Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Viruses, Viruses, Viruses! HELP! [Solved]

Started by OkayOkayOkay , Aug 18 2015 08:53 AM
malware virus software help trojan ads file infected

  • This topic is locked This topic is locked

#1
OkayOkayOkay
Posted 18 August 2015 - 08:53 AM

OkayOkayOkay

    Member

  • Member
  • PipPip
  • 58 posts

Hello, 

 

My Windows 7 laptop has become infected with the most horrendous virus/es I've ever had and at the time I got the virus, I had been using (I know it's dreadful) McAfee's anti-virus software. There was an original virus where ads pop-up everywhere (online and on every browser, even newly downloaded ones) and I went to delete any unwanted programs as I thought it could've been a toolbar or something, when I saw weird programs that I couldn't uninstall. Since then, I got a virus that changed ALL, I mean ALL, my files to AAA File types. I can't open them, even when I select what program to run them from. I have additional files and notepad applications that pop-up telling me to restore and my encrypted files via a website. I followed the steps, purely because I was intrigued, and naturally I found I had to pay to restore my files. I did not. I'm not stupid. Just not IT savvy. Anyway, PLEASE HELP! All my work files are encrypted!! 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by simone (administrator) on SIMONE-PC (18-08-2015 15:42:46)
Running from C:\Users\simone\Downloads
Loaded Profiles: simone &  (Available Profiles: simone & simone_2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
() C:\Users\simone\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AmIcoSinglun64] => MICOSINGLUN64.EXE
HKLM\...\Run: [IgfxTray] => Y.EXE
HKLM\...\Run: [SynTPEnh] => PTICS\SYNTP\SYNTPENH.EXE
HKLM\...\Run: [RTHDVCPL] => VCPL64.EXE -S
HKLM\...\Run: [Power Management] => Y.EXE
HKLM\...\Run: [AdobeAAMUpdater-1.0] => RTUPUTILITY.EXE"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [Facebook Update] => C:\Users\simone\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-18] (Facebook Inc.)
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [Steam] => C:\Users\simone\Documents\Sam\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [Amazon Music] => C:\Users\simone\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] ()
HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Run: [BoBrowser] => "C:\Users\simone\AppData\Local\BoBrowser\Application\bobrowser.exe" --no-proxy-server
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\simone\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-18] (Facebook Inc.)
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Users\simone\Documents\Sam\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\simone\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] ()
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BoBrowser] => "C:\Users\simone\AppData\Local\BoBrowser\Application\bobrowser.exe" --no-proxy-server
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Angela White Library Hardcore.lnk [2015-05-02]
ShortcutTarget: Angela White Library Hardcore.lnk -> C:\ProgramData\{07b33647-3eaf-6371-07b3-336473ead91c}\Angela White Library Hardcore.exe (No File)
Startup: C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\restore_files_aocrl.html [2015-08-04] ()
Startup: C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\restore_files_aocrl.txt [2015-08-04] ()
Startup: C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\restore_files_mskmr.html [2015-08-04] ()
Startup: C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\restore_files_mskmr.txt [2015-08-04] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2118140874-322646861-916809801-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2118140874-322646861-916809801-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-2118140874-322646861-916809801-1000] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2118140874-322646861-916809801-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2118140874-322646861-916809801-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: FindBeSTDeal -> {1A8B2860-B5C7-428A-8602-877A5C57E2BF} -> C:\Program Files (x86)\FindBeSTDeal\vv5arQ7bN1lv9j.x64.dll No File
BHO: FFinDBEstDeaL -> {6A0FF26E-90FF-4B2A-9DEE-C513C3222328} -> C:\Program Files (x86)\FFinDBEstDeaL\A6OxY9h4VT84Ky.x64.dll No File
BHO: SpaceCoupoonAepp -> {E7D3299E-F296-43BC-9A10-87F14608773B} -> C:\Program Files (x86)\SpaceCoupoonAepp\oHjArWkqeEJUis.x64.dll No File
BHO-x32: FindBeSTDeal -> {1A8B2860-B5C7-428A-8602-877A5C57E2BF} -> C:\Program Files (x86)\FindBeSTDeal\vv5arQ7bN1lv9j.dll No File
BHO-x32: FFinDBEstDeaL -> {6A0FF26E-90FF-4B2A-9DEE-C513C3222328} -> C:\Program Files (x86)\FFinDBEstDeaL\A6OxY9h4VT84Ky.dll No File
BHO-x32: SpaceCoupoonAepp -> {E7D3299E-F296-43BC-9A10-87F14608773B} -> C:\Program Files (x86)\SpaceCoupoonAepp\oHjArWkqeEJUis.dll No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{876A8950-911E-4837-A99F-CB4E5A6A6252}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{F093FA71-922C-43CF-9ECE-E5AF997F3FFB}: [DhcpNameServer] 10.183.192.1
 
