I am using Opera browser. About once or twice a day it opens a tab to the Openthefile.net website about opening an Exe file.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Jody (administrator) on JODY-PC (31-08-2015 17:14:13)
Running from H:\Downloads
Loaded Profiles: Jody (Available Profiles: Jody)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) E:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) E:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) E:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Schneider Electric) E:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Apple Inc.) E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) E:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) E:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) E:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) E:\Windows\System32\GWX\GWX.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Nico Mak Computing) E:\Program Files\File Association Helper\FAHWindow.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Western Digital Technologies, Inc.) E:\Config.Msi\8b4e2.rbf
(Schneider Electric) E:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Sanford, L.P.) E:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
(The Privoxy team - www.privoxy.org) E:\Program Files (x86)\Privoxy\privoxy.exe
(Hewlett-Packard) E:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(InstallShield Software Corporation) E:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Creative Technology Ltd) E:\Windows\SysWOW64\Ctxfihlp.exe
(Sanford, L.P.) E:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Schneider Electric) E:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Creative Technology Ltd) E:\Windows\SysWOW64\CTxfispi.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) E:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Joyent, Inc) E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Western Digital Technologies, Inc.) E:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Western Digital Technologies, Inc.) E:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Microsoft Corporation) E:\Windows\splwow64.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) E:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [FAHConsole] => E:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WD Quick View] => E:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => E:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => E:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinCalendar V4] => "H:\Program Files (x86)\WinCalendar V4\WinCalendarV4_SysTray.exe" /q /c
HKLM-x32\...\Run: [ISUSScheduler] => E:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [Display] => E:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [DLSService] => E:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe [55808 2009-09-29] (Sanford, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => E:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [HP Photosmart 6520 series (NET)] => E:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [WinCalendar V4] => "H:\Program Files (x86)\WinCalendar V4\WinCalendarV4_SysTray.exe /q /c"
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [iCloudServices] => E:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [ApplePhotoStreams] => E:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [iCloudDrive] => E:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [ISUSPM Startup] => E:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\Run: [DymoQuickPrint] => E:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1885944 2009-09-29] (Sanford, L.P.)
HKU\S-1-5-18\...\Run: [WinCalendar V4] => "H:\Program Files (x86)\WinCalendar V4\WinCalendarV4_SysTray.exe" /q /c
HKU\S-1-5-18\...\RunOnce: [SPReview] => E:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => E:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => E:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => E:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => E:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => E:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-09-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => E:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-09-25] (Microsoft Corporation)
Startup: E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2014-11-11]
ShortcutTarget: APC UPS Status.lnk -> E:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2014-09-29]
ShortcutTarget: Privoxy.lnk -> E:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
Startup: E:\Users\Jody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-10-01]
ShortcutTarget: Adobe Gamma.lnk -> E:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.27.35.1
Tcpip\..\Interfaces\{45046CE4-8513-4228-92FE-E29AE280B592}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{78B6D478-E6D0-4241-8E62-F65297DBFD01}: [NameServer] 209.222.18.222,209.222.18.218
Tcpip\..\Interfaces\{78B6D478-E6D0-4241-8E62-F65297DBFD01}: [DhcpNameServer] 172.27.35.1
Tcpip\..\Interfaces\{9FF4D2B2-C0B7-4153-9A0F-D81A25632B04}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://sellercentral.amazon.com/gp/homepage.html/ref=ag_home_logo_home
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-965870668-2612282287-2506016020-1000 -> DefaultScope {D2F561E2-312D-40E5-937E-A5C3D49D0BE5} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-965870668-2612282287-2506016020-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NSBU&chn=retail&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-965870668-2612282287-2506016020-1000 -> {D2F561E2-312D-40E5-937E-A5C3D49D0BE5} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> E:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-08-26] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> E:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-09-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> E:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-09-25] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-08-26] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> E:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2014-09-25] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-25] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-23] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-965870668-2612282287-2506016020-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {8F2EACD9-51A6-4915-B9AD-2AA8657CB472} hxxps://webpostage.stamps.com/webpostage/plugin/SdcWebClientServices.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - E:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-09-25] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2014-09-25] (Microsoft Corporation)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - E:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll No File
FireFox:
========
FF ProfilePath: E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default
FF DefaultSearchEngine.US: Norton Safe Search
FF Homepage: hxxps://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> E:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> E:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> E:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> E:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> E:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> E:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2013-10-02] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> E:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-12-10] (RocketLife, LLP)
FF Plugin-x32: @stamps.com/Web client plug-in,version=1.1.0.41 -> E:\Program Files (x86)\Stamps.com Web Postage Plug-in\npsdcwc.dll [2012-06-12] (Stamps.com, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> E:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> E:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-965870668-2612282287-2506016020-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> E:\Users\Jody\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-09-20] (RocketLife, LLP)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-25] (Apple Inc.)
FF SearchPlugin: E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default\searchplugins\safesearch.xml [2015-02-16]
FF Extension: CyberSearch - E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default\Extensions\
[email protected] [2015-07-20]
FF Extension: Split Browser - E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default\Extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2009-12-29]
FF Extension: <![CDATA[1-ClickWeather]]> - E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default\Extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03} [2010-01-02]
FF Extension: Video DownloadHelper - E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-05-11]
FF Extension: Adblock Plus - E:\Users\Jody\AppData\Roaming\Mozilla\Firefox\Profiles\uv4sgpcg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-08-12]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://amazon.com/"
CHR Profile: E:\Users\Jody\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - E:\Users\Jody\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-11]
CHR Extension: (Google Wallet) - E:\Users\Jody\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-02]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-24]
Opera:
=======
OPR Extension: (Adguard) - E:\Users\Jody\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-10-02]
OPR Extension: (Amazon for Opera) - E:\Users\Jody\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2014-12-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; E:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-01] (Adobe Systems) [File not signed]
R2 AdobeUpdateService; E:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 APC Data Service; E:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; E:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 Apple Mobile Device Service; E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 becldr3Service; E:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
R2 ClickToRunSvc; E:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; E:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-11-02] (Creative Labs) [File not signed]
R2 CTAudSvcService; E:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 HPSupportSolutionsFrameworkService; E:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 MBAMScheduler; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 N360; E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
R2 WDBackup; E:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc.)
R2 WDDriveService; E:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
R2 WinDefend; E:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AN983X64; E:\Windows\System32\DRIVERS\AN983X64.sys [48128 2005-05-19] (Infineon Technologies AG)
S3 AtiHDAudioService; E:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R1 BHDrvx64; E:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_N360; E:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S3 ebdrv; E:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R3 hcw85cir; E:\Windows\System32\drivers\hcw85cir3.sys [32768 2009-07-14] (Hauppauge Computer Works, Inc.)
