015-08-12 06:06 - 2015-08-12 06:06 - 00033480 _____ () C:\Program Files (x86)\SpaceSondPro_v53.1434\SpaceSondPro_Service.exe
2015-08-03 11:14 - 2015-08-03 11:14 - 00381440 _____ () C:\Program Files (x86)\sushileads\SushiLeadsApplication.exe
2010-08-24 10:44 - 2010-08-24 10:44 - 00257224 _____ () C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
2015-08-08 12:05 - 2015-08-14 05:36 - 00972836 _____ () C:\Program Files (x86)\7D36FE88-1439049915-9688-D74E-089E01313F5E\vnsvFAD5.tmp
2015-03-20 20:16 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-03-20 20:17 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-09-07 21:01 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-07 21:01 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-07 21:01 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-07 21:01 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-07 21:01 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-03-20 20:16 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-03-20 20:16 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-20 20:16 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-08-07 10:25 - 2015-08-07 10:25 - 00011776 _____ () C:\Program Files (x86)\WaInterEnhancer\WaInterEnhancer Internet Enhancer\ApiHandlr.dll
2015-03-20 20:16 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-10-07 04:58 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2015-08-12 20:44 - 2015-08-07 20:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 20:44 - 2015-08-07 20:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-12 20:44 - 2015-08-07 20:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2012-10-07 04:20 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-03-20 20:17 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-03-20 20:17 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-03-20 20:17 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Kiersten\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WeWatcherProxy => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1505448478-352576845-3373465650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kiersten\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img6.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{4B019675-706D-4C1A-AAD2-8B61159AAB58}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [TCP Query User{2EBE7D30-F8C1-4C87-AC01-A6CBFCFF7996}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{AA4A8AB6-D8B5-4B30-8564-CDF77E86FF6F}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [TCP Query User{97EF3D18-0D96-4353-9A9B-F5C5D5470875}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{C5B560A3-C7BF-470B-B34A-EE81EFD20C08}] => (Allow) C:\Users\Kiersten\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7893C7BC-5BF1-4433-ACB4-69770FE4DE14}] => (Allow) C:\Users\Kiersten\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{593671A3-74E9-4571-931C-C1D21D506CFD}] => (Allow) C:\Users\Kiersten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWED6UF5\uTorrent.exe
FirewallRules: [{E5836CB0-2F94-4C7F-A743-A52181B8BE89}] => (Allow) C:\Users\Kiersten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWED6UF5\uTorrent.exe
FirewallRules: [{A3C775F0-B41F-4C4D-904A-FDDCFE3989DC}] => (Allow) C:\Users\Kiersten\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{940AF432-97D1-464F-A8F5-44C090D02EA1}] => (Allow) C:\Users\Kiersten\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AEAC8A51-C5CD-482A-AFCB-2DD86A2684FB}] => (Allow) C:\Users\Kiersten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWED6UF5\BitTorrent.exe
FirewallRules: [{D56C9B0D-2CBE-455D-BB0F-FB60027472C8}] => (Allow) C:\Users\Kiersten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWED6UF5\BitTorrent.exe
FirewallRules: [{FBEF1B2C-7809-45A0-AF53-F4CED1D276AB}] => (Allow) C:\Users\Kiersten\AppData\Local\Temp\HP\OJ_AIO_4500_G510n-z_Ent64_Win_WW_140\setup\hpznui40.exe
FirewallRules: [{07072BB2-AFA1-41FD-90E7-2377B22B7A1F}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [{2D6CE2E1-A93F-41A8-819A-893A20283B4A}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [{914A78DA-CB4B-454E-90BD-CE1452311EF0}] => (Allow) C:\Users\Kiersten\AppData\Local\Temp\7zS27BF\hppiw.exe
FirewallRules: [{4DA18BFA-0994-461D-925E-6F5E8EF9EC5C}] => (Allow) C:\Users\Kiersten\AppData\Local\Temp\7zS27BF\hppiw.exe
FirewallRules: [{DF4C7CF1-83C7-4BD5-A2C8-B5BC5F7B9288}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{286C5B5E-0925-477B-B111-5756C6E31A0B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{41681C9A-F96D-420B-AF1D-5731755E3CF8}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\9.0\math.exe
FirewallRules: [{065F89C6-0688-4E46-8885-B2F915960E32}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\9.0\math.exe
FirewallRules: [{0DF418E7-59FD-4844-806F-1A64938A27AC}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\9.0\WolframCDFPlayer.exe
FirewallRules: [{C0DED126-5640-43AC-B1C1-AFF79A56B4E5}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\9.0\WolframCDFPlayer.exe