FireFox:
========
FF ProfilePath: C:\Users\simone\AppData\Roaming\Mozilla\Firefox\Profiles\b2fquljk.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2013-06-12] (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2013-06-12] (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2118140874-322646861-916809801-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\simone\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2118140874-322646861-916809801-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-31] ()
FF Plugin HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\simone\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-31] ()
FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-06-30]
FF Extension: No Name - C:\Users\simone\AppData\Roaming\Mozilla\Firefox\Profiles\b2fquljk.default\extensions\[email protected] [not found]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoomkionjjbejegcejiefodgbckeebo [2015-07-17]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnbemfjhoibkhlijfbbjdjafbmhimdn [2015-08-01]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpkpbhapgfjahbajejahjjcghiclegg [2015-06-30]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-25]
CHR Extension: (No Name) - C:\Users\simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25]
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [hdpkpbhapgfjahbajejahjjcghiclegg] - C:\Program Files (x86)\bttb\toolbar.crx [2013-06-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-06] (McAfee, Inc.)
S4 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-30] (Electronic Arts)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [467280 2012-11-27] (Alcatel-Lucent)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /svc [X] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== ATTENTION
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2013-06-12] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2013-06-12] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2013-06-12] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2013-06-12] (Printing Communications Assoc., Inc. (PCAUSA))
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 cpuz134; \??\C:\Users\simone\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S0 mfehidk; system32\drivers\mfehidk.sys [X]
S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-18 15:42 - 2015-08-18 15:45 - 00031966 _____ C:\Users\simone\Downloads\FRST.txt
2015-08-18 15:41 - 2015-08-18 15:43 - 00000000 ____D C:\FRST
2015-08-18 15:39 - 2015-08-18 15:39 - 02173440 _____ (Farbar) C:\Users\simone\Desktop\FRST64.exe
2015-08-13 11:55 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 11:55 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:24 - 2015-07-21 01:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 11:24 - 2015-07-21 01:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 11:24 - 2015-07-16 22:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 11:24 - 2015-07-16 21:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 11:24 - 2015-07-16 21:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 11:24 - 2015-07-16 21:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 11:24 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:24 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:24 - 2015-07-16 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 11:24 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:24 - 2015-07-16 21:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 11:24 - 2015-07-16 21:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:24 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:24 - 2015-07-16 21:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 11:24 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:24 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:24 - 2015-07-16 21:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 11:24 - 2015-07-16 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:24 - 2015-07-16 21:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 11:24 - 2015-07-16 21:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 11:24 - 2015-07-16 21:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 11:24 - 2015-07-16 21:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:24 - 2015-07-16 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 11:24 - 2015-07-16 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 11:24 - 2015-07-16 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 11:24 - 2015-07-16 20:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:24 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:24 - 2015-07-16 20:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:24 - 2015-07-16 20:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 11:24 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:24 - 2015-07-16 20:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 11:24 - 2015-07-16 20:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 11:24 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 11:24 - 2015-07-16 20:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 11:24 - 2015-07-16 20:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 11:24 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 11:24 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:24 - 2015-07-16 20:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 11:24 - 2015-07-16 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 11:24 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:24 - 2015-07-16 20:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 11:24 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:24 - 2015-07-16 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 11:24 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:24 - 2015-07-16 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 11:24 - 2015-07-16 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 11:24 - 2015-07-16 20:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 11:24 - 2015-07-16 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 11:24 - 2015-07-16 20:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 11:24 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:24 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:24 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:24 - 2015-07-16 20:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 11:24 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:24 - 2015-07-16 20:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 11:24 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:24 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:24 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:24 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:24 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 11:00 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:00 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:00 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:00 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:00 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:00 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 11:00 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:00 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 10:59 - 2015-07-15 19:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 10:59 - 2015-07-15 19:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 10:59 - 2015-07-15 19:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 10:59 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 10:59 - 2015-07-15 19:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 10:59 - 2015-07-15 19:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 10:59 - 2015-07-15 19:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 10:59 - 2015-07-15 19:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 10:59 - 2015-07-15 19:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 10:59 - 2015-07-15 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 10:59 - 2015-07-15 19:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 10:59 - 2015-07-15 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 10:59 - 2015-07-15 19:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 10:59 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 10:59 - 2015-07-15 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 10:59 - 2015-07-15 19:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 10:59 - 2015-07-15 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 10:59 - 2015-07-15 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 10:59 - 2015-07-15 18:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 10:59 - 2015-07-15 18:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 10:59 - 2015-07-15 18:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 10:59 - 2015-07-15 18:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 10:59 - 2015-07-15 18:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 10:59 - 2015-07-15 18:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 10:59 - 2015-07-15 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 10:59 - 2015-07-15 18:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 10:59 - 2015-07-15 18:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 10:59 - 2015-07-15 18:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 10:59 - 2015-07-15 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 10:59 - 2015-07-15 18:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 10:59 - 2015-07-15 18:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 10:59 - 2015-07-15 18:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 10:59 - 2015-07-15 18:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 10:59 - 2015-07-15 18:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 10:59 - 2015-07-15 18:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 10:59 - 2015-07-15 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 10:59 - 2015-07-15 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 10:59 - 2015-07-15 18:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 10:59 - 2015-07-15 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 10:59 - 2015-07-15 18:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 10:59 - 2015-07-15 17:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 10:59 - 2015-07-15 17:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 10:59 - 2015-07-15 17:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 10:59 - 2015-07-15 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 10:59 - 2015-07-15 17:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 17:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 17:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 10:59 - 2015-07-15 17:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 10:57 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:57 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 10:57 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 10:57 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 10:57 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 10:57 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 10:56 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 10:50 - 2015-07-30 19:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 10:50 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 10:50 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 10:50 - 2015-07-30 18:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 10:50 - 2015-07-30 18:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 10:50 - 2015-07-30 18:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 10:50 - 2015-07-30 18:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 10:50 - 2015-07-30 17:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 10:50 - 2015-07-30 17:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 10:50 - 2015-07-30 17:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 10:50 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 10:50 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 10:50 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 10:50 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 10:50 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 10:50 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 10:50 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 10:50 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 10:50 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 10:50 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 10:50 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 10:50 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 10:49 - 2015-07-20 19:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:49 - 2015-07-20 19:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 10:49 - 2015-07-20 19:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 10:49 - 2015-07-20 18:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 10:49 - 2015-07-20 18:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 10:49 - 2015-07-20 18:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 10:49 - 2015-07-20 18:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:49 - 2015-07-20 18:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 10:49 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 10:49 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 10:49 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 10:49 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 10:49 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 10:21 - 2015-05-09 19:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-10 21:02 - 2015-08-10 21:02 - 00000000 ____D C:\Users\simone\AppData\Local\Hola
2015-08-10 21:01 - 2015-08-12 17:21 - 00000000 ____D C:\Users\simone\AppData\Roaming\Hola
2015-08-10 20:58 - 2015-08-10 20:58 - 00000000 ____D C:\Program Files\Hola
2015-08-10 20:55 - 2015-08-10 20:55 - 15984256 _____ (Hola Networks Ltd.) C:\Users\simone\Downloads\Hola-Setup-x64-1.9.10.exe
2015-08-07 00:35 - 2015-08-07 00:39 - 23904330 _____ C:\Users\simone\Downloads\5. 4003BUSMK Resource management Week 8(2)(1).pptx
2015-08-06 20:53 - 2015-08-06 21:03 - 49550789 _____ C:\Users\simone\Downloads\3. 4003BUSMK Resource management Week 4(1)(1)(1).pptx
2015-08-06 20:43 - 2015-08-06 20:43 - 00217600 _____ C:\Users\simone\Downloads\SelectionMethods.ppt
2015-08-06 20:39 - 2015-08-06 20:52 - 41102559 _____ C:\Users\simone\Downloads\4003BUSMK Resource management Week 6(2).pptx
2015-08-04 23:57 - 2015-08-04 23:57 - 00000373 _____ C:\Users\simone\Downloads\playmedia.wmv
2015-08-04 19:59 - 2015-08-04 19:59 - 01665976 _____ C:\Users\simone\Downloads\audio (1).wav
2015-08-04 19:38 - 2015-08-04 19:38 - 00000000 ____D C:\Users\simone\AppData\Roaming\ICAClient
2015-08-04 19:37 - 2015-08-04 19:38 - 00000000 ____D C:\ProgramData\Citrix
2015-08-04 19:37 - 2015-08-04 19:37 - 00001665 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-08-04 19:36 - 2015-08-11 21:00 - 00000000 ____D C:\Users\simone\AppData\Local\Citrix
2015-08-04 19:36 - 2015-08-04 19:37 - 00007546 _____ C:\Users\simone\Downloads\imported excel file into SPSS 21.sav
2015-08-04 19:36 - 2015-08-04 19:37 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-08-04 19:33 - 2015-08-04 19:33 - 00008786 _____ C:\Users\simone\Downloads\imported excel file into SPSS 21(1) (1).sav
2015-08-04 19:32 - 2015-08-04 19:34 - 00008786 _____ C:\Users\simone\Downloads\imported excel file into SPSS 21(1).sav
2015-08-04 19:17 - 2015-08-04 19:27 - 46664016 _____ (Citrix Systems, Inc.) C:\Users\simone\Downloads\CitrixReceiver.exe
2015-08-04 17:44 - 2015-08-04 18:12 - 00003833 _____ C:\Users\simone\restore_files_aocrl.html
2015-08-04 17:44 - 2015-08-04 18:12 - 00002177 _____ C:\Users\simone\restore_files_aocrl.txt
2015-08-04 17:42 - 2015-08-04 18:12 - 00003833 _____ C:\Users\simone\Downloads\restore_files_aocrl.html
2015-08-04 17:42 - 2015-08-04 18:12 - 00003833 _____ C:\Users\simone\Documents\restore_files_aocrl.html
2015-08-04 17:42 - 2015-08-04 18:12 - 00002177 _____ C:\Users\simone\Downloads\restore_files_aocrl.txt
2015-08-04 17:42 - 2015-08-04 18:12 - 00002177 _____ C:\Users\simone\Documents\restore_files_aocrl.txt
2015-08-04 17:33 - 2015-08-04 18:10 - 00003833 _____ C:\Users\simone\AppData\Roaming\restore_files_aocrl.html
2015-08-04 17:33 - 2015-08-04 18:10 - 00003833 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\restore_files_aocrl.html
2015-08-04 17:33 - 2015-08-04 18:10 - 00003833 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\restore_files_aocrl.html
2015-08-04 17:33 - 2015-08-04 18:10 - 00003833 _____ C:\Users\simone\AppData\restore_files_aocrl.html
2015-08-04 17:33 - 2015-08-04 18:10 - 00002177 _____ C:\Users\simone\AppData\Roaming\restore_files_aocrl.txt
2015-08-04 17:33 - 2015-08-04 18:10 - 00002177 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\restore_files_aocrl.txt
2015-08-04 17:33 - 2015-08-04 18:10 - 00002177 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\restore_files_aocrl.txt
2015-08-04 17:33 - 2015-08-04 18:10 - 00002177 _____ C:\Users\simone\AppData\restore_files_aocrl.txt
2015-08-04 16:51 - 2015-08-04 18:08 - 00003833 _____ C:\Users\simone\AppData\Local\restore_files_aocrl.html
2015-08-04 16:51 - 2015-08-04 18:08 - 00002177 _____ C:\Users\simone\AppData\Local\restore_files_aocrl.txt
2015-08-04 16:51 - 2015-08-04 17:44 - 00003833 _____ C:\Users\Public\restore_files_aocrl.html
2015-08-04 16:51 - 2015-08-04 17:44 - 00003833 _____ C:\Users\Public\Downloads\restore_files_aocrl.html
2015-08-04 16:51 - 2015-08-04 17:44 - 00002177 _____ C:\Users\Public\restore_files_aocrl.txt
2015-08-04 16:51 - 2015-08-04 17:44 - 00002177 _____ C:\Users\Public\Downloads\restore_files_aocrl.txt
2015-08-04 16:48 - 2015-08-04 17:44 - 00003833 _____ C:\Users\Public\Documents\restore_files_aocrl.html
2015-08-04 16:48 - 2015-08-04 17:44 - 00002177 _____ C:\Users\Public\Documents\restore_files_aocrl.txt
2015-08-04 16:48 - 2015-08-04 16:51 - 00003833 _____ C:\ProgramData\restore_files_aocrl.html
2015-08-04 16:48 - 2015-08-04 16:51 - 00002177 _____ C:\ProgramData\restore_files_aocrl.txt
2015-08-04 15:16 - 2015-08-04 17:33 - 00012958 _____ C:\Users\simone\Documents\Doc1.docx.aaa
2015-08-04 15:15 - 2015-08-18 04:48 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 15:15 - 2015-08-04 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-04 15:15 - 2015-08-04 15:15 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-04 15:15 - 2015-08-04 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-04 15:15 - 2015-08-04 15:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-04 15:15 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 15:15 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 15:15 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 15:05 - 2015-08-04 15:13 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\simone\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-04 14:25 - 2015-08-12 17:22 - 00000000 ____D C:\Users\simone\AppData\Roaming\Solvusoft
2015-08-04 14:25 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2015-08-04 14:20 - 2015-08-04 14:25 - 03894696 _____ (solvusoft Corporation ) C:\Users\simone\Downloads\Setup_WinThruster_2015.exe
2015-08-04 14:07 - 2015-08-04 14:07 - 00000250 _____ C:\Users\simone\Documents\Recovery_File_sfsyb.txt
2015-08-04 13:12 - 2015-08-04 13:24 - 00003833 _____ C:\Users\simone\restore_files_mskmr.html
2015-08-04 13:12 - 2015-08-04 13:24 - 00002177 _____ C:\Users\simone\restore_files_mskmr.txt
2015-08-04 13:06 - 2015-08-04 13:24 - 00003833 _____ C:\Users\simone\Documents\restore_files_mskmr.html
2015-08-04 13:06 - 2015-08-04 13:24 - 00002177 _____ C:\Users\simone\Documents\restore_files_mskmr.txt
2015-08-04 12:21 - 2015-08-04 13:22 - 00003833 _____ C:\Users\simone\AppData\Roaming\restore_files_mskmr.html
2015-08-04 12:21 - 2015-08-04 13:22 - 00003833 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\restore_files_mskmr.html
2015-08-04 12:21 - 2015-08-04 13:22 - 00003833 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\restore_files_mskmr.html
2015-08-04 12:21 - 2015-08-04 13:22 - 00003833 _____ C:\Users\simone\AppData\restore_files_mskmr.html
2015-08-04 12:21 - 2015-08-04 13:22 - 00002177 _____ C:\Users\simone\AppData\Roaming\restore_files_mskmr.txt
2015-08-04 12:21 - 2015-08-04 13:22 - 00002177 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\restore_files_mskmr.txt
2015-08-04 12:21 - 2015-08-04 13:22 - 00002177 _____ C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\restore_files_mskmr.txt
2015-08-04 12:21 - 2015-08-04 13:22 - 00002177 _____ C:\Users\simone\AppData\restore_files_mskmr.txt
2015-08-04 12:03 - 2015-08-04 13:20 - 00003833 _____ C:\Users\simone\AppData\Local\restore_files_mskmr.html
2015-08-04 12:03 - 2015-08-04 13:20 - 00002177 _____ C:\Users\simone\AppData\Local\restore_files_mskmr.txt
2015-08-04 12:03 - 2015-08-04 13:13 - 00003833 _____ C:\Users\Public\restore_files_mskmr.html
2015-08-04 12:03 - 2015-08-04 13:13 - 00003833 _____ C:\Users\Public\Downloads\restore_files_mskmr.html
2015-08-04 12:03 - 2015-08-04 13:13 - 00002177 _____ C:\Users\Public\restore_files_mskmr.txt
2015-08-04 12:03 - 2015-08-04 13:13 - 00002177 _____ C:\Users\Public\Downloads\restore_files_mskmr.txt
2015-08-04 12:00 - 2015-08-04 13:13 - 00003833 _____ C:\Users\Public\Documents\restore_files_mskmr.html
2015-08-04 12:00 - 2015-08-04 13:13 - 00002177 _____ C:\Users\Public\Documents\restore_files_mskmr.txt
2015-08-04 12:00 - 2015-08-04 12:03 - 00003833 _____ C:\ProgramData\restore_files_mskmr.html
2015-08-04 12:00 - 2015-08-04 12:03 - 00002177 _____ C:\ProgramData\restore_files_mskmr.txt
2015-08-03 09:57 - 2015-08-03 09:57 - 00000250 _____ C:\Users\simone\Documents\Recovery_File_rntmb.txt
2015-08-03 08:16 - 2015-08-03 08:16 - 00003833 _____ C:\Users\simone\AppData\Local\restore_files_jmeno.html
2015-08-03 08:16 - 2015-08-03 08:16 - 00002177 _____ C:\Users\simone\AppData\Local\restore_files_jmeno.txt
2015-08-03 08:15 - 2015-08-03 08:15 - 00003833 _____ C:\Users\Public\restore_files_jmeno.html
2015-08-03 08:15 - 2015-08-03 08:15 - 00002177 _____ C:\Users\Public\restore_files_jmeno.txt
2015-08-03 08:13 - 2015-08-03 08:13 - 00003833 _____ C:\Users\Public\Downloads\restore_files_jmeno.html
2015-08-03 08:13 - 2015-08-03 08:13 - 00002177 _____ C:\Users\Public\Downloads\restore_files_jmeno.txt
2015-08-03 08:01 - 2015-08-03 08:13 - 00003833 _____ C:\Users\Public\Documents\restore_files_jmeno.html
2015-08-03 08:01 - 2015-08-03 08:13 - 00003833 _____ C:\ProgramData\restore_files_jmeno.html
2015-08-03 08:01 - 2015-08-03 08:13 - 00002177 _____ C:\Users\Public\Documents\restore_files_jmeno.txt
2015-08-03 08:01 - 2015-08-03 08:13 - 00002177 _____ C:\ProgramData\restore_files_jmeno.txt
2015-08-02 20:40 - 2015-08-04 18:19 - 00000000 ___HD C:\ProgramData\{CA2FACF7-9029-4A21-892B-E7F60B39FF1A}
2015-08-02 20:40 - 2015-08-02 20:40 - 00000250 _____ C:\Users\simone\Documents\Recovery_File_smvml.txt
2015-08-01 23:26 - 2015-08-04 13:06 - 00137390 _____ C:\Users\simone\Downloads\referral assignmentBB.pdf.aaa
2015-08-01 23:20 - 2015-08-04 13:06 - 00137390 _____ C:\Users\simone\Downloads\referral assignmentBB (1).pdf.aaa
2015-08-01 21:02 - 2015-08-01 21:02 - 00875928 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\SET5667.tmp
2015-08-01 19:30 - 2015-08-01 19:30 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-01 19:30 - 2015-08-01 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-01 19:28 - 2015-08-01 19:30 - 00000000 ____D C:\Program Files\iTunes
2015-08-01 19:28 - 2015-08-01 19:28 - 00000000 ____D C:\Program Files\iPod
2015-08-01 19:28 - 2015-08-01 19:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-27 08:00 - 2015-08-04 16:51 - 00000000 ____D C:\Users\simone\AppData\Local\CEF
2015-07-23 18:45 - 2015-08-04 13:06 - 00062430 _____ C:\Users\simone\Downloads\4003BUSMK Resource Management for Marketers 2014.2015 - Case Study (Assessment)(3) (2).docx.aaa
2015-07-23 18:44 - 2015-08-04 13:06 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations (6).doc.aaa
2015-07-21 12:28 - 2015-08-04 13:06 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations (5).doc.aaa
2015-07-21 12:27 - 2015-08-04 13:06 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations (4).doc.aaa
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-18 15:43 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 15:43 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 15:40 - 2013-07-18 13:34 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118140874-322646861-916809801-1000Core.job
2015-08-18 15:28 - 2015-07-01 18:48 - 00000356 _____ C:\Windows\Tasks\DataDimes.job
2015-08-18 15:28 - 2015-06-25 21:03 - 00000356 _____ C:\Windows\Tasks\MovieScout.job
2015-08-18 15:28 - 2015-06-25 20:43 - 00000356 _____ C:\Windows\Tasks\eVerses.job
2015-08-18 15:28 - 2015-06-15 15:03 - 00000354 _____ C:\Windows\Tasks\AppExpo.job
2015-08-18 15:28 - 2013-07-18 13:34 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118140874-322646861-916809801-1000UA.job
2015-08-18 15:28 - 2013-04-09 21:46 - 01643983 _____ C:\Windows\WindowsUpdate.log
2015-08-14 12:32 - 2013-04-28 12:55 - 00000000 ____D C:\Users\simone\AppData\Local\Adobe
2015-08-13 14:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 12:07 - 2013-04-13 09:55 - 00000000 ____D C:\ProgramData\clear.fi
2015-08-13 12:06 - 2014-11-16 16:44 - 00000000 ___RD C:\Users\simone\iCloudDrive
2015-08-13 12:05 - 2011-07-14 09:31 - 00000000 ____D C:\ProgramData\McAfee
2015-08-13 12:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 12:04 - 2009-07-14 05:51 - 00069487 _____ C:\Windows\setupact.log
2015-08-13 12:04 - 2009-07-14 05:45 - 00412424 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 12:03 - 2010-11-21 04:47 - 00540614 _____ C:\Windows\PFRO.log
2015-08-13 12:00 - 2014-12-11 11:13 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 12:00 - 2014-05-26 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 11:59 - 2013-04-11 10:03 - 00000000 ____D C:\Users\simone\AppData\Roaming\SoftGrid Client
2015-08-13 11:37 - 2014-04-20 22:14 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 10:32 - 2014-04-20 22:14 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 17:24 - 2015-05-24 22:00 - 00000024 _____ C:\Users\simone\AppData\Roaming\appdataFr25.bin
2015-08-12 17:23 - 2015-06-25 16:21 - 00000000 ____D C:\Program Files\McAfee
2015-08-07 14:59 - 2013-04-11 09:55 - 00111704 _____ C:\Users\simone\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-06 00:45 - 2013-04-11 10:21 - 00000000 ____D C:\Users\simone\AppData\Roaming\Adobe
2015-08-05 00:57 - 2013-07-18 19:15 - 00000000 ____D C:\Users\simone\AppData\Local\Cyberlink
2015-08-04 19:36 - 2009-07-14 06:13 - 00787616 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 18:19 - 2015-07-09 11:17 - 00000000 ____D C:\Program Files (x86)\Grumpy Mixture
2015-08-04 18:19 - 2015-06-25 16:21 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-08-04 18:19 - 2015-05-02 01:45 - 00000000 ____D C:\ProgramData\{07b33647-3eaf-6371-07b3-336473ead91c}
2015-08-04 18:19 - 2011-07-14 09:31 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-04 18:15 - 2015-06-26 23:37 - 00000000 ____D C:\Program Files (x86)\ff8380ce-0ebd-460b-b253-ec193a0107c8
2015-08-04 18:15 - 2011-07-14 09:03 - 00000000 ____D C:\Program Files (x86)\Acer Games
2015-08-04 17:44 - 2014-09-09 11:34 - 00000000 ____D C:\Users\simone\Sam Uni
2015-08-04 17:44 - 2013-04-11 09:54 - 00000000 ____D C:\Users\simone
2015-08-04 17:42 - 2015-05-31 18:17 - 00000000 ____D C:\Users\simone\Documents\Settlers7
2015-08-04 17:42 - 2015-05-11 15:56 - 00000000 ____D C:\Users\simone\Documents\THE SETTLERS - Heritage of Kings
2015-08-04 17:42 - 2014-09-27 22:50 - 00000000 ____D C:\Users\simone\Documents\Sam Uni
2015-08-04 17:42 - 2014-01-24 16:39 - 00000000 ____D C:\Users\simone\Documents\Sports Interactive
2015-08-04 17:42 - 2013-11-14 02:37 - 00000000 ____D C:\Users\simone\Documents\Sam Polak (SamPolak) on Twitter_files
2015-08-04 17:42 - 2013-10-28 15:52 - 00000000 ____D C:\Users\simone\Documents\simone
2015-08-04 17:42 - 2013-10-15 23:15 - 00000000 ___RD C:\Users\simone\Dropbox
2015-08-04 17:42 - 2013-10-14 23:12 - 00000000 ____D C:\Users\simone\Documents\Sam
2015-08-04 17:42 - 2013-07-06 22:35 - 00000000 ____D C:\Users\simone\Documents\sophie
2015-08-04 17:34 - 2013-10-29 12:09 - 00000000 ____D C:\Users\simone\Documents\recipes
2015-08-04 17:34 - 2013-07-30 14:31 - 00000000 ____D C:\Users\simone\Documents\modules
2015-08-04 17:34 - 2013-04-21 12:40 - 00000000 ____D C:\Users\simone\Documents\HP USB FD
2015-08-04 17:33 - 2015-06-30 09:57 - 00000000 ____D C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-04 17:33 - 2015-06-25 17:33 - 00000000 ____D C:\Users\simone\AppData\Roaming\Mozilla
2015-08-04 17:33 - 2015-02-03 22:39 - 00000000 ____D C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-04 17:33 - 2014-10-20 00:56 - 00000000 ____D C:\Users\simone\AppData\Roaming\PDAppFlex
2015-08-04 17:33 - 2014-10-19 21:30 - 00000000 ____D C:\Users\simone\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-08-04 17:33 - 2014-07-29 15:52 - 00000000 ____D C:\Users\simone\AppData\Roaming\Origin
2015-08-04 17:33 - 2014-01-24 16:39 - 00000000 ____D C:\Users\simone\AppData\Roaming\Sports Interactive
2015-08-04 17:33 - 2013-11-08 19:05 - 00000000 ____D C:\Users\simone\AppData\Roaming\Apple Computer
2015-08-04 17:33 - 2013-10-15 23:14 - 00000000 ____D C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-04 17:33 - 2013-10-15 23:12 - 00000000 ____D C:\Users\simone\AppData\Roaming\Dropbox
2015-08-04 17:33 - 2013-08-19 03:02 - 00000000 ____D C:\Users\simone\AppData\Roaming\Motive
2015-08-04 17:33 - 2013-07-30 15:42 - 00000000 ____D C:\Users\simone\Documents\articles
2015-08-04 17:33 - 2013-07-22 16:41 - 00000000 ____D C:\Users\simone\AppData\Roaming\Windows Live Writer
2015-08-04 17:33 - 2013-07-18 19:15 - 00000000 ____D C:\Users\simone\Documents\CyberLink
2015-08-04 17:33 - 2013-07-18 19:15 - 00000000 ____D C:\Users\simone\AppData\Roaming\PowerCinema
2015-08-04 17:33 - 2013-05-18 14:16 - 00000000 ____D C:\Users\simone\AppData\Roaming\WildTangent
2015-08-04 17:33 - 2013-04-28 12:21 - 00000000 ____D C:\Users\simone\AppData\Roaming\Skype
2015-08-04 17:33 - 2013-04-11 10:02 - 00000000 ____D C:\Users\simone\AppData\Roaming\TP
2015-08-04 17:33 - 2013-04-11 09:58 - 00000000 ____D C:\Users\simone\AppData\Roaming\Macromedia
2015-08-04 17:33 - 2013-04-11 09:55 - 00000000 ____D C:\Users\simone\AppData\Roaming\CyberLink
2015-08-04 17:33 - 2013-04-11 09:54 - 00000000 ___RD C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-04 17:33 - 2013-04-11 09:54 - 00000000 ___RD C:\Users\simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 17:28 - 2014-11-14 03:48 - 00000000 ____D C:\Users\simone\AppData\Local\{220A5177-4107-44BB-83DD-FFDFEF181B1E}
2015-08-04 17:28 - 2013-07-22 16:42 - 00000000 ____D C:\Users\simone\AppData\Local\{D3519129-ADE6-45B8-AB21-362DD18D15AE}
2015-08-04 17:28 - 2013-07-22 16:42 - 00000000 ____D C:\Users\simone\AppData\Local\{859045B5-36F9-4E80-8A9E-5ECBC543D8A5}
2015-08-04 17:28 - 2013-07-22 16:41 - 00000000 ____D C:\Users\simone\AppData\Local\Windows Live Writer
2015-08-04 17:28 - 2013-04-11 09:54 - 00000000 ____D C:\Users\simone\AppData\Local\VirtualStore
2015-08-04 17:20 - 2015-05-31 18:19 - 00000000 ____D C:\Users\simone\AppData\Local\Ubisoft Game Launcher
2015-08-04 17:13 - 2015-06-30 21:34 - 00000000 ____D C:\Users\simone\AppData\Local\Origin
2015-08-04 17:13 - 2015-06-25 17:33 - 00000000 ____D C:\Users\simone\AppData\Local\Mozilla
2015-08-04 17:13 - 2015-03-03 12:14 - 00000000 ____D C:\Users\simone\AppData\Local\Steam
2015-08-04 17:13 - 2014-03-04 02:00 - 00000000 ____D C:\Users\simone\AppData\Local\Skype
2015-08-04 17:13 - 2014-01-24 16:39 - 00000000 ____D C:\Users\simone\AppData\Local\Sports Interactive
2015-08-04 17:13 - 2013-10-24 20:49 - 00000000 ____D C:\Users\simone\AppData\Local\Software
2015-08-04 17:13 - 2013-10-14 20:19 - 00000000 ____D C:\Users\simone\AppData\Local\Microsoft Help
2015-08-04 17:13 - 2013-10-05 18:48 - 00000000 ____D C:\Users\simone\AppData\Local\Microsoft Games
2015-08-04 17:13 - 2013-04-11 10:03 - 00000000 ____D C:\Users\simone\AppData\Local\SoftGrid Client
2015-08-04 17:13 - 2013-04-11 09:55 - 00000000 ____D C:\Users\simone\AppData\Local\PowerCinema
2015-08-04 16:52 - 2015-06-02 11:43 - 00000000 ____D C:\Users\simone\AppData\Local\GWX
2015-08-04 16:52 - 2014-07-26 18:23 - 00000000 ____D C:\Users\simone\AppData\Local\HP
2015-08-04 16:52 - 2013-05-18 15:55 - 00000000 ____D C:\Users\simone\AppData\Local\Google
2015-08-04 16:52 - 2013-05-18 14:14 - 00000000 ____D C:\Users\simone\AppData\Local\Kobo
2015-08-04 16:51 - 2015-06-26 23:37 - 00000000 ____D C:\Users\simone\AppData\Local\globalUpdate
2015-08-04 16:51 - 2014-11-18 01:56 - 00000000 __SHD C:\Users\simone\AppData\Local\EmieBrowserModeList
2015-08-04 16:51 - 2014-11-16 16:45 - 00000000 ____D C:\Users\simone\AppData\Local\BF6FEDFE-5D64-46DE-8770-B2C65D2F0223.aplzod
2015-08-04 16:51 - 2014-11-16 16:44 - 00000000 ____D C:\Users\simone\AppData\Local\Apple Inc
2015-08-04 16:51 - 2014-07-29 15:43 - 00000000 __SHD C:\Users\simone\AppData\Local\EmieUserList
2015-08-04 16:51 - 2014-07-29 15:43 - 00000000 __SHD C:\Users\simone\AppData\Local\EmieSiteList
2015-08-04 16:51 - 2014-01-24 16:52 - 00000000 ____D C:\Users\simone\AppData\Local\Chromium
2015-08-04 16:51 - 2014-01-24 16:39 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2015-08-04 16:51 - 2013-11-08 19:05 - 00000000 ____D C:\Users\simone\AppData\Local\Apple Computer
2015-08-04 16:51 - 2013-11-08 19:02 - 00000000 ____D C:\Users\simone\AppData\Local\Apple
2015-08-04 16:51 - 2013-07-18 13:34 - 00000000 ____D C:\Users\simone\AppData\Local\Facebook
2015-08-04 16:51 - 2013-04-11 09:58 - 00000000 ____D C:\Users\simone\AppData\Local\EgisTec IPS
2015-08-04 16:51 - 2013-04-11 09:55 - 00000000 ____D C:\Users\simone\AppData\Local\Acer
2015-08-04 16:51 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-04 16:51 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-04 16:49 - 2015-07-01 18:48 - 00000000 ____D C:\ProgramData\{efd2db6a-5aad-e325-efd2-2db6a5aa6da9}
2015-08-04 16:49 - 2015-06-29 23:28 - 00000000 ____D C:\Quarantine
2015-08-04 16:49 - 2015-06-25 21:03 - 00000000 ____D C:\ProgramData\{114bb2a5-75d2-f337-114b-bb2a575dca95}
2015-08-04 16:49 - 2015-06-25 17:33 - 00000000 ____D C:\ProgramData\Mozilla
2015-08-04 16:49 - 2015-06-15 15:03 - 00000000 ____D C:\ProgramData\{4b6fa6b5-10de-e55c-4b6f-fa6b510d9ad4}
2015-08-04 16:49 - 2014-10-20 00:02 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-04 16:49 - 2014-07-29 15:49 - 00000000 ____D C:\ProgramData\Origin
2015-08-04 16:49 - 2014-07-26 18:25 - 00000000 ____D C:\ProgramData\HP
2015-08-04 16:49 - 2013-08-19 03:00 - 00000000 ____D C:\ProgramData\Motive
2015-08-04 16:49 - 2013-04-11 12:25 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2015-08-04 16:49 - 2013-04-09 22:01 - 00000000 ____D C:\ProgramData\Temp
2015-08-04 16:49 - 2013-04-09 21:58 - 00000000 ____D C:\ProgramData\NTI Launcher
2015-08-04 16:49 - 2013-04-09 21:54 - 00000000 ____D C:\ProgramData\Intel
2015-08-04 16:49 - 2011-07-14 09:59 - 00000000 ____D C:\ProgramData\newsXpresso
2015-08-04 16:49 - 2011-07-14 09:52 - 00000000 ____D C:\ProgramData\Symantec
2015-08-04 16:49 - 2011-07-14 09:52 - 00000000 ____D C:\ProgramData\oem
2015-08-04 16:49 - 2011-07-14 09:30 - 00000000 ____D C:\ProgramData\Skype
2015-08-04 16:49 - 2011-07-14 09:03 - 00000000 ____D C:\ProgramData\WildTangent
2015-08-04 16:48 - 2015-06-29 16:22 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-08-04 16:48 - 2013-11-08 19:03 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-04 16:48 - 2013-11-08 19:00 - 00000000 ____D C:\ProgramData\Apple
2015-08-04 16:48 - 2013-04-09 22:03 - 00000000 ____D C:\ProgramData\CLSK
2015-08-04 16:48 - 2013-04-09 22:01 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-04 16:48 - 2013-04-09 21:57 - 00000000 ____D C:\ProgramData\FLEXnet
2015-08-04 16:48 - 2013-04-09 21:45 - 00000000 ____D C:\ProgramData\EgisTec
2015-08-04 16:48 - 2011-07-14 09:55 - 00000000 ____D C:\ProgramData\BackupManager
2015-08-04 16:48 - 2011-07-14 09:53 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 16:48 - 2011-07-14 09:49 - 00000000 ____D C:\ProgramData\EgisTec IPS
2015-08-04 16:48 - 2011-07-14 09:01 - 00000000 ____D C:\ProgramData\AmUStor
2015-08-04 16:46 - 2011-07-14 09:35 - 00000000 ____D C:\ProgramData\Acer
2015-08-04 16:36 - 2011-07-14 09:49 - 00000000 ____D C:\Program Files\EgisTec IPS
2015-08-04 14:09 - 2013-04-09 21:44 - 00000000 ____D C:\book
2015-08-04 14:09 - 2011-07-14 09:22 - 00000000 ___HD C:\OEM
2015-08-04 14:09 - 2011-07-14 08:55 - 00000000 ____D C:\Intel
2015-08-04 13:06 - 2015-07-09 11:26 - 00185294 _____ C:\Users\simone\Documents\WOW.docx.aaa
2015-08-04 13:06 - 2015-07-06 22:30 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations (3).doc.aaa
2015-08-04 13:06 - 2015-07-06 22:29 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations (2).doc.aaa
2015-08-04 13:06 - 2015-07-01 15:31 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations (1).doc.aaa
2015-08-04 13:06 - 2015-07-01 15:19 - 00020110 _____ C:\Users\simone\Downloads\JMU_PROGTRAN.pdf.aaa
2015-08-04 13:06 - 2015-06-30 19:02 - 00024350 _____ C:\Users\simone\DxDiag.txt.aaa
2015-08-04 13:06 - 2015-06-29 07:32 - 00062430 _____ C:\Users\simone\Downloads\4003BUSMK Resource Management for Marketers 2014.2015 - Case Study (Assessment)(3) (1).docx.aaa
2015-08-04 13:06 - 2015-06-28 13:55 - 00180654 _____ C:\Users\simone\Downloads\4005BUSMK-Report Sam Polack.docx.aaa
2015-08-04 13:06 - 2015-06-12 18:22 - 00140942 _____ C:\Users\simone\Downloads\Yasir Abd-al-Fatah Muhammad Said_ Wanted Poster master.pdf.aaa
2015-08-04 13:06 - 2015-06-04 13:34 - 00362366 _____ C:\Users\simone\Downloads\standard-tube-map.pdf.aaa
2015-08-04 13:06 - 2015-06-02 21:49 - 00079790 _____ C:\Users\simone\Downloads\Sophie Polak CV.doc.aaa
2015-08-04 13:06 - 2015-06-02 19:00 - 01784974 _____ C:\Users\simone\Downloads\Bath Eating Out Guide 2014.pdf.aaa
2015-08-04 13:06 - 2015-06-02 18:54 - 00128830 _____ C:\Users\simone\Downloads\Price List 2015.pdf.aaa
2015-08-04 13:06 - 2015-05-27 21:31 - 00300158 _____ C:\Users\simone\Downloads\sfe_pn1_notes_1516_d (1).pdf.aaa
2015-08-04 13:06 - 2015-05-27 21:30 - 00300158 _____ C:\Users\simone\Downloads\sfe_pn1_notes_1516_d.pdf.aaa
2015-08-04 13:06 - 2015-05-20 09:06 - 00015214 ___SH C:\Users\simone\Downloads\AlbumArt_{CAFFA9CA-864B-4114-9B48-CE6FBED6C45B}_Large.jpg.aaa
2015-08-04 13:06 - 2015-05-20 09:06 - 00003838 ___SH C:\Users\simone\Downloads\AlbumArt_{CAFFA9CA-864B-4114-9B48-CE6FBED6C45B}_Small.jpg.aaa
2015-08-04 13:06 - 2015-05-03 23:20 - 00010174 ___SH C:\Users\simone\Downloads\AlbumArt_{1B392F9F-E4D4-4F24-9C3E-5707B61D39B5}_Large.jpg.aaa
2015-08-04 13:06 - 2015-05-03 23:20 - 00003118 ___SH C:\Users\simone\Downloads\AlbumArt_{1B392F9F-E4D4-4F24-9C3E-5707B61D39B5}_Small.jpg.aaa
2015-08-04 13:06 - 2015-05-02 20:25 - 00065454 _____ C:\Users\simone\Downloads\school-leaver-cv-template (1).doc.aaa
2015-08-04 13:06 - 2015-05-02 20:24 - 00076206 _____ C:\Users\simone\Downloads\unemployed-cv-template.doc.aaa
2015-08-04 13:06 - 2015-04-29 16:37 - 00325950 _____ C:\Users\simone\Downloads\6. New Product Development.pptx.aaa
2015-08-04 13:06 - 2015-04-29 15:27 - 00047022 _____ C:\Users\simone\Downloads\4001BUSMK Exam PAPER May2014.docx.aaa
2015-08-04 13:06 - 2015-04-29 15:27 - 00030542 _____ C:\Users\simone\Downloads\Exam August 2013 - definitive.docx.aaa
2015-08-04 13:06 - 2015-04-29 15:27 - 00023150 _____ C:\Users\simone\Downloads\Exam May 2012.docx.aaa
2015-08-04 13:06 - 2015-04-17 17:15 - 00015854 _____ C:\Users\simone\Downloads\assessment details for 4004BUSMK 2013.docx.aaa
2015-08-04 13:06 - 2015-04-17 17:09 - 00016142 _____ C:\Users\simone\Downloads\Assessment 3 SPSS Data Collection and Data Analysis with deadline date.docx.aaa
2015-08-04 13:06 - 2015-04-14 16:11 - 00124334 _____ C:\Users\simone\Downloads\Module_Guide- 4005BUSMK2014-15.docx.aaa
2015-08-04 13:06 - 2015-04-14 16:10 - 00507790 _____ C:\Users\simone\Downloads\Session 1 - 201415.pptx.aaa
2015-08-04 13:06 - 2015-04-14 14:41 - 03759678 _____ C:\Users\simone\Downloads\9. Integrated Marketing Communications.pptx.aaa
2015-08-04 13:06 - 2015-04-14 11:27 - 05077982 _____ C:\Users\simone\Downloads\6.  Products and Brands.pptx.aaa
2015-08-04 13:06 - 2015-04-13 01:33 - 00000590 ____H C:\Users\simone\Documents\~$anding - Assignment 2.docx.aaa
2015-08-04 13:06 - 2015-04-12 00:57 - 03218862 _____ C:\Users\simone\Downloads\Brands and Brand Positioning (1).ppt.aaa
2015-08-04 13:06 - 2015-04-12 00:47 - 03221422 _____ C:\Users\simone\Downloads\Brands and Brand Positioning.ppt.aaa
2015-08-04 13:06 - 2015-04-07 16:59 - 02262958 _____ C:\Users\simone\Downloads\WK25-Growing Through Brand Extensions.ppt.aaa
2015-08-04 13:06 - 2015-04-07 16:57 - 00241582 _____ C:\Users\simone\Downloads\WK22-Sustaining the Brand Long Term.ppt.aaa
2015-08-04 13:06 - 2015-04-07 16:55 - 01800622 _____ C:\Users\simone\Downloads\WK 21 - GrowingThroughInnovation.ppt.aaa
2015-08-04 13:06 - 2015-04-07 16:54 - 00331182 _____ C:\Users\simone\Downloads\WK 20 - Research In Branding.ppt.aaa
2015-08-04 13:06 - 2015-04-07 16:52 - 00956846 _____ C:\Users\simone\Downloads\WK 19 - Growing the Brand.ppt.aaa
2015-08-04 13:06 - 2015-04-07 16:49 - 00540590 _____ C:\Users\simone\Downloads\WK18 - InternetBrand(1).ppt.aaa
2015-08-04 13:06 - 2015-04-07 13:34 - 00081582 _____ C:\Users\simone\Downloads\4005BUSMK- Report Structure(1) (1).docx.aaa
2015-08-04 13:06 - 2015-03-25 16:34 - 00113214 _____ C:\Users\simone\Downloads\Module_Guide_2014-15_FINAL.docx.aaa
2015-08-04 13:06 - 2015-03-24 19:36 - 00081582 _____ C:\Users\simone\Downloads\4005BUSMK- Report Structure(1).docx.aaa
2015-08-04 13:06 - 2015-03-23 23:47 - 00012894 _____ C:\Users\simone\Downloads\Balance Sheet.xlsx.aaa
2015-08-04 13:06 - 2015-03-23 23:47 - 00012766 _____ C:\Users\simone\Downloads\Cash Flow.xlsx.aaa
2015-08-04 13:06 - 2015-03-23 21:25 - 00086558 _____ C:\Users\simone\Downloads\Business-Plan-for- a-Startup.docx.aaa
2015-08-04 13:06 - 2015-03-22 22:01 - 00029614 _____ C:\Users\simone\Downloads\Profit_loss_cashflow_sales_v2.xls.aaa