R1 IDSVia64; E:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150828.001\IDSvia64.sys [767224 2015-08-28] (Symantec Corporation)
R3 MBAMProtector; E:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; E:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; E:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NAVENG; E:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150830.001\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; E:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150830.001\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R1 SRTSP; E:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; E:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; E:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
R3 SymEvent; E:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-24] (Symantec Corporation)
R1 SymIRON; E:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; E:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-31 17:13 - 2015-08-31 17:14 - 00000000 ____D E:\FRST
2015-08-30 21:00 - 2015-08-30 21:01 - 00010128 _____ E:\Windows\DPINST.LOG
2015-08-30 20:59 - 2015-08-30 20:59 - 00000000 ____D E:\Program Files\Western Digital
2015-08-30 20:48 - 2015-08-30 21:00 - 00008192 _____ E:\Windows\SysWOW64\WDPABKP.dat
2015-08-29 15:34 - 2015-08-30 20:41 - 00000000 ____D E:\Program Files (x86)\Mozilla Firefox
2015-08-25 07:35 - 2015-08-25 07:35 - 00001848 _____ E:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-25 07:35 - 2015-08-25 07:35 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-25 07:34 - 2015-08-25 07:35 - 00000000 ____D E:\Program Files (x86)\QuickTime
2015-08-23 19:58 - 2015-08-23 19:58 - 00000000 ____D E:\Users\Jody\AppData\Roaming\Sun
2015-08-23 19:58 - 2015-08-23 19:58 - 00000000 ____D E:\Users\Jody\.oracle_jre_usage
2015-08-20 03:01 - 2015-08-10 21:20 - 25191936 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.dll
2015-08-20 03:01 - 2015-08-10 21:14 - 02724864 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.tlb
2015-08-20 03:01 - 2015-08-10 20:33 - 02724864 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:01 - 2015-08-10 20:20 - 19871232 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtml.dll
2015-08-18 08:27 - 2015-08-18 08:27 - 00001756 _____ E:\Users\Public\Desktop\iTunes.lnk
2015-08-18 08:27 - 2015-08-18 08:27 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-18 08:26 - 2015-08-18 08:27 - 00000000 ____D E:\Program Files\iTunes
2015-08-18 08:26 - 2015-08-18 08:26 - 00000000 ____D E:\Program Files\iPod
2015-08-18 08:26 - 2015-08-18 08:26 - 00000000 ____D E:\Program Files (x86)\iTunes
2015-08-12 03:58 - 2015-08-12 03:58 - 00001152 _____ E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-08-12 03:58 - 2015-08-12 03:58 - 00001140 _____ E:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-08-12 03:16 - 2015-07-30 09:13 - 00124624 _____ (Microsoft Corporation) E:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 03:16 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) E:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 14:54 - 2015-07-28 16:09 - 00017344 _____ (Microsoft Corporation) E:\Windows\system32\CompatTelRunner.exe
2015-08-11 14:54 - 2015-07-28 16:05 - 01116672 _____ (Microsoft Corporation) E:\Windows\system32\appraiser.dll
2015-08-11 14:54 - 2015-07-28 16:05 - 00774656 _____ (Microsoft Corporation) E:\Windows\system32\invagent.dll
2015-08-11 14:54 - 2015-07-28 16:05 - 00743424 _____ (Microsoft Corporation) E:\Windows\system32\generaltel.dll
2015-08-11 14:54 - 2015-07-28 16:05 - 00437760 _____ (Microsoft Corporation) E:\Windows\system32\devinv.dll
2015-08-11 14:54 - 2015-07-28 16:05 - 00227328 _____ (Microsoft Corporation) E:\Windows\system32\aepdu.dll
2015-08-11 14:54 - 2015-07-28 16:05 - 00069120 _____ (Microsoft Corporation) E:\Windows\system32\acmigration.dll
2015-08-11 14:54 - 2015-07-28 15:55 - 01148416 _____ (Microsoft Corporation) E:\Windows\system32\aeinv.dll
2015-08-11 14:54 - 2015-07-16 15:12 - 06131200 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mstscax.dll
2015-08-11 14:54 - 2015-07-16 15:12 - 00856064 _____ (Microsoft Corporation) E:\Windows\SysWOW64\rdvidcrl.dll
2015-08-11 14:54 - 2015-07-16 15:12 - 00053248 _____ (Microsoft Corporation) E:\Windows\SysWOW64\tsgqec.dll
2015-08-11 14:54 - 2015-07-16 15:11 - 07077376 _____ (Microsoft Corporation) E:\Windows\system32\mstscax.dll
2015-08-11 14:54 - 2015-07-16 15:11 - 01057792 _____ (Microsoft Corporation) E:\Windows\system32\rdvidcrl.dll
2015-08-11 14:54 - 2015-07-16 15:11 - 00062976 _____ (Microsoft Corporation) E:\Windows\system32\tsgqec.dll
2015-08-11 14:54 - 2015-07-15 14:15 - 05568960 _____ (Microsoft Corporation) E:\Windows\system32\ntoskrnl.exe
2015-08-11 14:54 - 2015-07-15 14:15 - 00155584 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 14:54 - 2015-07-15 14:15 - 00095680 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 14:54 - 2015-07-15 14:15 - 00094656 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 14:54 - 2015-07-15 14:12 - 01730496 _____ (Microsoft Corporation) E:\Windows\system32\ntdll.dll
2015-08-11 14:54 - 2015-07-15 14:11 - 00362496 _____ (Microsoft Corporation) E:\Windows\system32\wow64win.dll
2015-08-11 14:54 - 2015-07-15 14:11 - 00243712 _____ (Microsoft Corporation) E:\Windows\system32\wow64.dll
2015-08-11 14:54 - 2015-07-15 14:11 - 00215040 _____ (Microsoft Corporation) E:\Windows\system32\winsrv.dll
2015-08-11 14:54 - 2015-07-15 14:11 - 00210944 _____ (Microsoft Corporation) E:\Windows\system32\wdigest.dll
2015-08-11 14:54 - 2015-07-15 14:11 - 00013312 _____ (Microsoft Corporation) E:\Windows\system32\wow64cpu.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 01743360 _____ (Microsoft Corporation) E:\Windows\system32\sysmain.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 01461760 _____ (Microsoft Corporation) E:\Windows\system32\lsasrv.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 01216512 _____ (Microsoft Corporation) E:\Windows\system32\rpcrt4.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 01163264 _____ (Microsoft Corporation) E:\Windows\system32\kernel32.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00729088 _____ (Microsoft Corporation) E:\Windows\system32\kerberos.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00503808 _____ (Microsoft Corporation) E:\Windows\system32\srcore.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00424960 _____ (Microsoft Corporation) E:\Windows\system32\KernelBase.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00342016 _____ (Microsoft Corporation) E:\Windows\system32\schannel.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00315392 _____ (Microsoft Corporation) E:\Windows\system32\msv1_0.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00309760 _____ (Microsoft Corporation) E:\Windows\system32\ncrypt.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00296960 _____ (Microsoft Corporation) E:\Windows\system32\rstrui.exe
2015-08-11 14:54 - 2015-07-15 14:10 - 00136192 _____ (Microsoft Corporation) E:\Windows\system32\sspicli.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00112640 _____ (Microsoft Corporation) E:\Windows\system32\smss.exe
2015-08-11 14:54 - 2015-07-15 14:10 - 00086528 _____ (Microsoft Corporation) E:\Windows\system32\TSpkg.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00050176 _____ (Microsoft Corporation) E:\Windows\system32\srclient.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00044032 _____ (Microsoft Corporation) E:\Windows\system32\cryptbase.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00043520 _____ (Microsoft Corporation) E:\Windows\system32\csrsrv.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00031232 _____ (Microsoft Corporation) E:\Windows\system32\lsass.exe
2015-08-11 14:54 - 2015-07-15 14:10 - 00029184 _____ (Microsoft Corporation) E:\Windows\system32\sspisrv.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00028160 _____ (Microsoft Corporation) E:\Windows\system32\secur32.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00022016 _____ (Microsoft Corporation) E:\Windows\system32\credssp.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00016384 _____ (Microsoft Corporation) E:\Windows\system32\ntvdm64.dll
2015-08-11 14:54 - 2015-07-15 14:10 - 00011264 _____ (Microsoft Corporation) E:\Windows\system32\msmmsp.dll
2015-08-11 14:54 - 2015-07-15 14:09 - 00338432 _____ (Microsoft Corporation) E:\Windows\system32\conhost.exe
2015-08-11 14:54 - 2015-07-15 14:09 - 00064000 _____ (Microsoft Corporation) E:\Windows\system32\auditpol.exe
2015-08-11 14:54 - 2015-07-15 14:05 - 00146432 _____ (Microsoft Corporation) E:\Windows\system32\msaudite.dll
2015-08-11 14:54 - 2015-07-15 14:05 - 00060416 _____ (Microsoft Corporation) E:\Windows\system32\msobjs.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00686080 _____ (Microsoft Corporation) E:\Windows\system32\adtschema.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00006656 _____ (Microsoft Corporation) E:\Windows\system32\apisetschema.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00006144 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00005120 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) E:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:59 - 03989952 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 14:54 - 2015-07-15 13:59 - 03934656 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 14:54 - 2015-07-15 13:56 - 01311768 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ntdll.dll
2015-08-11 14:54 - 2015-07-15 13:55 - 00248832 _____ (Microsoft Corporation) E:\Windows\SysWOW64\schannel.dll
2015-08-11 14:54 - 2015-07-15 13:55 - 00172032 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wdigest.dll
2015-08-11 14:54 - 2015-07-15 13:55 - 00065536 _____ (Microsoft Corporation) E:\Windows\SysWOW64\TSpkg.dll
2015-08-11 14:54 - 2015-07-15 13:55 - 00043008 _____ (Microsoft Corporation) E:\Windows\SysWOW64\srclient.dll
2015-08-11 14:54 - 2015-07-15 13:55 - 00022016 _____ (Microsoft Corporation) E:\Windows\SysWOW64\secur32.dll
2015-08-11 14:54 - 2015-07-15 13:54 - 00552960 _____ (Microsoft Corporation) E:\Windows\SysWOW64\kerberos.dll
2015-08-11 14:54 - 2015-07-15 13:54 - 00259584 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msv1_0.dll
2015-08-11 14:54 - 2015-07-15 13:54 - 00221184 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ncrypt.dll
2015-08-11 14:54 - 2015-07-15 13:54 - 00036864 _____ (Microsoft Corporation) E:\Windows\SysWOW64\cryptbase.dll
2015-08-11 14:54 - 2015-07-15 13:54 - 00025600 _____ (Microsoft Corporation) E:\Windows\SysWOW64\setup16.exe
2015-08-11 14:54 - 2015-07-15 13:54 - 00017408 _____ (Microsoft Corporation) E:\Windows\SysWOW64\credssp.dll
2015-08-11 14:54 - 2015-07-15 13:54 - 00014336 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 14:54 - 2015-07-15 13:53 - 01114112 _____ (Microsoft Corporation) E:\Windows\SysWOW64\kernel32.dll
2015-08-11 14:54 - 2015-07-15 13:53 - 00665088 _____ (Microsoft Corporation) E:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 14:54 - 2015-07-15 13:53 - 00274944 _____ (Microsoft Corporation) E:\Windows\SysWOW64\KernelBase.dll
2015-08-11 14:54 - 2015-07-15 13:53 - 00096768 _____ (Microsoft Corporation) E:\Windows\SysWOW64\sspicli.dll
2015-08-11 14:54 - 2015-07-15 13:53 - 00050176 _____ (Microsoft Corporation) E:\Windows\SysWOW64\auditpol.exe
2015-08-11 14:54 - 2015-07-15 13:53 - 00005120 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wow32.dll
2015-08-11 14:54 - 2015-07-15 13:49 - 00060416 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msobjs.dll
2015-08-11 14:54 - 2015-07-15 13:48 - 00146432 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msaudite.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00686080 _____ (Microsoft Corporation) E:\Windows\SysWOW64\adtschema.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00006656 _____ (Microsoft Corporation) E:\Windows\SysWOW64\apisetschema.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00005120 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00004608 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 12:46 - 00290816 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 14:54 - 2015-07-15 12:46 - 00159232 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 14:54 - 2015-07-15 12:46 - 00129024 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 14:54 - 2015-07-15 12:37 - 00007680 _____ (Microsoft Corporation) E:\Windows\SysWOW64\instnm.exe
2015-08-11 14:54 - 2015-07-15 12:37 - 00002048 _____ (Microsoft Corporation) E:\Windows\SysWOW64\user.exe
2015-08-11 14:54 - 2015-07-15 12:34 - 00006144 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 12:34 - 00004608 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 12:34 - 00003584 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 14:54 - 2015-07-15 12:34 - 00003072 ____H (Microsoft Corporation) E:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 14:54 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) E:\Windows\system32\basesrv.dll
2015-08-11 14:54 - 2015-07-11 09:15 - 00429568 _____ (Microsoft Corporation) E:\Windows\system32\wksprt.exe
2015-08-11 14:53 - 2015-07-20 20:39 - 00389840 _____ (Microsoft Corporation) E:\Windows\system32\iedkcs32.dll
2015-08-11 14:53 - 2015-07-20 20:12 - 00342736 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 14:53 - 2015-07-16 16:54 - 00004096 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollectorres.dll
2015-08-11 14:53 - 2015-07-16 16:37 - 00066560 _____ (Microsoft Corporation) E:\Windows\system32\iesetup.dll
2015-08-11 14:53 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) E:\Windows\system32\vbscript.dll
2015-08-11 14:53 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) E:\Windows\system32\html.iec
2015-08-11 14:53 - 2015-07-16 16:36 - 00048640 _____ (Microsoft Corporation) E:\Windows\system32\ieetwproxystub.dll
2015-08-11 14:53 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) E:\Windows\system32\iertutil.dll
2015-08-11 14:53 - 2015-07-16 16:35 - 00088064 _____ (Microsoft Corporation) E:\Windows\system32\MshtmlDac.dll
2015-08-11 14:53 - 2015-07-16 16:27 - 00054784 _____ (Microsoft Corporation) E:\Windows\system32\jsproxy.dll
2015-08-11 14:53 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) E:\Windows\system32\jscript9.dll
2015-08-11 14:53 - 2015-07-16 16:26 - 00034304 _____ (Microsoft Corporation) E:\Windows\system32\iernonce.dll
2015-08-11 14:53 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) E:\Windows\system32\ieui.dll
2015-08-11 14:53 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) E:\Windows\system32\jscript.dll
2015-08-11 14:53 - 2015-07-16 16:21 - 00814080 _____ (Microsoft Corporation) E:\Windows\system32\jscript9diag.dll
2015-08-11 14:53 - 2015-07-16 16:21 - 00144384 _____ (Microsoft Corporation) E:\Windows\system32\ieUnatt.exe
2015-08-11 14:53 - 2015-07-16 16:21 - 00114688 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollector.exe
2015-08-11 14:53 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) E:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 14:53 - 2015-07-16 16:08 - 00490496 _____ (Microsoft Corporation) E:\Windows\system32\dxtmsft.dll
2015-08-11 14:53 - 2015-07-16 16:00 - 00077824 _____ (Microsoft Corporation) E:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 14:53 - 2015-07-16 15:55 - 00199680 _____ (Microsoft Corporation) E:\Windows\system32\msrating.dll
2015-08-11 14:53 - 2015-07-16 15:54 - 00092160 _____ (Microsoft Corporation) E:\Windows\system32\mshtmled.dll
2015-08-11 14:53 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) E:\Windows\SysWOW64\vbscript.dll
2015-08-11 14:53 - 2015-07-16 15:51 - 00316928 _____ (Microsoft Corporation) E:\Windows\system32\dxtrans.dll
2015-08-11 14:53 - 2015-07-16 15:51 - 00062464 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iesetup.dll
2015-08-11 14:53 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) E:\Windows\SysWOW64\html.iec
2015-08-11 14:53 - 2015-07-16 15:50 - 00047616 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 14:53 - 2015-07-16 15:49 - 00064000 _____ (Microsoft Corporation) E:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 14:53 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iertutil.dll
2015-08-11 14:53 - 2015-07-16 15:43 - 00047104 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jsproxy.dll
2015-08-11 14:53 - 2015-07-16 15:43 - 00030720 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iernonce.dll
2015-08-11 14:53 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieui.dll
2015-08-11 14:53 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jscript.dll
2015-08-11 14:53 - 2015-07-16 15:39 - 00115712 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 14:53 - 2015-07-16 15:38 - 00620032 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 14:53 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) E:\Windows\system32\msfeeds.dll
2015-08-11 14:53 - 2015-07-16 15:35 - 00720384 _____ (Microsoft Corporation) E:\Windows\system32\ie4uinit.exe
2015-08-11 14:53 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) E:\Windows\system32\ieframe.dll
2015-08-11 14:53 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) E:\Windows\system32\mshtmlmedia.dll
2015-08-11 14:53 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) E:\Windows\system32\inetcpl.cpl
2015-08-11 14:53 - 2015-07-16 15:29 - 00418304 _____ (Microsoft Corporation) E:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 14:53 - 2015-07-16 15:24 - 00060416 _____ (Microsoft Corporation) E:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 14:53 - 2015-07-16 15:20 - 00168960 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msrating.dll
2015-08-11 14:53 - 2015-07-16 15:19 - 00076288 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtmled.dll
2015-08-11 14:53 - 2015-07-16 15:17 - 00285696 _____ (Microsoft Corporation) E:\Windows\SysWOW64\dxtrans.dll
2015-08-11 14:53 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jscript9.dll
2015-08-11 14:53 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) E:\Windows\system32\wininet.dll
2015-08-11 14:53 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieframe.dll
2015-08-11 14:53 - 2015-07-16 15:06 - 02052608 _____ (Microsoft Corporation) E:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 14:53 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msfeeds.dll
2015-08-11 14:53 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 14:53 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) E:\Windows\system32\urlmon.dll
2015-08-11 14:53 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dll
2015-08-11 14:53 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wininet.dll
2015-08-11 14:53 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) E:\Windows\SysWOW64\urlmon.dll
2015-08-11 14:53 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 14:53 - 2015-07-14 23:19 - 02004992 _____ (Microsoft Corporation) E:\Windows\system32\msxml6.dll
2015-08-11 14:53 - 2015-07-14 23:19 - 01887232 _____ (Microsoft Corporation) E:\Windows\system32\msxml3.dll
2015-08-11 14:53 - 2015-07-14 23:14 - 00002048 _____ (Microsoft Corporation) E:\Windows\system32\msxml6r.dll
2015-08-11 14:53 - 2015-07-14 23:13 - 00002048 _____ (Microsoft Corporation) E:\Windows\system32\msxml3r.dll
2015-08-11 14:53 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msxml6.dll
2015-08-11 14:53 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msxml3.dll
2015-08-11 14:53 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msxml6r.dll
2015-08-11 14:53 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msxml3r.dll
2015-08-11 14:53 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) E:\Windows\system32\WebClnt.dll
2015-08-11 14:53 - 2015-07-01 16:48 - 00102912 _____ (Microsoft Corporation) E:\Windows\system32\davclnt.dll
2015-08-11 14:53 - 2015-07-01 16:30 - 00206848 _____ (Microsoft Corporation) E:\Windows\SysWOW64\WebClnt.dll
2015-08-11 14:53 - 2015-07-01 16:30 - 00082432 _____ (Microsoft Corporation) E:\Windows\SysWOW64\davclnt.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 02565120 _____ (Microsoft Corporation) E:\Windows\system32\d3d10warp.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 01648128 _____ (Microsoft Corporation) E:\Windows\system32\DWrite.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 01180160 _____ (Microsoft Corporation) E:\Windows\system32\FntCache.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 00100864 _____ (Microsoft Corporation) E:\Windows\system32\fontsub.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 00046080 _____ (Adobe Systems) E:\Windows\system32\atmlib.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 00041984 _____ (Microsoft Corporation) E:\Windows\system32\lpk.dll
2015-08-11 14:52 - 2015-07-30 14:06 - 00014336 _____ (Microsoft Corporation) E:\Windows\system32\dciman32.dll
2015-08-11 14:52 - 2015-07-30 13:57 - 01987584 _____ (Microsoft Corporation) E:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 14:52 - 2015-07-30 13:57 - 01251328 _____ (Microsoft Corporation) E:\Windows\SysWOW64\DWrite.dll
2015-08-11 14:52 - 2015-07-30 13:57 - 00070656 _____ (Microsoft Corporation) E:\Windows\SysWOW64\fontsub.dll
2015-08-11 14:52 - 2015-07-30 13:57 - 00034304 _____ (Adobe Systems) E:\Windows\SysWOW64\atmlib.dll
2015-08-11 14:52 - 2015-07-30 13:57 - 00010240 _____ (Microsoft Corporation) E:\Windows\SysWOW64\dciman32.dll
2015-08-11 14:52 - 2015-07-30 13:55 - 00025600 _____ (Microsoft Corporation) E:\Windows\SysWOW64\lpk.dll
2015-08-11 14:52 - 2015-07-30 12:56 - 03208192 _____ (Microsoft Corporation) E:\Windows\system32\win32k.sys
2015-08-11 14:52 - 2015-07-30 12:52 - 00372736 _____ (Adobe Systems Incorporated) E:\Windows\system32\atmfd.dll
2015-08-11 14:52 - 2015-07-30 12:49 - 00299520 _____ (Adobe Systems Incorporated) E:\Windows\SysWOW64\atmfd.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 03154944 _____ (Microsoft Corporation) E:\Windows\system32\wucltux.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 02606080 _____ (Microsoft Corporation) E:\Windows\system32\wuaueng.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00696320 _____ (Microsoft Corporation) E:\Windows\system32\wuapi.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00192000 _____ (Microsoft Corporation) E:\Windows\system32\wuwebv.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00139776 _____ (Microsoft Corporation) E:\Windows\system32\wuauclt.exe
2015-08-11 14:52 - 2015-07-20 14:12 - 00098304 _____ (Microsoft Corporation) E:\Windows\system32\wudriver.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00091136 _____ (Microsoft Corporation) E:\Windows\system32\WinSetupUI.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00037888 _____ (Microsoft Corporation) E:\Windows\system32\wups2.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00037376 _____ (Microsoft Corporation) E:\Windows\system32\wuapp.exe
2015-08-11 14:52 - 2015-07-20 14:12 - 00036864 _____ (Microsoft Corporation) E:\Windows\system32\wups.dll
2015-08-11 14:52 - 2015-07-20 14:12 - 00012288 _____ (Microsoft Corporation) E:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 14:52 - 2015-07-20 13:56 - 00566784 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wuapi.dll
2015-08-11 14:52 - 2015-07-20 13:56 - 00173056 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wuwebv.dll
2015-08-11 14:52 - 2015-07-20 13:56 - 00093184 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wudriver.dll
2015-08-11 14:52 - 2015-07-20 13:56 - 00034816 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wuapp.exe
2015-08-11 14:52 - 2015-07-20 13:56 - 00030208 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wups.dll
2015-08-11 14:52 - 2015-07-10 13:51 - 14177280 _____ (Microsoft Corporation) E:\Windows\system32\shell32.dll
2015-08-11 14:52 - 2015-07-10 13:34 - 12875776 _____ (Microsoft Corporation) E:\Windows\SysWOW64\shell32.dll
2015-08-11 14:52 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) E:\Windows\system32\notepad.exe
2015-08-11 14:52 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) E:\Windows\notepad.exe
2015-08-11 14:52 - 2015-07-09 13:42 - 00179712 _____ (Microsoft Corporation) E:\Windows\SysWOW64\notepad.exe
2015-08-11 14:52 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) E:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-06 11:43 - 2015-08-06 11:43 - 00094208 _____ (Apple Inc.) E:\Windows\SysWOW64\QuickTimeVR.qtx
2015-08-06 11:43 - 2015-08-06 11:43 - 00069632 _____ (Apple Inc.) E:\Windows\SysWOW64\QuickTime.qts
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-31 17:11 - 2009-12-29 14:24 - 01905599 _____ E:\Windows\WindowsUpdate.log
2015-08-31 16:52 - 2013-10-02 15:28 - 00000898 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-31 16:46 - 2014-09-23 11:33 - 00000830 _____ E:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-31 15:41 - 2014-11-02 15:31 - 00113880 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-31 12:57 - 2009-07-14 00:45 - 00020496 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-31 12:57 - 2009-07-14 00:45 - 00020496 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-31 02:00 - 2014-09-23 11:32 - 00000000 ____D E:\Users\Jody\AppData\Local\Adobe
2015-08-30 23:52 - 2013-10-02 15:28 - 00000894 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 22:32 - 2015-03-29 10:19 - 00004966 _____ E:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jody-PC-Jody Jody-PC
2015-08-30 21:01 - 2014-09-23 12:02 - 00000000 ____D E:\ProgramData\Package Cache
2015-08-30 20:59 - 2014-09-29 10:15 - 00000000 ___HD E:\Program Files\Common Files\Western Digital
2015-08-30 20:59 - 2014-09-29 10:15 - 00000000 ____D E:\ProgramData\Western Digital
2015-08-30 20:59 - 2014-09-29 10:15 - 00000000 ____D E:\Program Files (x86)\Western Digital
2015-08-30 20:50 - 2015-04-08 08:31 - 00000000 ___RD E:\Users\Jody\Creative Cloud Files
2015-08-30 20:48 - 2015-06-13 03:41 - 00000000 ____D E:\ProgramData\boost_interprocess
2015-08-30 20:48 - 2014-10-17 16:33 - 00000000 ___RD E:\Users\Jody\iCloudDrive
2015-08-30 20:46 - 2015-03-08 02:00 - 00001960 _____ E:\Windows\setupact.log
2015-08-30 20:46 - 2009-07-14 01:08 - 00000006 ____H E:\Windows\Tasks\SA.DAT
2015-08-30 20:45 - 2015-03-12 03:42 - 01584250 _____ E:\Windows\PFRO.log
2015-08-30 20:45 - 2015-02-16 17:25 - 00000000 ____D E:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 13:37 - 2014-11-02 15:31 - 00000000 ____D E:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-30 13:37 - 2010-01-02 15:07 - 00000000 ____D E:\Program Files (x86)\Privoxy
2015-08-29 21:04 - 2014-10-21 18:30 - 00000000 ____D E:\Users\Jody\Documents\Outlook Files
2015-08-29 20:49 - 2014-10-17 16:34 - 00000000 ____D E:\Users\Jody\AppData\Local\9E46A793-0144-4AA1-9F2B-00798DB3FC7A.aplzod
2015-08-27 23:47 - 2013-10-02 15:28 - 00003894 _____ E:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-27 23:47 - 2013-10-02 15:28 - 00003642 _____ E:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-23 20:00 - 2014-12-28 21:29 - 00000000 ____D E:\Program Files (x86)\Java
2015-08-23 20:00 - 2014-12-17 13:32 - 00000000 ____D E:\ProgramData\Oracle
2015-08-23 20:00 - 2014-12-17 13:32 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-23 19:58 - 2009-12-29 14:24 - 00000000 ____D E:\Users\Jody
2015-08-23 19:57 - 2014-12-17 10:22 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-08-23 19:56 - 2014-12-28 21:29 - 00097888 _____ (Oracle Corporation) E:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-21 19:05 - 2015-05-11 22:40 - 00002186 _____ E:\Users\Public\Desktop\Google Chrome.lnk
2015-08-19 04:11 - 2014-09-23 11:29 - 00003828 _____ E:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411486180
2015-08-19 04:11 - 2014-09-23 11:29 - 00000000 ____D E:\Program Files (x86)\Opera
2015-08-18 08:26 - 2014-09-25 13:11 - 00000000 ___HD E:\Program Files\Common Files\Apple
2015-08-12 14:46 - 2014-09-23 11:33 - 00778440 _____ (Adobe Systems Incorporated) E:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 14:46 - 2014-09-23 11:33 - 00142536 _____ (Adobe Systems Incorporated) E:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 14:46 - 2014-09-23 11:33 - 00003768 _____ E:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 03:57 - 2014-09-04 16:09 - 00000000 ____D E:\Program Files (x86)\Adobe
2015-08-12 03:43 - 2009-07-14 00:45 - 05055960 _____ E:\Windows\system32\FNTCACHE.DAT
2015-08-12 03:41 - 2014-12-20 20:53 - 00000000 ____D E:\Program Files\Microsoft Silverlight
2015-08-12 03:41 - 2014-12-20 20:53 - 00000000 ____D E:\Program Files (x86)\Microsoft Silverlight
2015-08-12 03:35 - 2014-12-10 04:22 - 00000000 ____D E:\Windows\system32\appraiser
2015-08-12 03:35 - 2014-09-24 09:21 - 00000000 ___SD E:\Windows\system32\CompatTel
2015-08-12 03:09 - 2013-10-10 04:07 - 00000000 ____D E:\Windows\system32\MRT
2015-08-12 03:01 - 2010-01-02 14:54 - 132483416 _____ (Microsoft Corporation) E:\Windows\system32\MRT.exe
2015-08-11 22:38 - 2014-12-20 20:53 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Files in the root of some directories =======
2014-12-16 19:31 - 2014-12-16 19:31 - 0025155 __RSH () E:\Program Files (x86)\DLS8Uninstall.log
2014-11-18 13:04 - 2014-11-18 13:04 - 0000112 _____ () E:\Users\Jody\AppData\Roaming\JP2K CS6 Prefs
2014-09-29 09:17 - 2014-09-29 09:17 - 0000017 _____ () E:\Users\Jody\AppData\Local\resmon.resmoncfg
2014-09-25 16:00 - 2014-09-25 16:00 - 0000057 _____ () E:\ProgramData\Ament.ini
Files to move or delete:
====================
E:\Users\Jody\en_res.dll
E:\Users\Jody\es_res.dll
E:\Users\Jody\fr_res.dll
E:\Users\Jody\grm_res.dll
E:\Users\Jody\it_res.dll
E:\Users\Jody\jp_res.dll
E:\Users\Jody\mfc80u.dll
E:\Users\Jody\msvcr80.dll
E:\Users\Jody\PCPE Setup.exe
E:\Users\Jody\pt_res.dll
E:\Users\Jody\ResourceReader.dll
E:\Users\Jody\ru_res.dll
E:\Users\Jody\zh_res.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
E:\Windows\system32\winlogon.exe => File is digitally signed
E:\Windows\system32\wininit.exe => File is digitally signed
E:\Windows\SysWOW64\wininit.exe => File is digitally signed
E:\Windows\explorer.exe => File is digitally signed
E:\Windows\SysWOW64\explorer.exe => File is digitally signed
E:\Windows\system32\svchost.exe => File is digitally signed
E:\Windows\SysWOW64\svchost.exe => File is digitally signed
E:\Windows\system32\services.exe => File is digitally signed
E:\Windows\system32\User32.dll => File is digitally signed
E:\Windows\SysWOW64\User32.dll => File is digitally signed
E:\Windows\system32\userinit.exe => File is digitally signed
E:\Windows\SysWOW64\userinit.exe => File is digitally signed
E:\Windows\system32\rpcss.dll => File is digitally signed
E:\Windows\system32\dnsapi.dll => File is digitally signed
E:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
E:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-05 21:10
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Jody (2015-08-31 17:15:35)
Running from H:\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-965870668-2612282287-2506016020-500 - Administrator - Disabled)
Guest (S-1-5-21-965870668-2612282287-2506016020-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-965870668-2612282287-2506016020-1002 - Limited - Enabled)
Jody (S-1-5-21-965870668-2612282287-2506016020-1000 - Administrator - Enabled) => E:\Users\Jody
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Command & Conquer Tiberian Sun (HKLM-x32\...\{52F25D7D-DEE1-42E7-AB48-D0F014E1F795}_is1) (Version: - Command & Conquer Communications Center)
Company of Heroes 2 - Beta (HKLM-x32\...\Steam App 317170) (Version: - )
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Convert Audio Free FLAC to MP3 version 1.0 (HKLM-x32\...\Convert Audio Free FLAC to MP3_is1) (Version: 1.0 - )
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Dell System Detect (HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\73f463568823ebbe) (Version: 6.3.0.6 - Dell)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.2.0.794 - Sanford, L.P.)
EnterDigital (HKLM\...\EnterDigital) (Version: 2014.10.31.153040 - EnterDigital) <==== ATTENTION
exPressit SE (HKLM-x32\...\{BB42C935-456E-4A6C-B357-FDEE7A59FE21}) (Version: 3.10.0000 - Medea International Ltd)
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
FrostWire 6.1.1 (HKLM-x32\...\FrostWire 6) (Version: 6.1.1.1 - FrostWire LLC)
GEAR driver installer for x86 and x64 (x32 Version: 4.008.5 - GEAR Software) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{F144E07C-4019-4092-BE25-B57819C97D2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PrintProjects (HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\PrintProjects) (Version: 1.0.0.15322 - RocketLife Inc.)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version: - )
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Stamps.com (HKLM-x32\...\Stamps.com) (Version: - Stamps.com, Inc.)
Stamps.com (x32 Version: 12.1.1.2876 - Stamps.com, Inc.) Hidden
Stamps.com Address Book Support for Microsoft Outlook 97-2013 (x32 Version: 12.2.0.2734 - Stamps.com, Inc.) Hidden
Stamps.com Application Support for Microsoft Outlook 2000-2013 (x32 Version: 12.2.0.2732 - Stamps.com, Inc.) Hidden
Stamps.com Application Support for Microsoft Word 2000-2013 (x32 Version: 12.2.0.2734 - Stamps.com, Inc.) Hidden
Stamps.com support for Microsoft Outlook 2000-2013 (HKLM-x32\...\Stamps.com support for Microsoft Outlook 2000-2013) (Version: - Stamps.com, Inc.)
Stamps.com support for Microsoft Outlook 97-2013 (HKLM-x32\...\Stamps.com support for Microsoft Outlook 97-2013) (Version: - Stamps.com, Inc.)
Stamps.com support for Microsoft Word 2000-2013 (HKLM-x32\...\Stamps.com support for Microsoft Word 2000-2013) (Version: - Stamps.com, Inc.)
Stamps.com Web Postage Plug-in (HKLM-x32\...\Stamps.com Web Postage Plug-in) (Version: - Stamps.com, Inc.)
Stamps.com Web Postage Plug-in (x32 Version: 1.1.0.41 - Stamps.com) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WD Quick View (HKLM-x32\...\{5B1CF5E0-D321-4766-AEF1-1E9D1C535A10}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{02FD1EAD-43B8-4D63-AC31-8921005AF2E2}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WinCalendar V4 (HKLM-x32\...\WinCalendar V4) (Version: 4.27 - Sapro Systems)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
15-08-2015 19:34:59 Windows Update
19-08-2015 04:40:42 Windows Update
20-08-2015 03:00:26 Windows Update
23-08-2015 06:05:04 Windows Update
26-08-2015 18:39:53 Windows Update
30-08-2015 00:31:40 Windows Update
30-08-2015 20:52:16 WD SmartWare Installer
30-08-2015 21:01:11 WD SmartWare Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-26 11:53 - 2014-11-21 10:32 - 00000081 ____N E:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 pokercheat.org
127.0.0.1 www.pokercheat.org
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {067F27E9-7BD1-436B-BCC6-FD08687D0D15} - System32\Tasks\AdobeAAMUpdater-1.0-Jody-PC-Jody => E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {085DCFF9-A343-465F-A354-86683A268A69} - System32\Tasks\Adobe Flash Player Updater => E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {15C8E170-844A-4A7C-A8AA-2065013FD99D} - System32\Tasks\{45394C6A-406D-436C-A070-D3460995A4A3} => pcalua.exe -a E:\Users\Jody\AppData\LocalLow\WINZIP_P1c37\Setup.exe -d E:\Users\Jody\AppData\LocalLow\WINZIP_P1c37
Task: {1A21F7F9-EFBC-4499-8F45-9E88E6629F0A} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe
Task: {1E0C6BD2-3629-4199-86F3-BBAE7B3B0220} - System32\Tasks\Adobe Acrobat Update Task => E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2562424C-98D4-4B5D-8CAF-FEE069FC1138} - System32\Tasks\{BB27D070-02F6-4C04-9C82-BDC4846C1920} => pcalua.exe -a "E:\Program Files (x86)\The Weather Channel FW\Desktop\TheWeatherChannelCustomUninstall.exe"
Task: {289C2167-BE0D-4321-9D00-C90F00504871} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Jody-PC-Jody Jody-PC => E:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {2F718805-18FD-4920-ADC3-02EC4FDEF6DC} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3CFA4DC7-FDB0-419C-A66B-E466FA001689} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3F08A894-7D28-4D4F-8614-4FAB89197856} - System32\Tasks\Opera scheduled Autoupdate 1411486180 => E:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {41960A95-4584-4168-8D24-56DBA28B57A8} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {4EC30257-17F2-4726-9892-EA221AB82009} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {531E1647-65A0-4989-ACDC-6BE4E0CACC1B} - System32\Tasks\Norton WSC Integration => E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {599D109B-0CC9-4700-8DBD-1E7F9C5CCB33} - System32\Tasks\{D2332A6C-41F5-483D-A60F-71314CC5E989} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {71104322-7240-4D5A-AC5F-33D3B767507D} - System32\Tasks\Western Digital\SmartWare\____Volume_6c07928c_f4bf_11de_982d_806e6f6e6963______Volume_c9e0eea7_7c7a_11e2_a72b_001fc65f900d__ => E:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2015-07-20] (Western Digital Technologies, Inc.)
Task: {870DEA56-9E24-460E-989B-0BC4B6B4DAA3} - System32\Tasks\Western Digital\SmartWare\____Volume_6c07928a_f4bf_11de_982d_806e6f6e6963______Volume_c9e0eea7_7c7a_11e2_a72b_001fc65f900d__ => E:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2015-07-20] (Western Digital Technologies, Inc.)
Task: {918D1ADE-35A2-4D96-B463-0621BFA7FFD8} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => E:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {A18B7657-12F0-4DE4-8F07-05FB9D83AC6E} - System32\Tasks\{C6A0D68B-BADF-48EF-A465-30370D08F9F0} => e:\program files (x86)\opera\launcher.exe [2015-08-17] (Opera Software)
Task: {AD1FFBE0-B40C-40C3-9012-19E1B1676F21} - System32\Tasks\Microsoft\Office\Office Automatic Updates => E:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {B074409C-2DE5-4486-88D8-F924D2A8E2B6} - System32\Tasks\Norton 360\Norton Error Analyzer => E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {BA4FD2AA-6F26-4DF3-A620-407EA7D92AFC} - System32\Tasks\Norton 360\Norton Error Processor => E:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {C2AA5867-98E3-4693-80B7-151D674B70CA} - System32\Tasks\{4A8BD3B9-7FFA-4403-8246-804C75A92622} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {CDF6CF0A-4AAA-438E-A345-06ACDD323C91} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => E:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {E5AC775C-F1D1-4D6C-B25D-BE564762A12A} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F1EECF24-0364-4BDE-A0AE-CCFA0CA401A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => E:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: E:\Windows\Tasks\Adobe Flash Player Updater.job => E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-10-10 04:09 - 2013-04-15 11:50 - 00198144 _____ () E:\Windows\System32\HP1006LM.DLL
2013-10-10 04:10 - 2013-04-15 11:50 - 00065024 _____ () E:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-10-21 16:11 - 2014-09-09 10:59 - 08896160 ____H () E:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () E:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () E:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-19 06:32 - 2014-05-20 09:19 - 00105640 ____H () E:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 31535264 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-10-10 04:09 - 2013-04-15 11:49 - 04003328 _____ () E:\Windows\system32\spool\DRIVERS\x64\3\HP1006SU.DLL
2013-10-10 04:09 - 2013-04-15 11:49 - 01236992 _____ () E:\Windows\system32\spool\DRIVERS\x64\3\HP1006GC.dll
2013-10-10 04:09 - 2013-04-15 11:50 - 00343552 _____ () E:\Windows\system32\spool\DRIVERS\x64\3\HP1006SD.DLL
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-21 16:11 - 2014-09-09 09:12 - 08896160 ____H () E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2009-09-29 15:51 - 2009-09-29 15:51 - 00090112 _____ () E:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
2009-10-10 23:30 - 2009-10-10 23:30 - 00086528 _____ () E:\Program Files (x86)\Privoxy\mgwz.dll
2015-07-22 15:32 - 2015-07-22 15:32 - 36732592 _____ () E:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2010-05-05 17:51 - 2010-05-05 17:51 - 00002560 _____ () E:\Windows\SysWOW64\CTXFIRES.DLL
2014-11-02 13:00 - 2009-03-26 15:46 - 00148480 _____ () E:\Windows\SysWOW64\APOMngr.DLL
2015-07-16 18:39 - 2015-07-16 18:39 - 00124416 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-07-16 18:39 - 2015-07-16 18:39 - 00121856 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-imslib\node_modules\ref\build\Release\binding.node
2015-07-16 18:39 - 2015-07-16 18:39 - 00122880 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-imslib\node_modules\ffi\build\Release\ffi_bindings.node
2015-07-16 18:39 - 2015-07-16 18:39 - 00188416 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-07-16 18:39 - 2015-07-16 18:39 - 00085504 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\bufferutil.node
2015-07-16 18:39 - 2015-07-16 18:39 - 00086016 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\validation.node
2015-07-16 18:39 - 2015-07-16 18:39 - 00081408 _____ () E:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-08-19 04:10 - 2015-08-19 04:10 - 58600568 _____ () E:\Program Files (x86)\Opera\31.0.1889.174\opera.dll
2015-08-19 04:10 - 2015-08-19 04:10 - 01781368 _____ () E:\Program Files (x86)\Opera\31.0.1889.174\libglesv2.dll
2015-08-19 04:10 - 2015-08-19 04:10 - 00081528 _____ () E:\Program Files (x86)\Opera\31.0.1889.174\libegl.dll
2015-08-12 14:46 - 2015-08-12 14:46 - 16392904 _____ () E:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys => ""="FSFilter Activity Monitor"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SymEFA.sys => ""="FSFilter Activity Monitor"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-965870668-2612282287-2506016020-1000\...\dell.com -> dell.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-965870668-2612282287-2506016020-1000\Control Panel\Desktop\\Wallpaper -> E:\Users\Jody\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: DW6 => "E:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{D706B88E-03C3-484F-93DD-9638AD2067AE}E:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) E:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2AA2A298-02FC-4484-BE6F-69C5B739BF0A}E:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) E:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0669E69D-AA48-4D6F-816B-096B585D5A46}] => (Allow) E:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AB56B441-9F23-44F1-B18F-C213F2CD73BB}] => (Allow) E:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6181C9EF-D982-4F2A-8A8F-B136BE6F7683}] => (Allow) E:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{144A52AF-6BC0-4A36-A401-00ECBF85A24D}] => (Allow) E:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{FDD4C84C-0CE9-44B9-B6CD-1869770121A9}] => (Allow) E:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{9FBE8AE2-DE1B-4C8B-9FCF-D9DC43AB020E}] => (Allow) E:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{365DA440-AFC3-4265-A605-1CBB9168F776}] => (Allow) E:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FFF9F639-764B-4D46-A321-DB49298AC5B1}] => (Allow) E:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EBAC7656-4C84-4D1E-A2CC-B917BA2DD270}] => (Allow) E:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2DFE2D4A-6840-4D03-9B6E-BCD62DE286E0}] => (Allow) E:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{64B4E994-F2B1-4E0E-8C8D-CD604AB7EFF4}] => (Allow) E:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{10BE39B1-E901-4556-B9BD-4CE72B2DE6E7}] => (Allow) E:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{064CF919-2D1C-4AC2-B71F-C74D9F774535}] => (Allow) E:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{225B6285-1300-4877-A013-1A0C151480CB}] => (Allow) E:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{535DC2A7-AF2A-4D6D-9C7F-07F93677BD74}] => (Allow) E:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4AC35877-236A-4FC0-8167-C24DD2749CAD}] => (Allow) E:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{48D3547F-7DDA-40D5-92AA-B21E5AE12EF4}] => (Allow) E:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA2E13F4-FE16-46D0-8276-BB3149BCCBE1}] => (Allow) E:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{419E464A-5088-42EF-9E34-0CC70E13A91C}] => (Allow) E:\Users\Jody\FrostWire\FrostWire 5\FrostWire.exe
FirewallRules: [{F3BEFB4F-0D02-40C8-9053-CF2CC4E8AC62}] => (Allow) E:\Users\Jody\FrostWire\FrostWire 5\FrostWire.exe
FirewallRules: [TCP Query User{AA49BB79-C35C-4B58-A421-2701FBFC139F}E:\program files\pia_manager\openvpn.exe] => (Allow) E:\program files\pia_manager\openvpn.exe
FirewallRules: [UDP Query User{C2C5D5C2-3583-47BD-9736-2A9CCC990CE6}E:\program files\pia_manager\openvpn.exe] => (Allow) E:\program files\pia_manager\openvpn.exe
FirewallRules: [{11B522D7-F4C7-4D4C-8038-189C2D7A4238}] => (Allow) E:\Users\Jody\FrostWire\FrostWire 5\FrostWire.exe
FirewallRules: [{955AD8BA-0A36-4DA7-8BDD-59668CB76242}] => (Allow) E:\Users\Jody\FrostWire\FrostWire 5\FrostWire.exe
FirewallRules: [{AAFDE6DE-6FA2-4BB0-8D20-5950E73E1762}] => (Allow) E:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{9652B871-ECF3-43B4-8C6C-7E90743632FE}] => (Allow) E:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{4597C965-BAE5-4038-A8A6-F69C473DAD8C}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02B43079-2114-4B33-B3A7-261EC42C1E16}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F55ED265-A6BC-4755-8492-35965604E0D3}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F9223314-5FC7-4BCE-AAB7-4E1ABA268D2F}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E50B402-A476-4B77-B3E4-34153DC54BDE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{48B70A55-106D-4F51-BFCE-FEFB6005B4EA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{D8DF0418-8C5C-4646-91A4-28952198915B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{934A2F91-B596-424E-8C02-ACA542C8123A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{3361D4F2-FB9F-48AA-AD80-A183B4824E00}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C1BBB6EE-B444-41F8-AD3D-96C378401723}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{25B3D5F0-EBF0-42A2-B903-8BAE5C271B11}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2 - Beta\RelicCoH2.exe
FirewallRules: [{A59B7A25-B923-4C2B-8092-CC6EB978606F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2 - Beta\RelicCoH2.exe
FirewallRules: [{D3AA2ECD-CFED-46AD-8755-C05FF3DE86E4}] => (Allow) E:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{3853B15E-FE32-4787-B0AC-4D30ED223B27}] => (Allow) E:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{C6C2AF5D-D632-4233-A781-909E11A70611}] => (Allow) E:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{9B1541E9-8BA4-40F9-96FB-B8CAE679A69C}] => (Allow) E:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{A4F10881-E4BC-4E7E-9999-1B4E185A3A6F}] => (Allow) E:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{5C0A1973-1CD0-43FD-BEB3-3F06B5E16A6A}] => (Allow) E:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{3EA5773B-B755-412A-AB26-7D9275541165}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0F5C502-F09A-4278-81AC-93A4E755C069}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1798AA78-4526-4D95-A22D-4952EA5C95AA}] => (Allow) E:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B1397494-8C80-4626-95DA-A4803F416804}] => (Allow) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/30/2015 08:58:13 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Jody-PC)
Description: Application or service 'WD Backup' could not be shut down.
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
System errors:
=============
Error: (08/31/2015 03:01:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/30/2015 08:57:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WDBackup service.
Error: (08/30/2015 12:32:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/29/2015 03:35:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/28/2015 09:13:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/27/2015 12:51:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/26/2015 06:40:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/25/2015 09:41:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/25/2015 12:06:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Error: (08/24/2015 03:42:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.
Microsoft Office:
=========================
Error: (08/30/2015 08:58:13 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Jody-PC)
Description: 0WDBackupEngine.exeWD Backup03026216132200
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (08/19/2015 11:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
CodeIntegrity:
===================================
Date: 2015-07-28 15:49:21.981
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.973
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.965
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.957
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.872
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.864
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.857
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.849
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.803
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-07-28 15:49:21.796
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
==================== Memory info ===========================
Processor: Intel® Core2 Quad CPU Q9450 @ 2.66GHz
Percentage of memory in use: 74%
Total physical RAM: 6143.29 MB
Available physical RAM: 1569.07 MB
Total Virtual: 12284.78 MB
Available Virtual: 5917.62 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:454.64 GB) (Free:357.9 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.12 GB) (Free:1.19 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP2) (Fixed) (Total:465.76 GB) (Free:298.17 GB) NTFS
Drive h: (New Volume) (Fixed) (Total:465.64 GB) (Free:393.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: ED244A76)
Partition 1: (Active) - (Size=454.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BE7B56BD)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: B074C539)
Partition: GPT.
==================== End of Addition.txt ============================