FirewallRules: [{AD404FF3-E0CD-40C1-BBEB-BCEDD71F2903}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{30FEB346-9C58-4E07-A5CD-679AAC8D0627}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{920928DC-1731-4444-94CF-DF3ED4DAC507}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{8E38B24B-ACD6-47E2-A6AA-E56CA97AB13C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1A7F9795-A9D8-4C95-887A-D70231C2B7D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{DA411412-93C8-4979-AE3D-6DABE3382967}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{55172036-89F3-4CC9-BAF7-E4986B465A5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{9E610E30-BD67-4813-8ECB-E09C1EE71575}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{109F5E01-49C0-47F7-8513-50218EE45FB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{13E5464A-68D1-4550-B481-995C74CCADE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7D26686F-2671-4302-9A04-45720C8AB626}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{478FA289-6EB7-4948-970D-52A7D0AA4755}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{A566237A-D85F-4076-9BF2-6D549C0DBEBB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A2E7E6F2-B789-4E5C-BC54-AF226CCF3B41}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{7CADC68A-9EFE-455D-B7C7-622246AD671C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{097B0054-AE65-41B7-A462-A3B37C5ACC7E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{0C83A509-CC7F-4C29-9EF7-A6DA4816A21D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BC94133E-6412-4023-89BC-88F502A4A8E7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{65A9E6E1-2E5B-4081-B70F-89A322B4D334}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{997D59E0-50CF-4E9C-AD0E-908199EC145F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{E7E97E06-6193-4B5D-896E-4D39B8DEB5B8}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5A3DD7FB-150F-49F4-B9CE-D5AD1D7840AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DB478F8-C08B-4DD3-BE56-AAA7BD1A531A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{286E60F9-3177-4D4C-925D-2704E6C4AF25}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CEA85AF3-07FD-402D-91DC-CDD9039A1938}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C1B89EB3-200E-47DE-8D70-26460A572E24}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CEAAB209-CCF2-42AB-969D-884232A6B6B8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{A700C0A1-0EE0-4608-8004-9D58F915FEDB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6F7601C5-66B0-43EB-99FB-CCA92F35A78C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C2CE4A84-545A-4FA6-B67A-E91956CE00F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 09:56:03 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (08/15/2015 09:56:03 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
System errors:
=============
Error: (08/15/2015 10:13:26 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/15/2015 10:13:25 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/15/2015 10:13:25 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/15/2015 10:13:25 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/15/2015 10:13:24 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/15/2015 10:13:24 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/15/2015 10:07:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Evernote.Evernote.
Error: (08/15/2015 10:07:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.XboxOneSmartGlass.
Error: (08/15/2015 10:07:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: AMZNMobileLLC.KindleforWindows8.
Error: (08/15/2015 10:07:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: 34791E63.CanonInkjetPrintUtility.
Microsoft Office:
=========================
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
Error: (08/15/2015 10:13:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
Error: (08/15/2015 10:07:04 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (08/15/2015 09:56:03 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
Error: (08/15/2015 09:56:03 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: The configuration registry database is corrupt.
C:\Users\Kiersten\AppData\Local\Microsoft\Windows\\UsrClass.dat
CodeIntegrity:
===================================
Date: 2015-08-13 21:28:07.330
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 21:28:07.057
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 21:28:06.873
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 21:28:06.330
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 21:28:05.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 05:02:45.951
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 05:02:45.759
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 05:02:45.563
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 05:02:45.369
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 05:02:45.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8052.91 MB
Available physical RAM: 4614.77 MB
Total Virtual: 16244.91 MB
Available Virtual: 12533.38 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:650.86 GB) (Free:559.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 1EE3F689)
Partition: GPT.
==================== End of log ============================