2015-08-04 13:06 - 2015-03-22 19:04 - 71453054 _____ C:\Users\simone\Downloads\6  Business plan 24.10.11(1).pptx.aaa
2015-08-04 13:06 - 2015-03-22 19:04 - 00498686 _____ C:\Users\simone\Downloads\LJMU RMFM The P&L Account(3).pptx.aaa
2015-08-04 13:06 - 2015-03-20 16:22 - 00236206 _____ C:\Users\simone\Downloads\4003BUSMK Resource Management for Marketers module guise 2014-15 (2).docx.aaa
2015-08-04 13:06 - 2015-03-20 16:18 - 00236206 _____ C:\Users\simone\Downloads\4003BUSMK Resource Management for Marketers module guise 2014-15 (1).docx.aaa
2015-08-04 13:06 - 2015-03-20 15:40 - 08072798 _____ C:\Users\simone\Downloads\2012_RADD_EN.pdf.aaa
2015-08-04 13:06 - 2015-03-20 12:44 - 00391086 _____ C:\Users\simone\Downloads\BP_Electronic_Business_Plan_Workbook_Sep13.doc.aaa
2015-08-04 13:06 - 2015-03-19 00:19 - 00929902 _____ C:\Users\simone\Downloads\LJMU RMFM The case study - preparing a business plan part 2.pptx.aaa
2015-08-04 13:06 - 2015-03-19 00:19 - 00640062 _____ C:\Users\simone\Downloads\LJMU RMFM The case study - preparing a business plan part 1.pptx.aaa
2015-08-04 13:06 - 2015-03-17 18:28 - 00236206 _____ C:\Users\simone\Downloads\4003BUSMK Resource Management for Marketers module guise 2014-15.docx.aaa
2015-08-04 13:06 - 2015-03-17 18:11 - 00062430 _____ C:\Users\simone\Downloads\4003BUSMK Resource Management for Marketers 2014.2015 - Case Study (Assessment)(3).docx.aaa
2015-08-04 13:06 - 2015-03-17 18:09 - 00028590 _____ C:\Users\simone\Downloads\Week Four_Assessment Sheet for Group Presentations.doc.aaa
2015-08-04 13:06 - 2015-01-16 00:48 - 00513198 _____ C:\Users\simone\Downloads\WhatsApp Chat Emily.txt.aaa
2015-08-04 13:06 - 2015-01-16 00:48 - 00513198 _____ C:\Users\simone\Downloads\WhatsApp Chat Emily (1).txt.aaa
2015-08-04 13:06 - 2015-01-14 22:51 - 00147230 _____ C:\Users\simone\Downloads\Harris%2c 2000.pdf.aaa
2015-08-04 13:06 - 2015-01-11 19:54 - 01970094 _____ C:\Users\simone\Downloads\IMG_4725.JPG.aaa
2015-08-04 13:06 - 2015-01-11 18:31 - 01905406 _____ C:\Users\simone\Downloads\IMG_4719.JPG.aaa
2015-08-04 13:06 - 2015-01-11 18:28 - 01461454 _____ C:\Users\simone\Downloads\IMG_4717.JPG.aaa
2015-08-04 13:06 - 2015-01-09 12:11 - 00631006 _____ C:\Users\simone\Downloads\Jaworski & Kohli 1993.pdf.aaa
2015-08-04 13:06 - 2015-01-09 12:11 - 00147230 _____ C:\Users\simone\Downloads\Harris, 2000.pdf.aaa
2015-08-04 13:06 - 2015-01-06 15:45 - 01448750 _____ C:\Users\simone\Downloads\Tickets-2960553.PDF.aaa
2015-08-04 13:06 - 2015-01-06 14:25 - 00846974 _____ C:\Users\simone\Downloads\2  Business Economic Environment010.10.11(1).pptx.aaa
2015-08-04 13:06 - 2015-01-06 14:15 - 00531342 _____ C:\Users\simone\Downloads\1. Business and Finance for HR Practitioners - Blackboard. 3.10.11(3).pptx.aaa
2015-08-04 13:06 - 2014-12-19 16:01 - 01965422 _____ C:\Users\simone\Downloads\IMG_3337.JPG.aaa
2015-08-04 13:06 - 2014-12-19 14:43 - 00018526 _____ C:\Users\simone\Downloads\Assignment Briefing (1).docx.aaa
2015-08-04 13:06 - 2014-12-19 14:43 - 00018334 _____ C:\Users\simone\Downloads\Seminar Presentation Schedule(1) (1).docx.aaa
2015-08-04 13:06 - 2014-12-18 23:38 - 02538926 _____ C:\Users\simone\Downloads\Intergrated marketing communications simcock.rtf.aaa
2015-08-04 13:06 - 2014-12-17 18:40 - 01761902 _____ C:\Users\simone\Downloads\Pricing (1).pptx.aaa
2015-08-04 13:06 - 2014-12-17 18:40 - 01306862 _____ C:\Users\simone\Downloads\Distribution.pptx.aaa
2015-08-04 13:06 - 2014-12-17 15:24 - 00140206 _____ C:\Users\simone\Downloads\cdc_up_product_design_template.doc.aaa
2015-08-04 13:06 - 2014-12-17 13:05 - 00065438 _____ C:\Users\simone\Downloads\Guidance on Assignment.pptx.aaa
2015-08-04 13:06 - 2014-12-17 13:05 - 00018526 _____ C:\Users\simone\Downloads\Assignment Briefing.docx.aaa
2015-08-04 13:06 - 2014-12-17 13:05 - 00018334 _____ C:\Users\simone\Downloads\Seminar Presentation Schedule(1).docx.aaa
2015-08-04 13:06 - 2014-12-16 01:18 - 01152734 _____ C:\Users\simone\Downloads\Pricing.pptx.aaa
2015-08-04 13:06 - 2014-12-16 01:13 - 00014430 _____ C:\Users\simone\Downloads\Semester 1 Marking sheet.docx.aaa
2015-08-04 13:06 - 2014-12-16 01:11 - 00775390 _____ C:\Users\simone\Downloads\Peter Simcock assignment.docx.aaa
2015-08-04 13:06 - 2014-12-16 01:08 - 00026158 _____ C:\Users\simone\Downloads\Assessment e advanced word.docx.aaa
2015-08-04 13:06 - 2014-12-09 13:01 - 01279934 _____ C:\Users\simone\Downloads\Bay TV.pptx.aaa
2015-08-04 13:06 - 2014-11-21 02:41 - 00091918 _____ C:\Users\simone\Downloads\BANK0518 do-ec-093.pdf.aaa
2015-08-04 13:06 - 2014-10-27 16:32 - 02499502 _____ C:\Users\simone\Downloads\4. Segmentation, targeting and positioning in consumer markets.pptx.aaa
2015-08-04 13:06 - 2014-10-27 16:32 - 00218094 _____ C:\Users\simone\Downloads\3. Marketing Information and Research.pptx.aaa
2015-08-04 13:06 - 2014-10-27 15:33 - 00048318 _____ C:\Users\simone\Downloads\Men's Toiletries - UK - October 2012_Brochure.pdf.aaa
2015-08-04 13:06 - 2014-06-23 21:08 - 00013006 _____ C:\Users\simone\Documents\Unit 37 M2.docx.aaa
2015-08-04 13:06 - 2014-01-22 19:34 - 00017246 ___SH C:\Users\simone\Downloads\AlbumArt_{1AD1C8CC-2453-4029-9653-3807187DDACB}_Large.jpg.aaa
2015-08-04 13:06 - 2014-01-22 19:34 - 00015214 ___SH C:\Users\simone\Downloads\Folder.jpg.aaa
2015-08-04 13:06 - 2014-01-22 19:34 - 00004286 ___SH C:\Users\simone\Downloads\AlbumArt_{1AD1C8CC-2453-4029-9653-3807187DDACB}_Small.jpg.aaa
2015-08-04 13:06 - 2014-01-22 19:34 - 00003838 ___SH C:\Users\simone\Downloads\AlbumArtSmall.jpg.aaa
2015-08-04 13:06 - 2013-08-18 07:50 - 00000590 ____H C:\Users\simone\Documents\~$uff to do.docx.aaa
2015-08-04 13:06 - 2013-08-17 20:05 - 00016542 _____ C:\Users\simone\Documents\stuff to do.docx.aaa
2015-08-04 13:06 - 2013-08-01 12:00 - 00013006 _____ C:\Users\simone\Documents\Title of article.docx.aaa
2015-08-04 13:06 - 2013-05-05 15:32 - 00000590 ____H C:\Users\simone\Documents\~$cial and Political Geography Note1.docx.aaa
2015-08-04 13:06 - 2013-05-05 15:31 - 00081998 _____ C:\Users\simone\Documents\Social and Political Geography Note1.docx.aaa
2015-08-04 13:05 - 2013-06-01 11:40 - 00040046 _____ C:\Users\simone\Documents\sam long division.docx.aaa
2015-08-04 12:42 - 2015-04-22 15:03 - 01496110 _____ C:\Users\simone\Documents\Op Managament Assignment 2.docx.aaa
2015-08-04 12:22 - 2015-06-04 09:32 - 00021790 _____ C:\Users\simone\Documents\grandpa's printing.docx.aaa
2015-08-04 12:22 - 2015-04-07 13:45 - 01423070 _____ C:\Users\simone\Documents\Branding - Assignment 2.docx.aaa
2015-08-04 12:22 - 2013-08-05 09:02 - 00034366 _____ C:\Users\simone\Documents\Forum.docx.aaa
2015-08-04 12:22 - 2013-06-02 18:26 - 00013470 _____ C:\Users\simone\Documents\brownies.docx.aaa
2015-08-04 12:21 - 2015-06-29 07:50 - 00420094 _____ C:\Users\simone\Documents\Academic Appeals Form updated.pdf.aaa
2015-08-04 12:21 - 2015-04-13 12:54 - 00041182 _____ C:\Users\simone\Documents\brand identitty prism start.docx.aaa
2015-08-04 12:21 - 2013-12-21 15:10 - 00035294 _____ C:\Users\simone\Documents\1515028_1571441689570396_1638882517_n.jpg.aaa
2015-08-04 12:21 - 2013-11-22 19:16 - 00074494 _____ C:\Users\simone\Documents\1458486_10151801139756452_684601139_n.jpg.aaa
2015-08-04 12:21 - 2013-11-15 00:32 - 00070574 _____ C:\Users\simone\Documents\Artie_season_1.jpg.aaa
2015-08-04 12:21 - 2013-10-27 23:26 - 00138542 _____ C:\Users\simone\Documents\562345_624343017630168_1172570508_n.jpg.aaa
2015-08-04 12:21 - 2013-10-27 21:19 - 00065758 _____ C:\Users\simone\Documents\1185440_630884943612183_1707685927_n.jpg.aaa
2015-08-04 12:21 - 2013-10-27 21:19 - 00010446 _____ C:\Users\simone\Documents\1174738_629468230420521_68307431_n.jpg.aaa
2015-08-04 12:21 - 2013-10-27 21:18 - 00082574 _____ C:\Users\simone\Documents\1185028_632598330107511_1473251517_n.jpg.aaa
2015-08-04 12:21 - 2013-10-27 21:18 - 00071870 _____ C:\Users\simone\Documents\1235486_633640183336659_1477956207_n.jpg.aaa
2015-08-04 12:21 - 2013-10-27 21:18 - 00018734 _____ C:\Users\simone\Documents\1012510_632789763421701_1343227643_n.jpg.aaa
2015-08-04 12:21 - 2013-10-27 21:16 - 00037326 _____ C:\Users\simone\Documents\1378481_612908605417659_1892021155_n.jpg.aaa
2015-08-03 21:05 - 2011-07-14 09:36 - 01637411 _____ C:\Windows\DirectX.log
2015-08-01 19:28 - 2013-11-08 19:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-28 13:30 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2015-07-28 13:16 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-25 12:00 - 2015-04-06 03:05 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-20 09:51 - 2015-05-31 21:42 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 09:51 - 2011-07-14 09:54 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2013-12-03 18:45 - 2013-12-03 18:45 - 49940480 _____ () C:\Program Files (x86)\GUT9303.tmp
2015-05-24 22:00 - 2015-08-12 17:24 - 0000024 _____ () C:\Users\simone\AppData\Roaming\appdataFr25.bin
2015-08-04 17:33 - 2015-08-04 18:10 - 0003833 _____ () C:\Users\simone\AppData\Roaming\restore_files_aocrl.html
2015-08-04 17:33 - 2015-08-04 18:10 - 0002177 _____ () C:\Users\simone\AppData\Roaming\restore_files_aocrl.txt
2015-08-04 12:21 - 2015-08-04 13:22 - 0003833 _____ () C:\Users\simone\AppData\Roaming\restore_files_mskmr.html
2015-08-04 12:21 - 2015-08-04 13:22 - 0002177 _____ () C:\Users\simone\AppData\Roaming\restore_files_mskmr.txt
2015-08-04 16:51 - 2015-08-04 18:08 - 0003833 _____ () C:\Users\simone\AppData\Local\restore_files_aocrl.html
2015-08-04 16:51 - 2015-08-04 18:08 - 0002177 _____ () C:\Users\simone\AppData\Local\restore_files_aocrl.txt
2015-08-03 08:16 - 2015-08-03 08:16 - 0003833 _____ () C:\Users\simone\AppData\Local\restore_files_jmeno.html
2015-08-03 08:16 - 2015-08-03 08:16 - 0002177 _____ () C:\Users\simone\AppData\Local\restore_files_jmeno.txt
2015-08-04 12:03 - 2015-08-04 13:20 - 0003833 _____ () C:\Users\simone\AppData\Local\restore_files_mskmr.html
2015-08-04 12:03 - 2015-08-04 13:20 - 0002177 _____ () C:\Users\simone\AppData\Local\restore_files_mskmr.txt
2013-04-09 22:01 - 2013-04-09 22:04 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-08-04 16:48 - 2015-08-04 16:51 - 0003833 _____ () C:\ProgramData\restore_files_aocrl.html
2015-08-04 16:48 - 2015-08-04 16:51 - 0002177 _____ () C:\ProgramData\restore_files_aocrl.txt
2015-08-03 08:01 - 2015-08-03 08:13 - 0003833 _____ () C:\ProgramData\restore_files_jmeno.html
2015-08-03 08:01 - 2015-08-03 08:13 - 0002177 _____ () C:\ProgramData\restore_files_jmeno.txt
2015-08-04 12:00 - 2015-08-04 12:03 - 0003833 _____ () C:\ProgramData\restore_files_mskmr.html
2015-08-04 12:00 - 2015-08-04 12:03 - 0002177 _____ () C:\ProgramData\restore_files_mskmr.txt
 
Some files in TEMP:
====================
C:\Users\simone\AppData\Local\Temp\Hibiki.dll
C:\Users\simone\AppData\Local\Temp\McCSPInstall.dll
C:\Users\simone\AppData\Local\Temp\mccspuninstall.exe
C:\Users\simone\AppData\Local\Temp\ReimagePackage.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-12 19:24
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by simone (2015-08-18 15:47:28)
Running from C:\Users\simone\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2118140874-322646861-916809801-500 - Administrator - Disabled)
Guest (S-1-5-21-2118140874-322646861-916809801-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2118140874-322646861-916809801-1002 - Limited - Enabled)
simone (S-1-5-21-2118140874-322646861-916809801-1000 - Administrator - Enabled) => C:\Users\simone
simone_2 (S-1-5-21-2118140874-322646861-916809801-1003 - Administrator - Enabled) => C:\Users\simone_2
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3502 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.42.68439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
AlllSaverr (HKLM-x32\...\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}) (Version:  - "") <==== ATTENTION
Amazon Music (HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BoBrowser (HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\BoBrowser) (Version: 36.0.1985.141 - BoBrowser) <==== ATTENTION
BoBrowser (HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BoBrowser) (Version: 36.0.1985.141 - BoBrowser) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BT Desktop Help (HKLM-x32\...\BT Desktop Help) (Version:  - )
BT Toolbar (HKLM-x32\...\bttb) (Version: 1.0.0.28 - Visicom Media Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.3.0.5014 - Citrix Systems, Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7709 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DigISuaVer (HKLM-x32\...\{7223EDAC-E091-B3C1-BD91-B66CE557800F}) (Version:  - ) <==== ATTENTION
Dropbox (HKU\S-1-5-21-2118140874-322646861-916809801-1000\...\Dropbox) (Version: 2.4.2 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.4.2 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ExStrraaCooupon (HKLM-x32\...\{98449C67-C7AF-BB53-112D-26C916814611}) (Version:  - ) <==== ATTENTION
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FFinDBEstDeaL (HKLM-x32\...\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}) (Version:  - "") <==== ATTENTION
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 1.0.0.0 - FileParade) <==== ATTENTION
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Football Manager 2013 (HKLM-x32\...\Steam App 207890) (Version:  - Sports Interactive)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version:  - Sports Interactive)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
GrreatSSavae4U (HKLM-x32\...\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}) (Version:  - "") <==== ATTENTION
Happyy2Savea (HKLM-x32\...\{E957849A-94AC-6F46-4623-C31474E3C170}) (Version:  - "") <==== ATTENTION
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
I - Cinema (HKLM-x32\...\I - Cinema) (Version: 1.36.01.22 - iCinema)
I AM STUDYING BLOCKER (HKLM-x32\...\{53B21E29-3967-C332-57EB-C02631658584}) (Version:  - "") <==== ATTENTION
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.9 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Online Plug-in (x32 Version: 14.3.0.5014 - Citrix Systems, Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version:  - )
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Self-service Plug-in (x32 Version: 4.3.0.8352 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
StatMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995}) (Version:  - Software Publisher) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
THE SETTLERS - Heritage of Kings (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
The Settlers 7 - Paths to a Kingdom (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2118140874-322646861-916809801-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\simone\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
13-08-2015 00:00:03 Scheduled Checkpoint
13-08-2015 10:27:25 Windows Update
17-08-2015 01:20:12 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05CFC786-C7B7-4026-BCCA-BE2761B51FD5} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-04-29] (Adobe Systems Incorporated)
Task: {1A89288F-FE86-4B71-BD91-450FBDD399F8} - System32\Tasks\PostPoneInstall => C:\Users\simone\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {31DA562D-9CD8-4DC5-95BE-1FB8E46171E2} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {428807CF-8DA0-4245-8490-B4D135E698D4} - System32\Tasks\MovieScout => c:\programdata\{114bb2a5-75d2-f337-114b-bb2a575dca95}\3379196237532543289b.exe <==== ATTENTION
Task: {51B1C373-140D-4ECE-B605-5E5CA378BF7C} - System32\Tasks\eVerses => c:\programdata\{150df9aa-1c99-4e6a-150d-df9aa1c9e6a8}\8728079503692968699b.exe <==== ATTENTION
Task: {5B5B14C1-3687-4D9F-8CE8-4E4236422118} - System32\Tasks\DataDimes => c:\programdata\{efd2db6a-5aad-e325-efd2-2db6a5aa6da9}\1505741012411635679b.exe <==== ATTENTION
Task: {6563D613-7526-4A3B-8FB2-DE341FAAD3FA} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {69C42FB8-8E74-46D8-B0DA-C9CF17827413} - System32\Tasks\AdobeAAMUpdater-1.0-simone-PC-simone => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {81A3A5CA-6648-4797-B69E-7640AF903A3D} - \Run_Bobby_Browser -> No File <==== ATTENTION
Task: {B199BE8A-A51E-43F2-94D5-6B561479B659} - System32\Tasks\AppExpo => c:\programdata\{4b6fa6b5-10de-e55c-4b6f-fa6b510d9ad4}\117533438422115818b.exe <==== ATTENTION
Task: {B74F25FC-2943-48C2-A10C-16889835CAC7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B9742899-96C7-4141-9EBF-7EF1595B7A3A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {BDE8AA28-1BF9-40A8-B19B-12B20094F006} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {CA0D2A68-C9BD-4200-81B4-4ACAF7B62AA0} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D83E006B-6B63-4184-8BB6-59E42EBCFC88} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {E133F4BD-E0B2-44D7-A698-C4B6E6BA2614} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2118140874-322646861-916809801-1000Core => C:\Users\simone\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-18] (Facebook Inc.)
Task: {E39007B2-AC07-4F89-ACFF-110692333436} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2118140874-322646861-916809801-1000UA => C:\Users\simone\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-18] (Facebook Inc.)
Task: {FAFD261D-53D5-4894-982D-50B2C264929A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\AppExpo.job => c:\programdata\{4b6fa6b5-10de-e55c-4b6f-fa6b510d9ad4}\117533438422115818b.exe <==== ATTENTION
Task: C:\Windows\Tasks\DataDimes.job => c:\programdata\{efd2db6a-5aad-e325-efd2-2db6a5aa6da9}\1505741012411635679b.exe <==== ATTENTION
Task: C:\Windows\Tasks\eVerses.job => c:\programdata\{150df9aa-1c99-4e6a-150d-df9aa1c9e6a8}\8728079503692968699b.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118140874-322646861-916809801-1000Core.job => C:\Users\simone\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118140874-322646861-916809801-1000UA.job => C:\Users\simone\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\MovieScout.job => c:\programdata\{114bb2a5-75d2-f337-114b-bb2a575dca95}\3379196237532543289b.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-07-14 09:25 - 2011-03-25 10:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-10 13:25 - 2015-03-02 23:44 - 05886272 _____ () C:\Users\simone\AppData\Local\Amazon Music\Amazon Music Helper.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\simone\Downloads\No Subject (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\simone\Downloads\No Subject.eml:OECustomProperty
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2118140874-322646861-916809801-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2118140874-322646861-916809801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2118140874-322646861-916809801-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\simone_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7F823875-0172-48D5-AC1E-307C3829AA8E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E4CBC260-3522-4B04-BB2F-ED0E13628D23}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0C53FC8F-8DFB-4237-9579-D2D1D0E3631B}] => (Allow) LPort=2869
FirewallRules: [{8E624F23-4BA7-4BCE-8025-5794B04FFCBB}] => (Allow) LPort=1900
FirewallRules: [{78A92B37-6D45-4CB1-AD02-4AA27B3A62A7}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{EDD5588E-B044-4018-AE06-9F1C58EB6DAA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{87E6B1F3-DDB6-4E42-98B9-582D44C4B502}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{A6AB1F05-87B6-4948-B402-F9B4BE378F86}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{1FF09B8A-B2DC-4F7F-A3E3-710ACCBE69B4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{A30A5C82-3E43-4B6A-94C4-FF814AA99B13}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{378F996A-4217-4416-B1E5-2C12C263B2DF}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{B3305B4A-1E26-42D9-ABDA-C350EEE06518}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{480832FE-8C6A-4A81-BAF7-3858FB5FC7B2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{E7DA8E48-5672-458C-9B8E-A96F48F1820A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C2F33104-6DCA-4657-A8CD-E166176F125D}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe
FirewallRules: [{0FA1F5B8-1FAE-4562-BBCB-65B2C8FCF5D3}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe
FirewallRules: [{79BF75AD-2898-4A12-84AF-41AD7631DE48}] => (Allow) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
FirewallRules: [{D36676F8-3774-461F-A5B6-916188511A98}] => (Allow) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
FirewallRules: [{96CF67E6-1C41-419D-AF6F-AD1EBFF0AA27}] => (Allow) C:\Program Files (x86)\bttb\dtuser.exe
FirewallRules: [{D492B4A6-CCE5-406F-9C6D-786F88F050DC}] => (Allow) C:\Program Files (x86)\bttb\dtuser.exe
FirewallRules: [{BE84AF99-1E4B-41A8-A848-AAB3D9696523}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EF71126B-6700-4099-A593-5AB9D753333D}] => (Allow) C:\Users\simone\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1F3DB990-574F-441A-A21F-831308EB301F}] => (Allow) C:\Users\simone\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B0DBD644-124C-4A86-AF71-27BEC0A8E3E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{611B5D44-9224-4897-87FC-62D2776B6F90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A9C3D091-C124-4D49-A2B5-6B9A2911568B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D65DAB46-D14D-45F0-A5BD-2326CB18B458}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{347440F8-DC89-46FC-A186-2590E77FDD77}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{96790919-A1AB-466C-BD7A-E75890460A6F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3ABB3C19-43FC-45DF-B128-588C9BB26432}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2013\fm.exe
FirewallRules: [{E4EE79DD-8F9A-4AE3-8FC9-61FB34DB12BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2013\fm.exe
FirewallRules: [{2C7326D5-7B21-40FD-BC4F-AF31C22D495B}] => (Allow) C:\Users\simone\Documents\Sam\Steam\Steam.exe
FirewallRules: [{67F63534-0D29-4544-9468-51A4514F3667}] => (Allow) C:\Users\simone\Documents\Sam\Steam\Steam.exe
FirewallRules: [{DBCAAC25-7114-41A5-8170-787367B892DD}] => (Allow) C:\Users\simone\Documents\Sam\Steam\SteamApps\common\Football Manager 2013\fm.exe
FirewallRules: [{E0C3AB0A-A715-4B50-B10D-F4B5E9D433D4}] => (Allow) C:\Users\simone\Documents\Sam\Steam\SteamApps\common\Football Manager 2013\fm.exe
FirewallRules: [{560B2D7A-32E8-45E3-AB48-EA7D1BB1CA7F}] => (Allow) C:\Users\simone\Documents\Sam\Steam\SteamApps\common\Football Manager 2014\fm.exe
FirewallRules: [{E6AB02DE-58C1-4ACA-96C0-5350943D148B}] => (Allow) C:\Users\simone\Documents\Sam\Steam\SteamApps\common\Football Manager 2014\fm.exe
FirewallRules: [{792A73E3-341A-4FEA-9215-29F486432089}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{EA4433AA-CB3D-44FF-BC28-0F90C5A50351}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{DC4E710D-1174-4EDB-AB79-091A9CF70E75}] => (Allow) C:\Users\simone\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{6A2AA76D-FFC4-4C65-B9CA-C3AB5B40F9C8}] => (Allow) C:\Users\simone\Documents\Sam\Steam\bin\steamwebhelper.exe
FirewallRules: [{AF89615B-C632-4B2F-A373-59237646FB90}] => (Allow) C:\Users\simone\Documents\Sam\Steam\bin\steamwebhelper.exe
FirewallRules: [{9F53FCF7-C474-4B70-AC36-E76B1EC62EAE}] => (Allow) C:\Users\simone\Documents\Sam\Steam\SteamApps\common\Football Manager 2015\fm.exe
FirewallRules: [{EBA062E3-E551-46F6-BAC3-7EAD928642D9}] => (Allow) C:\Users\simone\Documents\Sam\Steam\SteamApps\common\Football Manager 2015\fm.exe
FirewallRules: [{53F9B1DE-6979-41FB-A731-23086D3ECCF9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{21E29774-4055-4366-986E-E3D664520A11}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6F15A35D-4497-4415-9DA3-CC68A7D5C53B}] => (Allow) C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{0D1D0656-1A77-4CF2-91C0-6C4648F0284F}] => (Allow) C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{6BD74B37-AECB-48BF-8C0C-89C093C0F311}] => (Allow) C:\Users\simone\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{481FFED9-476C-4066-B9C6-FBFB05C7628B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2AF6C07A-B83E-4AEF-ACD2-5A389F9C0F54}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 
==================== Faulty Device Manager Devices =============
 
Name: McAfee Inc. mfehidk
Description: McAfee Inc. mfehidk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfehidk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2015 03:42:24 PM) (Source: MsiInstaller) (EventID: 11706) (User: simone-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.
 
Error: (08/18/2015 03:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38410862
 
Error: (08/18/2015 03:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38410862
 
Error: (08/18/2015 03:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/18/2015 04:48:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21356
 
Error: (08/18/2015 04:48:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21356
 
Error: (08/18/2015 04:48:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/18/2015 04:48:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20342
 
Error: (08/18/2015 04:48:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20342
 
Error: (08/18/2015 04:48:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/18/2015 03:28:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (08/18/2015 03:27:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (08/18/2015 12:35:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
 
Error: (08/17/2015 01:23:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
 
Error: (08/15/2015 01:04:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (08/14/2015 12:46:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
 
Error: (08/13/2015 12:07:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (08/13/2015 12:07:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error: 
%%2
 
Error: (08/13/2015 12:05:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
mfehidk
 
Error: (08/13/2015 11:59:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office:
=========================
Error: (08/18/2015 03:42:24 PM) (Source: MsiInstaller) (EventID: 11706) (User: simone-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/18/2015 03:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38410862
 
Error: (08/18/2015 03:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38410862
 
Error: (08/18/2015 03:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/18/2015 04:48:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21356
 
Error: (08/18/2015 04:48:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21356
 
Error: (08/18/2015 04:48:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/18/2015 04:48:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20342
 
Error: (08/18/2015 04:48:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20342
 
Error: (08/18/2015 04:48:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU B815 @ 1.60GHz
Percentage of memory in use: 95%
Total physical RAM: 3947.86 MB
Available physical RAM: 191.32 MB
Total Virtual: 7893.92 MB
Available Virtual: 999.12 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:450.76 GB) (Free:250.41 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RCTYCOON) (CDROM) (Total:0.2 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 87524F08)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=450.8 GB) - (Type=07 NTFS)
 
==================== End of log ============================

 


  • 0

Advertisements

#2
BrianDrab
Posted 18 August 2015 - 11:01 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi and welcome to G2G. You've been hit with one of the newer ransomware variants. It may be a variant of TeslaCrypt or even Cryptowall but I'm not certain yet. We can clean your machine of the malware but I'm not certain we can recover your files. Do you have a backup of them?
 
A repository of all current knowledge regarding TeslaCrypt and Alpha Crypt is provided by Grinler (aka Lawrence Abrams), in this topic: TeslaCrypt and Alpha Crypt Ransomware Information Guide and FAQ

Information about and support for decrypting files affected by Alpha Crypt & TeslaCrypt ransomware can be found in this topic:
TeslaDecoder released to decrypt .EXX, .EZZ, .ECC files encrypted by TeslaCrypt

There are ongoing discussions in these topic:

If it is in fact a variant of CryptoWall you should review the following.
http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information
 
Before we do any cleaning please provide me with the following information. I don't want to jeopardize any chances of restoring your files.
 
Step#1 - Retrieve Software Hive
Note: The Software have has confidential and sensitive information in it so please send me a PM with a link to the hive so it's not in the public form.

  • Please download the Freeware RegBak from here: Acelogix Software - Download products
    You will find it at the bottom of the page that the link brings you to.
  • Go ahead and install this program and accept all the defaults. After the last install screen the program should open.
  • Click the New Backup button. Accept the defaults and simply click Start.
  • When it says Finished successfully, click the Close button.
  • This will bring you back to the main screen of the program. You will see one entry in this list with the date that you did it. Right-click on this line-item and select Explore Backup...
  • This will bring you into the folder where the backup was made. You should see a Users folder and a Windows folder along with a couple other files. Double-click on the Windows folder to open it. Then open the System32 folder and then config folder. You should see around 6 files in here, one of which is named SOFTWARE.
  • Copy this file to your Desktop.
  • Now right click on this file on your desktop and select Send to > Compressed (zipped) folder.
  • Then please upload the zip file(s) to your favourite file sharing website (it will be too big to upload here). Examples of services to upload to are Dropbox or One Drive or SendSpace and then just PM me your link.
  • You can close any open windows you have as well as the RegBack program now.

  • 0

#3
OkayOkayOkay
Posted 18 August 2015 - 11:49 AM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

I'm just writing to confirm I received your message and am trying to do all the steps but computer is quite slow. 


  • 0

#4
OkayOkayOkay
Posted 18 August 2015 - 12:08 PM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

I have private messaged you


  • 0

#5
BrianDrab
Posted 18 August 2015 - 02:33 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thanks for the info. I'm reviewing now. I'm assuming you have no backups of the data that was encrypted correct?

 

Also were you by chance at the Ben Gurion Airport in Israel today?


  • 0

#6
BrianDrab
Posted 18 August 2015 - 02:35 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts
Also were you by chance at the Ben Gurion Airport in Israel today?

 

Scratch that...that my have been a couple years ago to the day.


  • 0

#7
OkayOkayOkay
Posted 18 August 2015 - 04:56 PM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

I have no backups. I'm regretting that now! 

 

I wasn't at Ben Gurion. 


  • 0

#8
BrianDrab
Posted 18 August 2015 - 04:58 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

I've prepared all the necessary fixes/instructions to clean up your machine but before we do please perform the following.

 

Step#1 - Questions

1. Do you have backups of any of your data? I see you have Norton Online Backup so wasn't sure if you were using it or some other backup tool. Already Answered.

2. Do you plan on keeping Mcafee Antivirus?

3. Is it your intention to Upgrade to Windows 10 Home when this is all cleaned up?

 

Step#2 - Send Some Files

1. Can you zip up the following files and upload them to my channel over at BC? To zip the files you can right-click on them and select Send To...Compressed (zipped folder).

C:\Users\simone\Documents\Doc1.docx.aaa
C:\Users\simone\Documents\Recovery_File_sfsyb.txt
C:\Users\simone\Documents\restore_files_aocrl.txt

 

Step#3 - Re-install Chrome
Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.
1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.
 

Step#4 - Observations (FYI)

It appears the following adware programs were installed on your machine on the following days.

May 16th

AlllSaverr

GrreatSSavae4U

Happyy2Savea

I AM STUDYING BLOCKER

StatMaker

 

June 25th

FFinDBEstDeaL

 

July 17th

ExStrraaCooupon

 

August 1st

DigISuaVer

 

 

It appears your files were encrypted on August 4th. Curiously this was the same day the following USB drive was plugged into the computer. I wanted to mention this because if you still have this USB drive laying around we will need to address that as well. It's possible it's the source of the infection.

 

Device    : DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_8.07
LastWrite : Tue Aug  4 18:33:54 2015 (UTC)
SN        : 0127000000001797&0
Drive     : CLE USB

 

 

 

Items for your next post

1. Answers to Questions

2. Requested Files Uploaded


Edited by BrianDrab, 18 August 2015 - 07:04 PM.
Added one more item installed on May 16

  • 0

#9
OkayOkayOkay
Posted 19 August 2015 - 02:09 PM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

2. I certainly don't plan on keeping the antivirus as it didn't prevent me getting viruses!

3. Potentially. I haven't looked into it but I have reserved it. Do you recommend doing so?

 

I've sent the requested files.

 

I will uninstall and reinstall chrome once I've sent this message. 

 

Finally, the USB I used was to save files onto once the virus hit. I bought it after the encryption as I had important work to do and needed to save externally as any new files became encrypted once the laptop was restarted. Hope this helps. Thanks again for the response. 


  • 0

#10
OkayOkayOkay
Posted 19 August 2015 - 02:10 PM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

Sorry, with regards to the adware, that's the aforementioned random ads that popup constantly. I have tried using Malwarebytes to remove them but it's failed to. 


  • 0

Advertisements

#11
BrianDrab
Posted 19 August 2015 - 02:45 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Could you attach the files to this post please? For some reason they didn't get sent.

 

2. I certainly don't plan on keeping the antivirus as it didn't prevent me getting viruses!

 

Good, we'll take care of that.

 

3. Potentially. I haven't looked into it but I have reserved it. Do you recommend doing so?

 

I definitely do but that's a personal choice.


  • 0

#12
OkayOkayOkay
Posted 19 August 2015 - 03:18 PM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

I put them in the Dropbox file that we used earlier. The same link as before in your private messages.

 

I will upgrade to Windows 10 once this issue is resolved.


  • 0

#13
OkayOkayOkay
Posted 19 August 2015 - 03:19 PM

OkayOkayOkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

For some reason, as if my software life wasn't already in shambles, I can't reinstall Chrome...


  • 0

#14
BrianDrab
Posted 19 August 2015 - 03:34 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

For some reason, as if my software life wasn't already in shambles, I can't reinstall Chrome...

 

Not a problem. We'll get all this cleaned up. Let me review the files real quick and get back to you.


  • 0

#15
BrianDrab
Posted 19 August 2015 - 03:38 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

I checked your dropbox link and it's still only your software hive. If you could upload those files and provide a link that would be great. To avoid any confusion you could upload them to SendSpace if you wish as well. Then just provide the link.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: malware, virus, software, help, trojan, ads, file, infected

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP