Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows is slow, blue screen, chrome freezes, Win explorer error [Solv


  • This topic is locked This topic is locked

#1
Noob88

Noob88

    Member

  • Member
  • PipPip
  • 62 posts

Hi Geeks to Go,

 

My computer has been running really slow and I just got the blue screen. I am now in safe mode writing on this forum. 

I have Windows 7, Chrome has been very slow and crashes the computer and Windows explorer crashes a few times a day as well.

 

I ran the Farbar scan and the scan logs are below:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Mike (administrator) on NOVO (27-10-2015 21:31:54)
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike (Available Profiles: Mike & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2851112 2011-11-17] (Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [85832 2011-07-14] (Authentec Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [42344 2011-07-22] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [Google Update] => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] => C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\RunOnce: [Application Restart #0] => C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {2c0ea76d-4d47-11e1-be19-f0def1a0a3c0} - E:\unlock.exe autoplay=true
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {3ecc345c-3638-11e1-aeae-f0def1a0a3c0} - G:\Setup.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {6be17db0-3e38-11e1-a928-f0def1a0a3c0} - E:\SISetup.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {ff3a0869-b38d-11e3-a0fa-f0def1a0a3c0} - E:\VZW_Software_upgrade_assistant.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{15A8BA84-6581-49E1-98F1-15C3A7981381}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A450661C-EC5A-4720-AA24-BE0BF29AB773}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{C32911B3-7068-4F37-8F7F-68EFDDFFCB0B}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-09] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-09] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D111614-AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT3330962
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Bing
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-10-15] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2011-07-14] (the VideoLAN Team)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @talk.google.com/O1DPlugin -> C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml [2012-05-23]
FF Extension: Media Stealer - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default\Extensions\[email protected] [2015-08-09]
FF Extension: Video DownloadHelper - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-09]
FF Extension: Adblock Plus - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-09]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://mail.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-14]
CHR Extension: (Video Downloader professional) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-08-09]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-09]
CHR Extension: (AdBlock) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-14]
CHR Extension: (Pin It Button) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-12]
CHR HKU\S-1-5-21-891366033-3339291566-2793857052-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Mike\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-31] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-12-01] (Lenovo.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-01-03] (Macrovision Europe Ltd.) [File not signed]
S2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2012-04-12] (Macrovision                                                    )
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S2 lxcr_device; C:\Windows\system32\lxcrcoms.exe [566192 2006-12-11] ( )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
S2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-26] (Lenovo Group Limited) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-27] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-08-06] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-03] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16896 2012-11-07] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2011-10-15] (NVIDIA Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 XHCIPort; system32\DRIVERS\XHCIPort.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-27 21:31 - 2015-10-27 21:32 - 00022072 _____ C:\Users\Mike\Downloads\FRST.txt
2015-10-27 21:30 - 2015-10-27 21:31 - 00000000 ____D C:\FRST
2015-10-27 21:30 - 2015-10-27 21:30 - 02197504 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2015-10-27 21:24 - 2015-10-27 21:24 - 1163844070 _____ C:\Windows\MEMORY.DMP
2015-10-27 21:24 - 2015-10-27 21:24 - 00303024 _____ C:\Windows\Minidump\102715-26442-01.dmp
2015-10-14 04:00 - 2015-09-28 23:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 04:00 - 2015-09-28 23:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 04:00 - 2015-09-28 23:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 04:00 - 2015-09-28 23:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 04:00 - 2015-09-28 23:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 04:00 - 2015-09-28 23:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 04:00 - 2015-09-28 23:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 04:00 - 2015-09-28 23:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 04:00 - 2015-09-28 23:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 04:00 - 2015-09-28 23:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 04:00 - 2015-09-28 23:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 04:00 - 2015-09-28 23:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 04:00 - 2015-09-28 23:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 04:00 - 2015-09-28 22:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 04:00 - 2015-09-28 22:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 04:00 - 2015-09-28 22:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 04:00 - 2015-09-28 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 04:00 - 2015-09-28 22:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 04:00 - 2015-09-28 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 04:00 - 2015-09-28 22:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 04:00 - 2015-09-28 22:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 04:00 - 2015-09-28 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 04:00 - 2015-09-28 22:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 04:00 - 2015-09-28 22:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 04:00 - 2015-09-28 22:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 04:00 - 2015-09-28 22:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 04:00 - 2015-09-28 22:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 04:00 - 2015-09-28 22:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 21:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 04:00 - 2015-09-28 21:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 04:00 - 2015-09-28 21:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 04:00 - 2015-09-28 21:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 04:00 - 2015-09-28 21:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 04:00 - 2015-09-28 21:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 21:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 21:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 04:00 - 2015-09-28 21:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 04:00 - 2015-09-15 14:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 04:00 - 2015-09-15 14:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 04:00 - 2015-09-15 14:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 04:00 - 2015-09-15 14:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 04:00 - 2015-09-15 14:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 04:00 - 2015-09-15 14:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 04:00 - 2015-09-15 14:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 04:00 - 2015-09-15 14:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 04:00 - 2015-09-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 04:00 - 2015-09-15 13:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 04:00 - 2015-09-15 13:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 04:00 - 2015-09-15 13:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 04:00 - 2015-09-15 13:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 03:41 - 2015-10-14 03:41 - 00001424 _____ C:\Windows\PFRO.log
2015-10-13 19:56 - 2015-09-18 15:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 19:56 - 2015-09-18 14:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 19:56 - 2015-09-16 00:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 19:56 - 2015-09-16 00:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 19:56 - 2015-09-16 00:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:56 - 2015-09-16 00:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 19:56 - 2015-09-16 00:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 19:56 - 2015-09-16 00:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 19:56 - 2015-09-16 00:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 19:56 - 2015-09-16 00:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:56 - 2015-09-16 00:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:56 - 2015-09-16 00:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 19:56 - 2015-09-16 00:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 19:56 - 2015-09-16 00:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 19:56 - 2015-09-16 00:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 19:56 - 2015-09-16 00:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 19:56 - 2015-09-16 00:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 19:56 - 2015-09-16 00:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 19:56 - 2015-09-16 00:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:56 - 2015-09-16 00:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:56 - 2015-09-15 23:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 19:56 - 2015-09-15 23:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 19:56 - 2015-09-15 23:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:56 - 2015-09-15 23:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 19:56 - 2015-09-15 23:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 19:56 - 2015-09-15 23:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 19:56 - 2015-09-15 23:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 19:56 - 2015-09-15 23:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 19:56 - 2015-09-15 23:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 19:56 - 2015-09-15 23:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 19:56 - 2015-09-15 23:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 19:56 - 2015-09-15 23:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 19:56 - 2015-09-15 23:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 19:56 - 2015-09-15 23:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 19:56 - 2015-09-15 23:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 19:56 - 2015-09-15 23:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 19:56 - 2015-09-15 23:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 19:56 - 2015-09-15 23:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:56 - 2015-09-15 23:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 19:56 - 2015-09-15 23:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 19:56 - 2015-09-15 23:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 19:56 - 2015-09-15 23:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 19:56 - 2015-09-15 23:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 19:56 - 2015-09-15 23:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 19:56 - 2015-09-15 23:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 19:56 - 2015-09-15 23:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 19:56 - 2015-09-15 23:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 19:56 - 2015-09-15 23:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 19:56 - 2015-09-15 23:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:56 - 2015-09-15 23:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 19:56 - 2015-09-15 23:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 19:56 - 2015-09-15 23:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 19:56 - 2015-09-15 23:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 19:56 - 2015-09-15 23:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 19:56 - 2015-09-15 22:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 19:56 - 2015-09-15 22:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 19:56 - 2015-09-15 22:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 19:56 - 2015-09-15 22:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 19:56 - 2015-09-15 22:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 19:56 - 2015-09-15 22:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 19:56 - 2015-09-15 22:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 19:56 - 2015-09-15 22:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 19:56 - 2015-09-15 22:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 19:56 - 2015-09-15 22:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 19:56 - 2015-08-06 14:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 19:56 - 2015-08-06 14:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:56 - 2015-08-06 13:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 19:56 - 2015-08-06 13:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 19:55 - 2015-09-25 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 19:55 - 2015-09-25 14:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 19:55 - 2015-09-25 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:55 - 2015-09-25 14:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 19:55 - 2015-09-25 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:55 - 2015-09-25 13:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 19:55 - 2015-09-25 13:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 19:55 - 2015-09-25 13:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 19:55 - 2015-09-25 13:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 19:55 - 2015-09-25 13:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 19:54 - 2015-10-01 14:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 19:54 - 2015-10-01 14:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 19:54 - 2015-10-01 14:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:54 - 2015-10-01 14:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:54 - 2015-10-01 14:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 19:54 - 2015-10-01 14:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 19:54 - 2015-10-01 14:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:54 - 2015-10-01 13:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 19:54 - 2015-10-01 13:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-11 13:40 - 2015-10-11 14:15 - 00022016 _____ C:\Users\Mike\Desktop\Property 2015.xls
2015-10-04 19:40 - 2015-10-26 19:37 - 00000672 _____ C:\Windows\setupact.log
2015-10-04 19:40 - 2015-10-04 19:40 - 00000000 _____ C:\Windows\setuperr.log
2015-10-02 22:51 - 2015-10-02 22:52 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-02 22:50 - 2015-10-02 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-02 22:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-02 22:50 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-02 22:50 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-02 22:49 - 2015-10-02 22:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-02 22:47 - 2015-10-02 22:47 - 00012138 _____ C:\Users\Mike\Documents\cc_20151002_224711.reg
2015-10-02 22:43 - 2015-10-02 22:43 - 00265288 _____ C:\Users\Mike\Documents\cc_20151002_224249.reg
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-27 21:29 - 2009-07-14 01:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-27 21:26 - 2012-04-18 23:07 - 01180325 _____ C:\Windows\WindowsUpdate.log
2015-10-27 21:24 - 2012-07-31 19:55 - 00000000 ____D C:\Windows\Minidump
2015-10-27 21:21 - 2012-01-03 14:06 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000UA.job
2015-10-27 21:13 - 2012-02-09 13:04 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-27 21:13 - 2012-01-03 14:06 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000Core.job
2015-10-27 21:12 - 2013-01-05 21:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 21:12 - 2012-02-09 13:04 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 19:48 - 2009-07-14 00:45 - 00014848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 19:48 - 2009-07-14 00:45 - 00014848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 19:39 - 2012-01-03 15:32 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-10-26 19:37 - 2012-01-03 12:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-26 19:37 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-25 22:02 - 2012-01-04 10:23 - 00000000 ____D C:\Users\Mike\Desktop\Docs
2015-10-22 21:47 - 2012-11-17 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-15 22:28 - 2014-08-12 20:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 04:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-10-14 20:28 - 2013-08-05 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-14 03:41 - 2014-07-18 21:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-14 03:24 - 2012-01-03 16:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-10 22:01 - 2014-03-15 19:59 - 00019234 _____ C:\Users\Mike\Desktop\List.xlsx
2015-10-05 08:25 - 2015-03-15 14:55 - 00001024 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-10-05 08:19 - 2015-02-06 00:02 - 00000000 ____D C:\ProgramData\LogMeIn
2015-10-05 08:19 - 2015-02-05 23:57 - 00000000 ____D C:\Users\Mike\AppData\Local\LogMeInIgnition
2015-09-27 08:31 - 2013-08-05 19:30 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-27 08:31 - 2013-08-05 19:30 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
 
==================== Files in the root of some directories =======
 
2012-01-08 12:06 - 2015-07-13 23:44 - 0000132 _____ () C:\Users\Mike\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-04-08 23:45 - 2014-04-09 16:03 - 0001456 _____ () C:\Users\Mike\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-02-10 23:12 - 2013-02-10 23:14 - 0023565 _____ () C:\Users\Mike\AppData\Local\WiDiSetupLog.20130210.221239.txt
2013-02-19 21:02 - 2013-02-19 21:04 - 0032601 _____ () C:\Users\Mike\AppData\Local\WiDiSetupLog.20130219.200209.txt
2015-04-25 18:33 - 2015-04-25 18:36 - 0049659 _____ () C:\Users\Mike\AppData\Local\WiDiSetupLog.20150425.183336.wdl
 
Some files in TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-22 23:15
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Mike (2015-10-27 21:32:51)
Running from C:\Users\Mike\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-01-03 15:19:10)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-891366033-3339291566-2793857052-500 - Administrator - Disabled)
Guest (S-1-5-21-891366033-3339291566-2793857052-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-891366033-3339291566-2793857052-1005 - Limited - Enabled)
Mike (S-1-5-21-891366033-3339291566-2793857052-1000 - Administrator - Enabled) => C:\Users\Mike
UpdatusUser (S-1-5-21-891366033-3339291566-2793857052-1003 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - )
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.2.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat 9.2.0 - CPSID_50026 (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}_920) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
Akamai NetSession Interface (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
AutoCAD 2010 - English (HKLM\...\AutoCAD 2010 - English) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - English (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - English (Version: 18.0.55.0 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Revit Architecture 2012 (HKLM\...\Autodesk Revit Architecture 2012) (Version: 11.03.09231 - Autodesk)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Brother MFL-Pro Suite HL-2280DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Bullzip PDF Printer 7.2.0.1304 (HKLM\...\Bullzip PDF Printer_is1) (Version: 7.2.0.1304 - Bullzip)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.29 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.2 - Conexant)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Dropbox (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
ECOTECT v5.50 (HKLM-x32\...\{F0851A2E-4EF0-4860-AD92-EC012599BEF1}_is1) (Version: v5.50 - Square One research)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Free CUDA Video Converter 6 (HKLM-x32\...\{7534AD6F-A485-42A4-AE5A-43828817F29A}_is1) (Version:  - CUDA Studio)
Free Easy Burner V 4.4.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 4.4.1.0 - Koyote soft)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.)
Google Chrome (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPL Ghostscript Lite 9.04 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version:  - )
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel® WiDi (HKLM\...\{BE7E45FA-7F97-4155-87CF-2DEA398995DA}) (Version: 4.2.21.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Maxwell (HKLM-x32\...\Maxwell) (Version:  - )
Maxwell for Rhinoceros 4 (HKLM-x32\...\{01D24952-1219-406D-9281-B0DA28C8AFD1}) (Version: 1.0.3 - Next Limit Technologies)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Graphics Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA nView 136.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.02 - NVIDIA Corporation)
NVIDIA Performance Driver for Autodesk AutoCAD 2010 (HKLM\...\NVIDIA Autodesk AutoCAD 2010 Performance Driver) (Version: nvd3d10: 0.18.2.1  - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickMonitorProfile 2.1.0.1 (HKLM-x32\...\QuickMonitorProfile_is1) (Version: 2.1.0.1 - Eberhard Werle)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Revit Architecture 2012 (Version: 11.03.09231 - Autodesk) Hidden
Revit Architecture 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version:  - )
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR4 (HKLM-x32\...\{D57F1897-D0F5-4E5F-99BA-80815B43283A}) (Version: 4.0.30807 - Robert McNeel & Associates)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Screencast-O-Matic (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab for Intel (64-bit) (HKLM\...\{419B57C2-BEB5-4201-91F5-CEF73F24C219}) (Version: 4.5.13.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.64.00.00 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.65 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.34.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.08 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{C2938C94-239C-4156-B245-C5406A4F3E93}) (Version: 5.9.5.7038 - Authentec Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Vectorworks 2010 Help (HKLM-x32\...\net.nemetschek.vectorworks.2010.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2010 Help (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2011 Help (HKLM-x32\...\net.nemetschek.vectorworks.2011.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2011 Help (x32 Version: 1.0 - UNKNOWN) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
V-Ray for Rhinoceros (HKLM-x32\...\{40625DE4-DCDB-44FE-84B5-E65F1365BF44}) (Version: 01.05.29 - ASGvis, LLC)
V-Ray for Rhinoceros (x32 Version: 01.01.71 - ASGvis, LLC) Hidden
V-Ray for Rhinoceros (x32 Version: 01.05.29 - ASGvis, LLC) Hidden
V-Ray for SketchUp (HKLM-x32\...\V-Ray for SketchUp 1.49.01) (Version: 1.49.01 - ASGVIS)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Architecture 2012\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2012-01-03 14:20 - 00001262 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {61110D5A-D72E-4352-8633-F112509ED16A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {748D0827-2F85-4C7B-88ED-F8487B9FCA77} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {8FC66427-0E75-4820-A4E4-EFA13F99C5A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000Core => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AE08236D-0833-48CC-8F36-C9803E4D08C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C0655EA4-3B1D-4648-8915-C93ECBB18A73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CA069FB5-7A87-4DFD-93DE-096546EE24ED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000UA => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {DC2D01BB-7443-4D58-97CD-98C4CF5849E9} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-12-01] (Lenovo Group Limited)
Task: {F80EADD2-70FC-4F40-860B-C7BF4C9ACA9F} - System32\Tasks\AdobeAAMUpdater-1.0-NOVO-Mike => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FE9E4968-D289-47D4-8B7C-F576DEDA9F59} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-22] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000Core.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000UA.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-01-03 12:01 - 2011-12-01 04:05 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\verizon.net -> hxxps://activate.verizon.net
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AMPPALR3 => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: BTHSSecurityMgr => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: lxcrmon.exe => "C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{CA635448-ED1A-4E2C-AF10-214611A26205}C:\program files (x86)\next limit\maxwell\mxcl.exe] => (Allow) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [UDP Query User{8549F199-1F23-491D-80B9-237B5E409ECF}C:\program files (x86)\next limit\maxwell\mxcl.exe] => (Allow) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [{F49C39FE-50E3-41AD-B02A-8C46B2046B0C}] => (Block) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [{37D88899-31CF-492B-8385-73E5C2808D0F}] => (Block) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [TCP Query User{15D4806A-BBAB-46C6-ACC7-B4E0EE8CA29B}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{2DFE33C5-7A67-49EE-AA74-97E7E693500E}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{59E90254-1017-427A-85E7-4E0B5D0941EB}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{BD5545D4-A7E5-460E-9FE7-CE42AF267409}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{38B11B45-E6C6-4D60-97F3-F453F158F14C}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zSFC39.tmp\EasyInst64.exe
FirewallRules: [{34417780-59B0-465F-90FB-189622F3F191}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zSFC39.tmp\EasyInst64.exe
FirewallRules: [{B8031B85-751A-45A4-A566-5328F5B1B2A9}] => (Allow) LPort=9100
FirewallRules: [{ADD98A39-DCA8-485E-BA54-B941F433A5ED}] => (Allow) LPort=427
FirewallRules: [{0DE94FDE-874C-499E-9CC1-4EBA568490A9}] => (Allow) LPort=161
FirewallRules: [{9041D1C8-7B89-4DCA-A711-E44106838BEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7F9616FA-D825-460A-AE07-0E169F94993D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8CFE0C17-860C-4857-B329-43A584D2A268}] => (Allow) C:\Windows\SysWOW64\lxcrcoms.exe
FirewallRules: [{5FDEB803-631B-48A7-BB0A-2EE850777478}] => (Allow) C:\Windows\SysWOW64\lxcrcoms.exe
FirewallRules: [TCP Query User{121CD664-0D58-45AF-A502-6DEBC81CC2D7}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [UDP Query User{5358E5E9-9253-4B1E-811F-B5E8B5B3F80D}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [TCP Query User{BC0C4266-087F-4D0E-BF59-479EA9B17605}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [UDP Query User{3D8AC76B-C806-4C7D-8303-43298F70FF01}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [TCP Query User{2469CC29-A313-4129-9D3E-BCE639EB50FC}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{16749A78-11AD-45DE-92F3-4EC1379E771E}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{DECF12FC-D4C6-407E-9BA6-0D39F3BA8EFA}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{76C0F08D-656A-4ED1-BAE7-FC7D39560A49}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{DABC6AB3-AEC8-45DC-879F-3EC6EAF7F195}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{08A7CB66-B9F9-4EFD-B75F-5A45A4DD2B92}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{9276208D-BAC1-4C7E-A431-64EDA60D4302}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
FirewallRules: [{091EA4E0-85E8-452E-A747-300335290B03}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
FirewallRules: [{F14629E8-9EF8-4961-9656-2DA914DFE5E9}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\LXCRaiox.exe
FirewallRules: [{A20AB9EB-1D5C-4493-9C82-FE15A8DFD813}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\LXCRaiox.exe
FirewallRules: [{ED046BC8-7D10-4DE7-96EA-593E2D0C2EB5}] => (Allow) C:\Windows\System32\lxcrcoms.exe
FirewallRules: [{7C4960EB-CC06-4ECA-AF3C-BEE4B3B19CD2}] => (Allow) C:\Windows\System32\lxcrcoms.exe
FirewallRules: [{3B8B0A5E-9CCA-4E39-8E1B-4D9FEECDB586}] => (Allow) LPort=135
FirewallRules: [{B80181B3-AA87-4764-8B3F-F581FFD9A0BF}] => (Allow) LPort=5000
FirewallRules: [{9B03DCA9-94B7-474D-A370-C8056BA57A1D}] => (Allow) LPort=5001
FirewallRules: [{60F98BC0-1F2A-4F60-A668-BDCBB232B3D2}] => (Allow) LPort=5002
FirewallRules: [{166A636D-7B06-4A9C-864B-F37FD6504703}] => (Allow) LPort=5003
FirewallRules: [{3E97C8E3-0A16-4862-B9E9-70344E05A8FF}] => (Allow) LPort=5004
FirewallRules: [{CD859C10-C40B-48F9-AB9C-8E806BE90223}] => (Allow) LPort=5005
FirewallRules: [{5103DB80-D195-4BF5-AF81-CD65E97E7860}] => (Allow) LPort=5006
FirewallRules: [{8C6F0710-C170-4B5C-AE7B-09EFFFF8470F}] => (Allow) LPort=5007
FirewallRules: [{381E4F33-24A7-4489-8AE2-85AF3A484D21}] => (Allow) LPort=5008
FirewallRules: [{53713508-7AE4-441C-8F2E-080A5E7087FD}] => (Allow) LPort=5009
FirewallRules: [{A625966C-4D5F-405B-80CC-72EB951D9186}] => (Allow) LPort=5010
FirewallRules: [{0CFDEE92-DFBF-4243-BFF3-DD6452B132A0}] => (Allow) LPort=5011
FirewallRules: [{2B0B681D-1006-4868-AFA7-75A021BEBA30}] => (Allow) LPort=5012
FirewallRules: [{2242C70C-0E8D-454B-9C74-EE05531FA99B}] => (Allow) LPort=5013
FirewallRules: [{F7FEB3E1-0733-4349-AF22-D72AE4FBB9AE}] => (Allow) LPort=5014
FirewallRules: [{75E6888A-CF89-4890-9387-B1A0A9BD25AF}] => (Allow) LPort=5015
FirewallRules: [{B50EB014-0975-4B24-9006-84A0D6DF3CCD}] => (Allow) LPort=5016
FirewallRules: [{B54014BD-F6DA-493D-891F-5561FCC3FAC8}] => (Allow) LPort=5017
FirewallRules: [{468BAFC3-0338-4A2D-BEEE-428D7BF51B07}] => (Allow) LPort=5018
FirewallRules: [{06D00777-03D3-4712-A45B-07F26AB3BFC7}] => (Allow) LPort=5019
FirewallRules: [{2C07D709-21D9-4FA4-A3BE-9675312A0536}] => (Allow) LPort=5020
FirewallRules: [{14839E3C-A6A1-4774-93BA-400FCC1D735E}] => (Allow) LPort=50000
FirewallRules: [{8FE71280-88DB-4720-97EF-35C504272605}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9CECF5D7-198E-4426-A983-E20D4519B29E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{4A3C614F-7988-48C7-9FFC-0151C12669C8}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9AEF8A98-1117-4A85-8484-0D509931214F}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DF8B700-8BBA-4F4F-AB5A-FAC9241E46F6}C:\program files (x86)\vectorworks2011\vectorworks2011.exe] => (Allow) C:\program files (x86)\vectorworks2011\vectorworks2011.exe
FirewallRules: [UDP Query User{86A3EE75-5CD9-441F-BECC-ACAB5D72E277}C:\program files (x86)\vectorworks2011\vectorworks2011.exe] => (Allow) C:\program files (x86)\vectorworks2011\vectorworks2011.exe
FirewallRules: [TCP Query User{9469AF89-12C3-403E-8B25-B0C677DEE09F}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{3022C647-775D-410C-BC8B-AF78C835BC58}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{38C8D47C-36A3-436A-95D9-B0508112F623}] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{151ECF66-33FB-40B9-8685-A44F6605C7D3}] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [TCP Query User{3BC27038-1E38-48D5-AA6E-704A81087E11}C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe
FirewallRules: [UDP Query User{EA28E174-5E29-487B-B7AF-B0E3E44E2713}C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe
FirewallRules: [{C957F756-6573-4338-BB0A-AE9E9003E971}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CBA6B8BE-3ABA-445E-B732-45B28B083D65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{13DE630F-18D2-4237-857F-B5E148AD15C8}C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe
FirewallRules: [UDP Query User{8A6AE980-70C2-4885-A40C-8BEE30F2AF57}C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe
FirewallRules: [TCP Query User{E98D8DA5-1C79-4AEE-87CC-78836A5C790C}C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe
FirewallRules: [UDP Query User{DA5B1B39-A98F-4233-AF8C-8872778D1AAF}C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe
FirewallRules: [TCP Query User{2188930E-F82D-4AA7-B273-3AA1B39C33C7}C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe
FirewallRules: [UDP Query User{6517D35A-A78A-40BD-9296-BFF19B32EA04}C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe
FirewallRules: [{FA3F3B4B-39B2-4E4B-BB92-3EE1708144D1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [TCP Query User{A8C10A64-2962-4AF6-85B7-84D33C4DB864}C:\users\mike\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\logmein client\lmiignition.exe
FirewallRules: [UDP Query User{5DC4AED7-9138-4A63-AE84-4615B398D88A}C:\users\mike\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\logmein client\lmiignition.exe
FirewallRules: [TCP Query User{7A731A09-B454-4BB2-BF17-FF856A756480}C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe
FirewallRules: [UDP Query User{7AB77C3F-1134-4F47-8312-67758839E3C2}C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe
FirewallRules: [TCP Query User{BE7CDE52-EBEB-4A24-965E-80055EE4431B}C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe
FirewallRules: [UDP Query User{E637C200-6F7E-4BAB-B6E2-1B024BBD4226}C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe
FirewallRules: [TCP Query User{7EE9CF24-ACF3-408B-A366-B253EFCEEFC4}C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe
FirewallRules: [UDP Query User{CCCDFA74-D4C2-416F-ADEC-9675779FA26B}C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe
FirewallRules: [TCP Query User{AB5B0176-B829-4F0B-A825-9745C51EE85E}C:\users\mike\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mike\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{CC85EF5C-1675-4F35-A373-F2AF79268A4F}C:\users\mike\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mike\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{5A5BC323-0158-4501-AB6D-8EFA330D3C10}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{389B0937-8262-4DDD-9184-63045DA80688}C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe
FirewallRules: [UDP Query User{5A95E609-75F7-4E12-A613-B3951E9031B4}C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/27/2015 09:30:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Faulting module name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Exception code: 0xc0000094
Fault offset: 0x0000000000071caa
Faulting process id: 0x4e8
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (10/27/2015 09:26:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (10/27/2015 09:26:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (10/26/2015 07:46:55 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\Fonts\StaticCache.dat for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Desktop Window Manager because of this error.
 
Program: Desktop Window Manager
File: C:\Windows\Fonts\StaticCache.dat
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (10/26/2015 07:46:55 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DA92EDFB65CABA331BF6884CE768ECE6E35029BE.bin.80 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
 
Program: Host Process for Windows Services
File: C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DA92EDFB65CABA331BF6884CE768ECE6E35029BE.bin.80
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (10/26/2015 07:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000006
Fault offset: 0x0000000000001310
Faulting process id: 0xb7c
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3
 
Error: (10/26/2015 07:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WinDefend, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mpengine.dll, version: 1.1.12205.0, time stamp: 0x561cce4d
Exception code: 0xc0000006
Fault offset: 0x00000000001d103c
Faulting process id: 0x1388
Faulting application start time: 0xsvchost.exe_WinDefend0
Faulting application path: svchost.exe_WinDefend1
Faulting module path: svchost.exe_WinDefend2
Report Id: svchost.exe_WinDefend3
 
Error: (10/26/2015 07:46:55 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\SysWOW64\propsys.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Google Chrome because of this error.
 
Program: Google Chrome
File: C:\Windows\SysWOW64\propsys.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (10/26/2015 07:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 46.0.2490.80, time stamp: 0x56262c73
Faulting module name: PROPSYS.dll, version: 7.0.7601.17514, time stamp: 0x4ce7b983
Exception code: 0xc0000006
Fault offset: 0x00063672
Faulting process id: 0x14ac
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (10/24/2015 09:37:09 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DA92EDFB65CABA331BF6884CE768ECE6E35029BE.bin.7C for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
 
Program: Host Process for Windows Services
File: C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DA92EDFB65CABA331BF6884CE768ECE6E35029BE.bin.7C
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
 
System errors:
=============
Error: (10/27/2015 09:32:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:32:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:32:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:32:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:31:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (10/27/2015 09:30:36 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
 
Error: (10/27/2015 09:30:36 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
Error: (10/27/2015 09:27:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2720QM CPU @ 2.20GHz
Percentage of memory in use: 11%
Total physical RAM: 16337.23 MB
Available physical RAM: 14500.6 MB
Total Virtual: 32672.68 MB
Available Virtual: 30846.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:416.83 GB) (Free:194.64 GB) NTFS
Drive f: () (Fixed) (Total:48.83 GB) (Free:27.98 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4E66962E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Another FYI, there were no system restore points for me to fall back on. My computer acted up not too long ago and all the points somehow disappeared. Since then the computer has been running slower than usual and eventually built up to all the problems I listed in my first post. Thanks!


  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Sorry for the delay, could you run some fresh FRST scans for me please
  • 0

#4
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Sure thing here you go:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Mike (administrator) on NOVO (01-11-2015 17:20:22)
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike & UpdatusUser (Available Profiles: Mike & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
( ) C:\Windows\System32\lxcrcoms.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ismagent.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\updateui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2851112 2011-11-17] (Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [85832 2011-07-14] (Authentec Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [42344 2011-07-22] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [Google Update] => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Run: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] => C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\RunOnce: [Application Restart #0] => C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {2c0ea76d-4d47-11e1-be19-f0def1a0a3c0} - E:\unlock.exe autoplay=true
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {3ecc345c-3638-11e1-aeae-f0def1a0a3c0} - G:\Setup.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {6be17db0-3e38-11e1-a928-f0def1a0a3c0} - E:\SISetup.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\MountPoints2: {ff3a0869-b38d-11e3-a0fa-f0def1a0a3c0} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Run: [Google Update] => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Run: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] => C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\MountPoints2: {2c0ea76d-4d47-11e1-be19-f0def1a0a3c0} - E:\unlock.exe autoplay=true
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\MountPoints2: {6be17db0-3e38-11e1-a928-f0def1a0a3c0} - E:\SISetup.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\MountPoints2: {96defea8-3636-11e1-b110-806e6f6e6963} - D:\start.exe
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\MountPoints2: {d9bd1d52-44fd-11e2-b15b-f0def1a0a3c0} - E:\setup.exe -a
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{15A8BA84-6581-49E1-98F1-15C3A7981381}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A450661C-EC5A-4720-AA24-BE0BF29AB773}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{C32911B3-7068-4F37-8F7F-68EFDDFFCB0B}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-09] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-09] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D111614-AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT3330962
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Bing
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-10-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-10-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2011-07-14] (the VideoLAN Team)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @talk.google.com/O1DPlugin -> C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-891366033-3339291566-2793857052-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml [2012-05-23]
FF Extension: Media Stealer - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default\Extensions\[email protected] [2015-08-09]
FF Extension: Video DownloadHelper - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-09]
FF Extension: Adblock Plus - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hsepgo5d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-09]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://mail.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-14]
CHR Extension: (Video Downloader professional) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-08-09]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-09]
CHR Extension: (AdBlock) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-14]
CHR Extension: (Pin It Button) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-12]
CHR HKU\S-1-5-21-891366033-3339291566-2793857052-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Mike\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-08-31] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-12-01] (Lenovo.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-01-03] (Macrovision Europe Ltd.) [File not signed]
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2012-04-12] (Macrovision                                                    )
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 lxcr_device; C:\Windows\system32\lxcrcoms.exe [566192 2006-12-11] ( )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-08-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-03] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16896 2012-11-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249152 2011-10-15] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 XHCIPort; system32\DRIVERS\XHCIPort.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-01 17:20 - 2015-11-01 17:20 - 00000000 ____D C:\Users\Mike\Downloads\FRST-OlderVersion
2015-11-01 08:46 - 2015-11-01 08:47 - 00000000 ____D C:\f5886bff6abcd6ee5a7174634976
2015-10-27 20:32 - 2015-10-27 20:32 - 00056321 _____ C:\Users\Mike\Downloads\Addition.txt
2015-10-27 20:31 - 2015-11-01 17:21 - 00028513 _____ C:\Users\Mike\Downloads\FRST.txt
2015-10-27 20:30 - 2015-11-01 17:20 - 02198016 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2015-10-27 20:30 - 2015-11-01 17:20 - 00000000 ____D C:\FRST
2015-10-27 20:24 - 2015-10-27 20:24 - 1163844070 _____ C:\Windows\MEMORY.DMP
2015-10-27 20:24 - 2015-10-27 20:24 - 00303024 _____ C:\Windows\Minidump\102715-26442-01.dmp
2015-10-14 03:00 - 2015-09-28 22:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 03:00 - 2015-09-28 22:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 03:00 - 2015-09-28 22:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 03:00 - 2015-09-28 22:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 03:00 - 2015-09-28 22:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 03:00 - 2015-09-28 22:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 03:00 - 2015-09-28 22:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 03:00 - 2015-09-28 22:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 03:00 - 2015-09-28 22:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 03:00 - 2015-09-28 22:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 03:00 - 2015-09-28 22:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 03:00 - 2015-09-28 22:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 03:00 - 2015-09-28 22:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 22:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 03:00 - 2015-09-28 21:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 03:00 - 2015-09-28 21:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 03:00 - 2015-09-28 21:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 03:00 - 2015-09-28 21:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 03:00 - 2015-09-28 21:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 03:00 - 2015-09-28 21:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 03:00 - 2015-09-28 21:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 03:00 - 2015-09-28 21:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 03:00 - 2015-09-28 21:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 03:00 - 2015-09-28 21:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 03:00 - 2015-09-28 21:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 03:00 - 2015-09-28 21:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 03:00 - 2015-09-28 21:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 03:00 - 2015-09-28 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 03:00 - 2015-09-28 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 21:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 20:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 03:00 - 2015-09-28 20:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 03:00 - 2015-09-28 20:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 03:00 - 2015-09-28 20:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 03:00 - 2015-09-28 20:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 03:00 - 2015-09-28 20:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 20:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 20:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 03:00 - 2015-09-28 20:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 03:00 - 2015-09-15 13:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 03:00 - 2015-09-15 13:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 03:00 - 2015-09-15 13:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 03:00 - 2015-09-15 13:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 03:00 - 2015-09-15 13:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 03:00 - 2015-09-15 13:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 03:00 - 2015-09-15 13:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 03:00 - 2015-09-15 13:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 03:00 - 2015-09-15 13:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 03:00 - 2015-09-15 12:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 03:00 - 2015-09-15 12:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 03:00 - 2015-09-15 12:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 03:00 - 2015-09-15 12:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 02:41 - 2015-10-14 02:41 - 00001424 _____ C:\Windows\PFRO.log
2015-10-13 18:56 - 2015-09-18 14:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 18:56 - 2015-09-18 13:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 18:56 - 2015-09-15 23:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 18:56 - 2015-09-15 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 18:56 - 2015-09-15 23:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 18:56 - 2015-09-15 23:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 18:56 - 2015-09-15 23:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 18:56 - 2015-09-15 23:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 18:56 - 2015-09-15 23:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 18:56 - 2015-09-15 23:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 18:56 - 2015-09-15 23:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 18:56 - 2015-09-15 23:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 18:56 - 2015-09-15 23:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 18:56 - 2015-09-15 23:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 18:56 - 2015-09-15 23:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 18:56 - 2015-09-15 23:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 18:56 - 2015-09-15 23:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 18:56 - 2015-09-15 23:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 18:56 - 2015-09-15 23:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 18:56 - 2015-09-15 23:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 18:56 - 2015-09-15 22:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 18:56 - 2015-09-15 22:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 18:56 - 2015-09-15 22:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 18:56 - 2015-09-15 22:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 18:56 - 2015-09-15 22:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 18:56 - 2015-09-15 22:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 18:56 - 2015-09-15 22:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 18:56 - 2015-09-15 22:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 18:56 - 2015-09-15 22:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 18:56 - 2015-09-15 22:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 18:56 - 2015-09-15 22:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 18:56 - 2015-09-15 22:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 18:56 - 2015-09-15 22:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 18:56 - 2015-09-15 22:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 18:56 - 2015-09-15 22:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 18:56 - 2015-09-15 22:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 18:56 - 2015-09-15 22:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 18:56 - 2015-09-15 22:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 18:56 - 2015-09-15 22:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 18:56 - 2015-09-15 22:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 18:56 - 2015-09-15 22:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 18:56 - 2015-09-15 22:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 18:56 - 2015-09-15 22:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 18:56 - 2015-09-15 22:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 18:56 - 2015-09-15 22:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 18:56 - 2015-09-15 22:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 18:56 - 2015-09-15 22:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 18:56 - 2015-09-15 22:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 18:56 - 2015-09-15 22:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 18:56 - 2015-09-15 22:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 18:56 - 2015-09-15 22:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 18:56 - 2015-09-15 22:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 18:56 - 2015-09-15 22:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 18:56 - 2015-09-15 22:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 18:56 - 2015-09-15 21:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 18:56 - 2015-09-15 21:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 18:56 - 2015-09-15 21:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 18:56 - 2015-09-15 21:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 18:56 - 2015-09-15 21:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 18:56 - 2015-09-15 21:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 18:56 - 2015-09-15 21:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:56 - 2015-09-15 21:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 18:56 - 2015-09-15 21:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 18:56 - 2015-09-15 21:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 18:56 - 2015-08-06 13:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 18:56 - 2015-08-06 13:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 18:56 - 2015-08-06 12:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 18:56 - 2015-08-06 12:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 18:55 - 2015-09-25 13:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 18:55 - 2015-09-25 13:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 18:55 - 2015-09-25 13:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 18:55 - 2015-09-25 13:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 18:55 - 2015-09-25 13:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 18:55 - 2015-09-25 12:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 18:55 - 2015-09-25 12:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 18:55 - 2015-09-25 12:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 18:55 - 2015-09-25 12:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 18:55 - 2015-09-25 12:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 18:54 - 2015-10-01 13:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 18:54 - 2015-10-01 13:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 18:54 - 2015-10-01 13:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 18:54 - 2015-10-01 13:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 18:54 - 2015-10-01 13:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 18:54 - 2015-10-01 13:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 18:54 - 2015-10-01 13:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 18:54 - 2015-10-01 12:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 18:54 - 2015-10-01 12:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-11 12:40 - 2015-11-01 08:51 - 00022528 _____ C:\Users\Mike\Desktop\Property 2015.xls
2015-10-04 18:40 - 2015-10-31 18:39 - 00000728 _____ C:\Windows\setupact.log
2015-10-04 18:40 - 2015-10-04 18:40 - 00000000 _____ C:\Windows\setuperr.log
2015-10-02 21:51 - 2015-10-02 21:52 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-02 21:50 - 2015-10-02 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-02 21:50 - 2015-06-18 07:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-02 21:50 - 2015-06-18 07:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-02 21:50 - 2015-06-18 07:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-02 21:49 - 2015-10-02 21:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-02 21:47 - 2015-10-02 21:47 - 00012138 _____ C:\Users\Mike\Documents\cc_20151002_224711.reg
2015-10-02 21:43 - 2015-10-02 21:43 - 00265288 _____ C:\Users\Mike\Documents\cc_20151002_224249.reg
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-01 17:21 - 2012-01-03 13:06 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000UA.job
2015-11-01 17:18 - 2012-01-04 09:23 - 00000000 ____D C:\Users\Mike\Desktop\Docs
2015-11-01 16:30 - 2013-01-05 20:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-01 16:25 - 2012-02-09 12:04 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 09:44 - 2012-04-18 22:07 - 01441250 _____ C:\Windows\WindowsUpdate.log
2015-11-01 08:48 - 2014-03-15 18:59 - 00019259 _____ C:\Users\Mike\Desktop\List.xlsx
2015-11-01 08:38 - 2009-07-13 23:45 - 00014848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-01 08:38 - 2009-07-13 23:45 - 00014848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-01 08:27 - 2009-07-14 00:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-31 18:43 - 2014-08-12 19:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-31 18:42 - 2013-08-05 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-31 18:41 - 2012-01-03 14:32 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-10-31 18:39 - 2012-02-09 12:04 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-31 18:39 - 2012-01-03 11:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-31 18:39 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-27 20:24 - 2012-07-31 18:55 - 00000000 ____D C:\Windows\Minidump
2015-10-27 20:13 - 2012-01-03 13:06 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000Core.job
2015-10-22 20:47 - 2012-11-17 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-15 03:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-10-14 02:41 - 2014-07-18 20:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-14 02:24 - 2012-01-03 15:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-05 07:25 - 2015-03-15 13:55 - 00001024 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-10-05 07:19 - 2015-02-05 23:02 - 00000000 ____D C:\ProgramData\LogMeIn
2015-10-05 07:19 - 2015-02-05 22:57 - 00000000 ____D C:\Users\Mike\AppData\Local\LogMeInIgnition
 
==================== Files in the root of some directories =======
 
2012-01-08 11:06 - 2015-07-13 22:44 - 0000132 _____ () C:\Users\Mike\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-04-08 22:45 - 2014-04-09 15:03 - 0001456 _____ () C:\Users\Mike\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-02-10 22:12 - 2013-02-10 22:14 - 0023565 _____ () C:\Users\Mike\AppData\Local\WiDiSetupLog.20130210.221239.txt
2013-02-19 20:02 - 2013-02-19 20:04 - 0032601 _____ () C:\Users\Mike\AppData\Local\WiDiSetupLog.20130219.200209.txt
2015-04-25 17:33 - 2015-04-25 17:36 - 0049659 _____ () C:\Users\Mike\AppData\Local\WiDiSetupLog.20150425.183336.wdl
 
Some files in TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-31 22:11
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Mike (2015-11-01 17:22:13)
Running from C:\Users\Mike\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-01-03 15:19:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-891366033-3339291566-2793857052-500 - Administrator - Disabled)
Guest (S-1-5-21-891366033-3339291566-2793857052-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-891366033-3339291566-2793857052-1005 - Limited - Enabled)
Mike (S-1-5-21-891366033-3339291566-2793857052-1000 - Administrator - Enabled) => C:\Users\Mike
UpdatusUser (S-1-5-21-891366033-3339291566-2793857052-1003 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - )
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.2.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat 9.2.0 - CPSID_50026 (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}_920) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
Akamai NetSession Interface (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
AutoCAD 2010 - English (HKLM\...\AutoCAD 2010 - English) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - English (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - English (Version: 18.0.55.0 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Revit Architecture 2012 (HKLM\...\Autodesk Revit Architecture 2012) (Version: 11.03.09231 - Autodesk)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden
Brother MFL-Pro Suite HL-2280DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Bullzip PDF Printer 7.2.0.1304 (HKLM\...\Bullzip PDF Printer_is1) (Version: 7.2.0.1304 - Bullzip)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.29 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.2 - Conexant)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Dropbox (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
ECOTECT v5.50 (HKLM-x32\...\{F0851A2E-4EF0-4860-AD92-EC012599BEF1}_is1) (Version: v5.50 - Square One research)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Free CUDA Video Converter 6 (HKLM-x32\...\{7534AD6F-A485-42A4-AE5A-43828817F29A}_is1) (Version:  - CUDA Studio)
Free Easy Burner V 4.4.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 4.4.1.0 - Koyote soft)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.)
Google Chrome (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Chrome (HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Google Chrome) (Version: 28.0.1500.72 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPL Ghostscript Lite 9.04 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version:  - )
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel® WiDi (HKLM\...\{BE7E45FA-7F97-4155-87CF-2DEA398995DA}) (Version: 4.2.21.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Maxwell (HKLM-x32\...\Maxwell) (Version:  - )
Maxwell for Rhinoceros 4 (HKLM-x32\...\{01D24952-1219-406D-9281-B0DA28C8AFD1}) (Version: 1.0.3 - Next Limit Technologies)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Graphics Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA nView 136.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.02 - NVIDIA Corporation)
NVIDIA Performance Driver for Autodesk AutoCAD 2010 (HKLM\...\NVIDIA Autodesk AutoCAD 2010 Performance Driver) (Version: nvd3d10: 0.18.2.1  - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickMonitorProfile 2.1.0.1 (HKLM-x32\...\QuickMonitorProfile_is1) (Version: 2.1.0.1 - Eberhard Werle)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Revit Architecture 2012 (Version: 11.03.09231 - Autodesk) Hidden
Revit Architecture 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version:  - )
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR4 (HKLM-x32\...\{D57F1897-D0F5-4E5F-99BA-80815B43283A}) (Version: 4.0.30807 - Robert McNeel & Associates)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Screencast-O-Matic (HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Screencast-O-Matic (HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab for Intel (64-bit) (HKLM\...\{419B57C2-BEB5-4201-91F5-CEF73F24C219}) (Version: 4.5.13.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.64.00.00 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.65 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.34.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.08 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{C2938C94-239C-4156-B245-C5406A4F3E93}) (Version: 5.9.5.7038 - Authentec Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Vectorworks 2010 Help (HKLM-x32\...\net.nemetschek.vectorworks.2010.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2010 Help (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2011 Help (HKLM-x32\...\net.nemetschek.vectorworks.2011.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2011 Help (x32 Version: 1.0 - UNKNOWN) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
V-Ray for Rhinoceros (HKLM-x32\...\{40625DE4-DCDB-44FE-84B5-E65F1365BF44}) (Version: 01.05.29 - ASGvis, LLC)
V-Ray for Rhinoceros (x32 Version: 01.01.71 - ASGvis, LLC) Hidden
V-Ray for Rhinoceros (x32 Version: 01.05.29 - ASGvis, LLC) Hidden
V-Ray for SketchUp (HKLM-x32\...\V-Ray for SketchUp 1.49.01) (Version: 1.49.01 - ASGVIS)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Architecture 2012\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-891366033-3339291566-2793857052-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2012-01-03 13:20 - 00001262 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {61110D5A-D72E-4352-8633-F112509ED16A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {748D0827-2F85-4C7B-88ED-F8487B9FCA77} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {8FC66427-0E75-4820-A4E4-EFA13F99C5A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000Core => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AE08236D-0833-48CC-8F36-C9803E4D08C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C0655EA4-3B1D-4648-8915-C93ECBB18A73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CA069FB5-7A87-4DFD-93DE-096546EE24ED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000UA => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {DC2D01BB-7443-4D58-97CD-98C4CF5849E9} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-12-01] (Lenovo Group Limited)
Task: {F80EADD2-70FC-4F40-860B-C7BF4C9ACA9F} - System32\Tasks\AdobeAAMUpdater-1.0-NOVO-Mike => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FE9E4968-D289-47D4-8B7C-F576DEDA9F59} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-22] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000Core.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891366033-3339291566-2793857052-1000UA.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-09-23 08:53 - 2012-09-29 12:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2012-01-13 18:09 - 2012-09-29 12:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2013-02-10 22:20 - 2006-11-27 03:55 - 00144896 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxcrpp6c.dll
2012-01-03 11:01 - 2011-12-01 03:05 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2012-01-03 19:03 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-01-13 18:05 - 2010-04-28 10:49 - 00222720 _____ () C:\Windows\system32\m1210nwia.dll
2012-01-03 10:49 - 2010-10-26 13:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-10-26 18:24 - 2015-10-20 09:08 - 01532744 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-26 18:24 - 2015-10-20 09:08 - 00081224 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\46.0.2490.80\libegl.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 01013536 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtNetwork4.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 02610464 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtCore4.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 00389408 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtXml4.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 00407328 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\sqlite3.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 00328992 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\log4cplus.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 00028448 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\osEvents.dll
2013-07-18 09:27 - 2013-07-18 09:27 - 00202528 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\libgsoap.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 00069408 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\zlib1.dll
2013-07-18 09:29 - 2013-07-18 09:29 - 00473376 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\plugin\PServerPlugin.dll
2013-07-18 09:29 - 2013-07-18 09:29 - 14984992 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtWebKit4.dll
2013-07-18 09:29 - 2013-07-18 09:29 - 00324896 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\phonon4.dll
2013-07-18 09:28 - 2013-07-18 09:28 - 09231648 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtGui4.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-891366033-3339291566-2793857052-1000\...\verizon.net -> hxxps://activate.verizon.net
IE trusted site: HKU\S-1-5-21-891366033-3339291566-2793857052-1003\...\verizon.net -> hxxps://activate.verizon.net
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AMPPALR3 => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: BTHSSecurityMgr => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: lxcrmon.exe => "C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{CA635448-ED1A-4E2C-AF10-214611A26205}C:\program files (x86)\next limit\maxwell\mxcl.exe] => (Allow) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [UDP Query User{8549F199-1F23-491D-80B9-237B5E409ECF}C:\program files (x86)\next limit\maxwell\mxcl.exe] => (Allow) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [{F49C39FE-50E3-41AD-B02A-8C46B2046B0C}] => (Block) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [{37D88899-31CF-492B-8385-73E5C2808D0F}] => (Block) C:\program files (x86)\next limit\maxwell\mxcl.exe
FirewallRules: [TCP Query User{15D4806A-BBAB-46C6-ACC7-B4E0EE8CA29B}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{2DFE33C5-7A67-49EE-AA74-97E7E693500E}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{59E90254-1017-427A-85E7-4E0B5D0941EB}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{BD5545D4-A7E5-460E-9FE7-CE42AF267409}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{38B11B45-E6C6-4D60-97F3-F453F158F14C}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zSFC39.tmp\EasyInst64.exe
FirewallRules: [{34417780-59B0-465F-90FB-189622F3F191}] => (Allow) C:\Users\Mike\AppData\Local\Temp\7zSFC39.tmp\EasyInst64.exe
FirewallRules: [{B8031B85-751A-45A4-A566-5328F5B1B2A9}] => (Allow) LPort=9100
FirewallRules: [{ADD98A39-DCA8-485E-BA54-B941F433A5ED}] => (Allow) LPort=427
FirewallRules: [{0DE94FDE-874C-499E-9CC1-4EBA568490A9}] => (Allow) LPort=161
FirewallRules: [{9041D1C8-7B89-4DCA-A711-E44106838BEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7F9616FA-D825-460A-AE07-0E169F94993D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8CFE0C17-860C-4857-B329-43A584D2A268}] => (Allow) C:\Windows\SysWOW64\lxcrcoms.exe
FirewallRules: [{5FDEB803-631B-48A7-BB0A-2EE850777478}] => (Allow) C:\Windows\SysWOW64\lxcrcoms.exe
FirewallRules: [TCP Query User{121CD664-0D58-45AF-A502-6DEBC81CC2D7}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [UDP Query User{5358E5E9-9253-4B1E-811F-B5E8B5B3F80D}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [TCP Query User{BC0C4266-087F-4D0E-BF59-479EA9B17605}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [UDP Query User{3D8AC76B-C806-4C7D-8303-43298F70FF01}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Block) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [TCP Query User{2469CC29-A313-4129-9D3E-BCE639EB50FC}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{16749A78-11AD-45DE-92F3-4EC1379E771E}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{DECF12FC-D4C6-407E-9BA6-0D39F3BA8EFA}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{76C0F08D-656A-4ED1-BAE7-FC7D39560A49}C:\users\mike\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mike\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{DABC6AB3-AEC8-45DC-879F-3EC6EAF7F195}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{08A7CB66-B9F9-4EFD-B75F-5A45A4DD2B92}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{9276208D-BAC1-4C7E-A431-64EDA60D4302}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
FirewallRules: [{091EA4E0-85E8-452E-A747-300335290B03}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
FirewallRules: [{F14629E8-9EF8-4961-9656-2DA914DFE5E9}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\LXCRaiox.exe
FirewallRules: [{A20AB9EB-1D5C-4493-9C82-FE15A8DFD813}] => (Allow) C:\Program Files (x86)\Lexmark 2400 Series\LXCRaiox.exe
FirewallRules: [{ED046BC8-7D10-4DE7-96EA-593E2D0C2EB5}] => (Allow) C:\Windows\System32\lxcrcoms.exe
FirewallRules: [{7C4960EB-CC06-4ECA-AF3C-BEE4B3B19CD2}] => (Allow) C:\Windows\System32\lxcrcoms.exe
FirewallRules: [{3B8B0A5E-9CCA-4E39-8E1B-4D9FEECDB586}] => (Allow) LPort=135
FirewallRules: [{B80181B3-AA87-4764-8B3F-F581FFD9A0BF}] => (Allow) LPort=5000
FirewallRules: [{9B03DCA9-94B7-474D-A370-C8056BA57A1D}] => (Allow) LPort=5001
FirewallRules: [{60F98BC0-1F2A-4F60-A668-BDCBB232B3D2}] => (Allow) LPort=5002
FirewallRules: [{166A636D-7B06-4A9C-864B-F37FD6504703}] => (Allow) LPort=5003
FirewallRules: [{3E97C8E3-0A16-4862-B9E9-70344E05A8FF}] => (Allow) LPort=5004
FirewallRules: [{CD859C10-C40B-48F9-AB9C-8E806BE90223}] => (Allow) LPort=5005
FirewallRules: [{5103DB80-D195-4BF5-AF81-CD65E97E7860}] => (Allow) LPort=5006
FirewallRules: [{8C6F0710-C170-4B5C-AE7B-09EFFFF8470F}] => (Allow) LPort=5007
FirewallRules: [{381E4F33-24A7-4489-8AE2-85AF3A484D21}] => (Allow) LPort=5008
FirewallRules: [{53713508-7AE4-441C-8F2E-080A5E7087FD}] => (Allow) LPort=5009
FirewallRules: [{A625966C-4D5F-405B-80CC-72EB951D9186}] => (Allow) LPort=5010
FirewallRules: [{0CFDEE92-DFBF-4243-BFF3-DD6452B132A0}] => (Allow) LPort=5011
FirewallRules: [{2B0B681D-1006-4868-AFA7-75A021BEBA30}] => (Allow) LPort=5012
FirewallRules: [{2242C70C-0E8D-454B-9C74-EE05531FA99B}] => (Allow) LPort=5013
FirewallRules: [{F7FEB3E1-0733-4349-AF22-D72AE4FBB9AE}] => (Allow) LPort=5014
FirewallRules: [{75E6888A-CF89-4890-9387-B1A0A9BD25AF}] => (Allow) LPort=5015
FirewallRules: [{B50EB014-0975-4B24-9006-84A0D6DF3CCD}] => (Allow) LPort=5016
FirewallRules: [{B54014BD-F6DA-493D-891F-5561FCC3FAC8}] => (Allow) LPort=5017
FirewallRules: [{468BAFC3-0338-4A2D-BEEE-428D7BF51B07}] => (Allow) LPort=5018
FirewallRules: [{06D00777-03D3-4712-A45B-07F26AB3BFC7}] => (Allow) LPort=5019
FirewallRules: [{2C07D709-21D9-4FA4-A3BE-9675312A0536}] => (Allow) LPort=5020
FirewallRules: [{14839E3C-A6A1-4774-93BA-400FCC1D735E}] => (Allow) LPort=50000
FirewallRules: [{8FE71280-88DB-4720-97EF-35C504272605}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9CECF5D7-198E-4426-A983-E20D4519B29E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{4A3C614F-7988-48C7-9FFC-0151C12669C8}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9AEF8A98-1117-4A85-8484-0D509931214F}] => (Allow) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DF8B700-8BBA-4F4F-AB5A-FAC9241E46F6}C:\program files (x86)\vectorworks2011\vectorworks2011.exe] => (Allow) C:\program files (x86)\vectorworks2011\vectorworks2011.exe
FirewallRules: [UDP Query User{86A3EE75-5CD9-441F-BECC-ACAB5D72E277}C:\program files (x86)\vectorworks2011\vectorworks2011.exe] => (Allow) C:\program files (x86)\vectorworks2011\vectorworks2011.exe
FirewallRules: [TCP Query User{9469AF89-12C3-403E-8B25-B0C677DEE09F}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{3022C647-775D-410C-BC8B-AF78C835BC58}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{38C8D47C-36A3-436A-95D9-B0508112F623}] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{151ECF66-33FB-40B9-8685-A44F6605C7D3}] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [TCP Query User{3BC27038-1E38-48D5-AA6E-704A81087E11}C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe
FirewallRules: [UDP Query User{EA28E174-5E29-487B-B7AF-B0E3E44E2713}C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9de7.tmp\lmiignition.exe
FirewallRules: [{C957F756-6573-4338-BB0A-AE9E9003E971}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CBA6B8BE-3ABA-445E-B732-45B28B083D65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{13DE630F-18D2-4237-857F-B5E148AD15C8}C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe
FirewallRules: [UDP Query User{8A6AE980-70C2-4885-A40C-8BEE30F2AF57}C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign9d3b.tmp\lmiignition.exe
FirewallRules: [TCP Query User{E98D8DA5-1C79-4AEE-87CC-78836A5C790C}C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe
FirewallRules: [UDP Query User{DA5B1B39-A98F-4233-AF8C-8872778D1AAF}C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignae01.tmp\lmiignition.exe
FirewallRules: [TCP Query User{2188930E-F82D-4AA7-B273-3AA1B39C33C7}C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe
FirewallRules: [UDP Query User{6517D35A-A78A-40BD-9296-BFF19B32EA04}C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf430.tmp\lmiignition.exe
FirewallRules: [{FA3F3B4B-39B2-4E4B-BB92-3EE1708144D1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [TCP Query User{A8C10A64-2962-4AF6-85B7-84D33C4DB864}C:\users\mike\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\logmein client\lmiignition.exe
FirewallRules: [UDP Query User{5DC4AED7-9138-4A63-AE84-4615B398D88A}C:\users\mike\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\logmein client\lmiignition.exe
FirewallRules: [TCP Query User{7A731A09-B454-4BB2-BF17-FF856A756480}C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe
FirewallRules: [UDP Query User{7AB77C3F-1134-4F47-8312-67758839E3C2}C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign4d1e.tmp\lmiignition.exe
FirewallRules: [TCP Query User{BE7CDE52-EBEB-4A24-965E-80055EE4431B}C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe
FirewallRules: [UDP Query User{E637C200-6F7E-4BAB-B6E2-1B024BBD4226}C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\igneb8e.tmp\lmiignition.exe
FirewallRules: [TCP Query User{7EE9CF24-ACF3-408B-A366-B253EFCEEFC4}C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe
FirewallRules: [UDP Query User{CCCDFA74-D4C2-416F-ADEC-9675779FA26B}C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ign2fa9.tmp\lmiignition.exe
FirewallRules: [TCP Query User{AB5B0176-B829-4F0B-A825-9745C51EE85E}C:\users\mike\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mike\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{CC85EF5C-1675-4F35-A373-F2AF79268A4F}C:\users\mike\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mike\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{5A5BC323-0158-4501-AB6D-8EFA330D3C10}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{389B0937-8262-4DDD-9184-63045DA80688}C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe
FirewallRules: [UDP Query User{5A95E609-75F7-4E12-A613-B3951E9031B4}C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe] => (Allow) C:\users\mike\appdata\local\temp\ignf07a.tmp\lmiignition.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/31/2015 06:45:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Exception code: 0x40000015
Fault offset: 0x00052d24
Faulting process id: 0x1b60
Faulting application start time: 0xjucheck.exe0
Faulting application path: jucheck.exe1
Faulting module path: jucheck.exe2
Report Id: jucheck.exe3
 
Error: (10/27/2015 08:30:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Faulting module name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Exception code: 0xc0000094
Fault offset: 0x0000000000071caa
Faulting process id: 0x4e8
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (10/27/2015 08:26:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (10/27/2015 08:26:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (10/26/2015 06:46:55 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\Fonts\StaticCache.dat for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Desktop Window Manager because of this error.
 
Program: Desktop Window Manager
File: C:\Windows\Fonts\StaticCache.dat
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (10/26/2015 06:46:55 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DA92EDFB65CABA331BF6884CE768ECE6E35029BE.bin.80 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
 
Program: Host Process for Windows Services
File: C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DA92EDFB65CABA331BF6884CE768ECE6E35029BE.bin.80
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (10/26/2015 06:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000006
Fault offset: 0x0000000000001310
Faulting process id: 0xb7c
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3
 
Error: (10/26/2015 06:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WinDefend, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mpengine.dll, version: 1.1.12205.0, time stamp: 0x561cce4d
Exception code: 0xc0000006
Fault offset: 0x00000000001d103c
Faulting process id: 0x1388
Faulting application start time: 0xsvchost.exe_WinDefend0
Faulting application path: svchost.exe_WinDefend1
Faulting module path: svchost.exe_WinDefend2
Report Id: svchost.exe_WinDefend3
 
Error: (10/26/2015 06:46:55 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\SysWOW64\propsys.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Google Chrome because of this error.
 
Program: Google Chrome
File: C:\Windows\SysWOW64\propsys.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (10/26/2015 06:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 46.0.2490.80, time stamp: 0x56262c73
Faulting module name: PROPSYS.dll, version: 7.0.7601.17514, time stamp: 0x4ce7b983
Exception code: 0xc0000006
Fault offset: 0x00063672
Faulting process id: 0x14ac
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
 
System errors:
=============
Error: (11/01/2015 10:38:57 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (11/01/2015 10:38:33 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2720QM CPU @ 2.20GHz
Percentage of memory in use: 28%
Total physical RAM: 16337.23 MB
Available physical RAM: 11727.82 MB
Total Virtual: 32672.68 MB
Available Virtual: 27511.55 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:416.83 GB) (Free:194.15 GB) NTFS
Drive f: () (Fixed) (Total:48.83 GB) (Free:27.98 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4E66962E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nothing untowards showing, I will run a bit of TLC and look at your minidumps

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that


The go to :
C:\Windows\Minidump
Copy all dmp files to your destkop
Zip them all up and attach to your next post
  • 0

#6
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Fixlog text below and dmp file is attached:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Mike (2015-11-02 22:39:16) Run:1
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike & UpdatusUser (Available Profiles: Mike & UpdatusUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-891366033-3339291566-2793857052-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-891366033-3339291566-2793857052-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-891366033-3339291566-2793857052-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Wireless Network Connection 3 while it has its media disconnected.
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cable.rcn.com
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::a18a:43d3:20cf:112f%10
   Default Gateway . . . . . . . . . : 
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.cable.rcn.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{48252D8F-C6EE-4322-BEEE-6F65376E3308}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{A201CD51-3C6B-4F2E-9513-05B239B6C8F3}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Wireless Network Connection 3 while it has its media disconnected.
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cable.rcn.com
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : cable.rcn.com
   Link-local IPv6 Address . . . . . : fe80::a18a:43d3:20cf:112f%10
   IPv4 Address. . . . . . . . . . . : 192.168.1.103
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.cable.rcn.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cable.rcn.com
 
Tunnel adapter isatap.{48252D8F-C6EE-4322-BEEE-6F65376E3308}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{A201CD51-3C6B-4F2E-9513-05B239B6C8F3}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 2.9 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 22:40:39 ====

  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you attach the dmp file please :)
  • 0

#8
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Opps sorry about that... here you go.

 

Attached File  102715-26442-01.rar   23.42KB   61 downloads

 

Thanks!


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK two small things to try :

First run Chkdsk c: \r
 
Details here http://www.w7forums....check-disk.448/
 
Next run SFC /scannow
 
go start > all programs > accessories . command prompt right click command prompt and select run as administrator
In the black box type :

SFC /scannow

Allow the programme to complete and reboot on completion

Then we need to see if that worked
  • 0

#10
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Hi Essexboy,
 
I ran both scans and here is the message I got from the SFC scan:
 
Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Windows\system32>sfc /scannow
 
Beginning system scan.  This process will take some time.
 
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
C:\Windows\Logs\CBS\CBS.log
 
I've attached the log just in case.
 

Attached Files

  • Attached File  CBS.log   4.54MB   59 downloads

  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did that make any difference to system behaviour ?
  • 0

#12
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

It seems to be working fine right now.


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ok lets go for a tentative fixed :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP