Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Crappy page pops up before my home page comes on [Solved]


  • This topic is locked This topic is locked

#16
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

I get this message box when I go to open this file and it wont let me skip the only way I can get move this from the screen is to press the abort button?

I tried both links sent both the same result 


  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK it looks to be more than a simple browser hijacker

Download AVZ tool from here to your desktop
Unzip all files to a folder on your desktop
Open the folder and double click the AVZ icon avz.JPG
When the tool opens select "File" > "Standards scripts"
avz1.jpg

Place a tick in :


5. Update signature database

Then press "Execute selected scripts"
avz2.JPG

Once that has execute then
select "File" > "Standards scripts"
Place a tick in :

3. Advanced System Analysis with malware removal mode enabled
Then press "Execute selected scripts"

When finished look in the folder AVZ4 on your desktop
Open the LOG folder
Attach virusinfo_syscure to your next post
vz3.JPG
  • 0

#18
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

OK it looks to be more than a simple browser hijacker

Download AVZ tool from here to your desktop
Unzip all files to a folder on your desktop
Open the folder and double click the AVZ icon avz.JPG
When the tool opens select "File" > "Standards scripts"
avz1.jpg

Place a tick in :


5. Update signature database

Then press "Execute selected scripts"
avz2.JPG

Once that has execute then
select "File" > "Standards scripts"
Place a tick in :

3. Advanced System Analysis with malware removal mode enabled
Then press "Execute selected scripts"

When finished look in the folder AVZ4 on your desktop
Open the LOG folder
Attach virusinfo_syscure to your next post
vz3.JPG

Thanx still have problems, it did #5 ok but #3 took a very log time and at the end it closed the program with out making a log when it was running I could see a log file but when it closed it was last as well

Attached Thumbnails

  • 2015-12-31_1342.png

  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I see you have hitmanpro, did you run this and allow it to make some changes ?

Download Windows All In One Repair from Tweaking.com to your desktop
Install the programme

Reboot to safe mode with networking
Run Windows All In One
Select Step 2
Select open Pre-repairs scan then click scan
Let that complete
Save the results to a text file on your desktop

waioprescan.JPG

Next select Step 5 and back up the registry

waioregback.JPG

Open the Repairs tab

waioopenrep.JPG

Select the following repair numbers :

1 to 27

Set the system to reboot on completion
The press Start Repairs

waiorepair.JPG
  • 0

#20
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

I see you have hitmanpro, did you run this and allow it to make some changes ?

Download Windows All In One Repair from Tweaking.com to your desktop
Install the programme

Reboot to safe mode with networking
Run Windows All In One
Select Step 2
Select open Pre-repairs scan then click scan
Let that complete
Save the results to a text file on your desktop

waioprescan.JPG

Next select Step 5 and back up the registry

waioregback.JPG

Open the Repairs tab

waioopenrep.JPG

Select the following repair numbers :

1 to 27

Set the system to reboot on completion
The press Start Repairs

waiorepair.JPG

  here is the result from #2 in notepad

┌────────────────────────────────────────────────────────────────────────────────┐
│ Tweaking.com - Windows Repair v3.7.3 - Pre-Scan
│ Computer: BRIAN-PC (Windows 7 Home Premium 6.1.7601 Service Pack 1) (64-bit)
│ [Started Scan - 31/12/2015 4:00:56 PM]
└────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────┐
│ Scanning Windows Packages Files.
│ Started at (31/12/2015 4:00:56 PM)

│ These Files Are Possibly Corrupt (Bad Digital Signature): (Total: 709)
C:\Windows\servicing\Packages\Package_102_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_103_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_103_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_104_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_104_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_104_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_104_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_105_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_105_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_105_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_105_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_105_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_106_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_106_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_106_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_106_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_107_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_107_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_107_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_107_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_108_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_108_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_108_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_108_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_108_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_109_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_109_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_109_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_109_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_110_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_110_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_110_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_111_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_111_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_111_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_111_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_111_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_112_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_112_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_112_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_112_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_113_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_113_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_113_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_113_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_113_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_113_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_113_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_114_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_114_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_114_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_114_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_114_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_114_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_114_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_115_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_115_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_115_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_115_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_116_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_116_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_116_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_117_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_117_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_117_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_117_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_117_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_117_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_117_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_117_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_117_for_KB3102429~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_118_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_118_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_118_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_118_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_118_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_118_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_118_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_119_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_119_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_119_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_119_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_119_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_119_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_119_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_120_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_120_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_120_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_120_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_120_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_120_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_120_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_121_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_121_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_121_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_121_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_121_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_121_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_121_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_122_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_123_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_123_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_123_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_123_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_123_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_123_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_123_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_124_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_124_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_124_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_124_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_124_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_124_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_125_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_125_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_125_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_125_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_125_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_125_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_125_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_126_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_126_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_126_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_126_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_126_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_126_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_126_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_127_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_127_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_127_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_127_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_127_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_127_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_127_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_128_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_128_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_129_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_129_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_130_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_130_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_131_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_132_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_135_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_136_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_137_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_138_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_139_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_13_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_13_for_KB3075851~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_13_for_KB3083324~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_13_for_KB3083710~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_13_for_KB3102810~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_13_for_KB3112343~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_142_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_142_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_143_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_143_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_144_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_144_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_145_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_145_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_146_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_146_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_148_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_148_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_149_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_149_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_14_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_14_for_KB3075851~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_14_for_KB3083324~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_14_for_KB3083710~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_14_for_KB3102810~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_14_for_KB3112343~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_150_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_150_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_151_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_151_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_152_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_152_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB2952664~31bf3856ad364e35~amd64~~6.1.10.5.mum
C:\Windows\servicing\Packages\Package_1_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.2.mum
C:\Windows\servicing\Packages\Package_1_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.3.mum
C:\Windows\servicing\Packages\Package_1_for_KB2952664~31bf3856ad364e35~amd64~~6.1.14.2.mum
C:\Windows\servicing\Packages\Package_1_for_KB2999226~31bf3856ad364e35~amd64~~6.1.1.7.mum
C:\Windows\servicing\Packages\Package_1_for_KB3013531~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3023215~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3032655~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3033890~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3035583~31bf3856ad364e35~amd64~~6.1.1.29.mum
C:\Windows\servicing\Packages\Package_1_for_KB3035583~31bf3856ad364e35~amd64~~6.1.2.13.mum
C:\Windows\servicing\Packages\Package_1_for_KB3035583~31bf3856ad364e35~amd64~~6.1.2.17.mum
C:\Windows\servicing\Packages\Package_1_for_KB3045645~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3046002~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_1_for_KB3048070~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_1_for_KB3049563~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3058515~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3067903~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3069114~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_1_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3072305~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_1_for_KB3074543~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3075222~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_1_for_KB3075516~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3076949~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3078071~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3084135~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3086255~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3087038~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3087918~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3087985~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3093513~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3093983~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3097989~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_1_for_KB3099862~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3100213~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_1_for_KB3100773~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3104002~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3107998~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_1_for_KB3108371~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3108669~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_1_for_KB3109103~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_225_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_250_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_250_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3020369~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3020370~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_2_for_KB3023215~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3032655~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3045171~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_2_for_KB3045645~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3046002~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_2_for_KB3046017~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3049563~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3051768~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3054476~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3055642~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3057839~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_2_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3063858~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3064209~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3065979~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3069114~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_2_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_2_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3074543~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3075222~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3076895~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3076949~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3078071~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_2_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3079757~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3079904~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_2_for_KB3084135~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3087038~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_2_for_KB3092601~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3092627~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_2_for_KB3097989~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3100213~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3100773~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3101722~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3107998~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_2_for_KB3108381~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_2_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_2_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_37_for_KB3058515~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_37_for_KB3093983~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_37_for_KB3104002~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_38_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_38_for_KB3058515~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_38_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_38_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_38_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_38_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_38_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_38_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_38_for_KB3093983~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_38_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_38_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_38_for_KB3104002~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_39_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_39_for_KB3058515~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_39_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_39_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_39_for_KB3093983~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_39_for_KB3102429~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_39_for_KB3104002~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_39_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB2952664~31bf3856ad364e35~amd64~~6.1.10.5.mum
C:\Windows\servicing\Packages\Package_3_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.2.mum
C:\Windows\servicing\Packages\Package_3_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.3.mum
C:\Windows\servicing\Packages\Package_3_for_KB2952664~31bf3856ad364e35~amd64~~6.1.14.2.mum
C:\Windows\servicing\Packages\Package_3_for_KB3023215~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3032655~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3045171~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_3_for_KB3045645~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3046017~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_3_for_KB3049563~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3051768~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3057839~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3063858~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3065979~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_3_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_3_for_KB3074543~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3076949~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3078071~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_3_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3079904~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_3_for_KB3087038~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_3_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_3_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_3_for_KB3097989~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_3_for_KB3100773~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3107998~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_3_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_3_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_40_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_40_for_KB3058515~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_40_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_40_for_KB3075249~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_40_for_KB3093983~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_40_for_KB3102429~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_40_for_KB3104002~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_41_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_41_for_KB3075249~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_41_for_KB3102429~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_42_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_49_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3045171~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_4_for_KB3046017~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_4_for_KB3049563~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3063858~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3078071~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_4_for_KB3087038~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3097989~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_4_for_KB3100773~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_4_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_50_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_51_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_51_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_51_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_51_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_51_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_52_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_52_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_52_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_52_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_52_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_52_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_53_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_53_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_53_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_53_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_53_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_54_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_54_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_54_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_54_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_55_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_58_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_58_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_58_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_58_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_58_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_58_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_58_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_58_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_59_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_59_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_59_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_59_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_59_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_59_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_59_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_59_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_59_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_5_for_KB3045171~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_5_for_KB3049563~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_5_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_5_for_KB3078071~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_5_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_5_for_KB3087038~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_5_for_KB3097989~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_5_for_KB3100773~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_5_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_60_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_60_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_60_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_60_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_60_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_60_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_60_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_61_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_61_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_61_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_61_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_61_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_61_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_61_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_62_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_62_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_62_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_62_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_62_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_62_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_62_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_63_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_63_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_63_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_63_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_63_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_63_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_63_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_64_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_64_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_64_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_64_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_64_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_64_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_64_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_65_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_6_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_73_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_73_for_KB3075851~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_73_for_KB3083324~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_73_for_KB3083710~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_73_for_KB3102810~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_73_for_KB3112343~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_74_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_74_for_KB3075851~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_74_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_74_for_KB3083324~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_74_for_KB3083710~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_74_for_KB3102810~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_74_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_74_for_KB3112343~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_76_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_77_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_77_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_77_for_KB3075249~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_78_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_78_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_79_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_79_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_79_for_KB3075249~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_79_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_79_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_7_for_KB3045171~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_7_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_80_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_80_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_81_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_84_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_84_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_85_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_86_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_86_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_87_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_87_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_88_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_88_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_89_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_89_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_8_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_91_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_91_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_91_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_91_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_91_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_91_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_92_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_92_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_92_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_92_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_92_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_92_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_92_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_93_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB2952664_SP1~31bf3856ad364e35~amd64~~6.1.10.5.mum
C:\Windows\servicing\Packages\Package_for_KB2952664_SP1~31bf3856ad364e35~amd64~~6.1.12.0.mum
C:\Windows\servicing\Packages\Package_for_KB2952664_SP1~31bf3856ad364e35~amd64~~6.1.13.2.mum
C:\Windows\servicing\Packages\Package_for_KB2952664_SP1~31bf3856ad364e35~amd64~~6.1.13.3.mum
C:\Windows\servicing\Packages\Package_for_KB2952664_SP1~31bf3856ad364e35~amd64~~6.1.14.2.mum
C:\Windows\servicing\Packages\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.10.5.mum
C:\Windows\servicing\Packages\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.12.0.mum
C:\Windows\servicing\Packages\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.2.mum
C:\Windows\servicing\Packages\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.13.3.mum
C:\Windows\servicing\Packages\Package_for_KB2952664~31bf3856ad364e35~amd64~~6.1.14.2.mum
C:\Windows\servicing\Packages\Package_for_KB2999226_SP1~31bf3856ad364e35~amd64~~6.1.1.7.mum
C:\Windows\servicing\Packages\Package_for_KB2999226~31bf3856ad364e35~amd64~~6.1.1.7.mum
C:\Windows\servicing\Packages\Package_for_KB3013531_SP1~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_for_KB3013531~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_for_KB3020369_RTM~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3020369~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3020370_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3020370~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3022345_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3022345~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3023215_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3023215~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3032655_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3032655~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3033890_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3033890~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3035583_RTM~31bf3856ad364e35~amd64~~6.1.1.29.mum
C:\Windows\servicing\Packages\Package_for_KB3035583_RTM~31bf3856ad364e35~amd64~~6.1.2.13.mum
C:\Windows\servicing\Packages\Package_for_KB3035583_RTM~31bf3856ad364e35~amd64~~6.1.2.17.mum
C:\Windows\servicing\Packages\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.1.29.mum
C:\Windows\servicing\Packages\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.2.13.mum
C:\Windows\servicing\Packages\Package_for_KB3035583~31bf3856ad364e35~amd64~~6.1.2.17.mum
C:\Windows\servicing\Packages\Package_for_KB3040272_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3042058_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3042058~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3045171_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3045171~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3045645_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3045645~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3046002_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3046002~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3046017_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3046017~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3048070_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3048070~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3049563_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3049563~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3051768_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3051768~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3054476_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3054476~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3055642_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3055642~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3057154_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3057154~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3057839_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3057839~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3058515_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3058515~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3059317_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3060716_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3060716~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3061518_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3061518~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3063858_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3063858~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3064209_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3064209~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3065822_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3065822~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3065979_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3065979~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3065987_SP1~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_for_KB3065987~31bf3856ad364e35~amd64~~6.1.2.0.mum
C:\Windows\servicing\Packages\Package_for_KB3067505_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3067505~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3067903_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3067903~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3068708_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3069114_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3069114~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3069392_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3069392~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3069762_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3069762~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3070102_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3070102~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3071756_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3071756~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3072305_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3072305~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3072630_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3072630~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3072633_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3074543_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3074543~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3074886_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3074886~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3075222_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3075222~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3075249_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3075249~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3075516_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3075516~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3075851_SP1~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_for_KB3075851~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_for_KB3076895_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3076895~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3076949_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3076949~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3077657_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3077657~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3077715_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3077715~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3078071_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3078071~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3078601_SP1~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_for_KB3078601~31bf3856ad364e35~amd64~~6.1.1.5.mum
C:\Windows\servicing\Packages\Package_for_KB3078667_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3079757_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3079757~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3079904_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3079904~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3080149_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3080149~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3080446_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3081320_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3081320~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3083324_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3083324~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3083710_SP1~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_for_KB3083710~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_for_KB3083992_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3083992~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3084135_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3084135~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3086255_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3086255~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3087038_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3087038~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3087039_SP1~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.mum
C:\Windows\servicing\Packages\Package_for_KB3087918_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3087918~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3087985_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3087985~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3088195_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3088195~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3092601_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3092601~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3092627_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3092627~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3093513_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3093513~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3093983_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3093983~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3097877_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3097877_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3097966_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3097966~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3097989_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3097989~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3099862_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3099862~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3100213_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3100213~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3100773_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3100773~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3101246_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3101246~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3101722_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3101722~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3101746_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3101746~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3102429_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3102429~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3102810_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3102810~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3104002_RTM~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3104002~31bf3856ad364e35~amd64~~11.2.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3107998_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3107998~31bf3856ad364e35~amd64~~6.1.1.2.mum
C:\Windows\servicing\Packages\Package_for_KB3108371_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3108371~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3108381_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3108381~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3108669_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3108669~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3108670_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3109094_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.mum
C:\Windows\servicing\Packages\Package_for_KB3109103_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3109103~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3112148_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3112148~31bf3856ad364e35~amd64~~6.1.1.0.mum
C:\Windows\servicing\Packages\Package_for_KB3112343_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum
C:\Windows\servicing\Packages\Package_for_KB3112343~31bf3856ad364e35~amd64~~6.1.1.3.mum

709 Combined Problems were found with the packages files, these files need to be replaced (These mainly only effect installing Windows Updates.)
│ The SFC (System File Checker) doesn't scan and replace some of these files, so you may need to replace them manually.

│ THESE FILES DO NOT KEEP THE REPAIRS FROM WORKING; YOU MAY STILL RUN THE REPAIRS IN THE PROGRAM.

│ If you need help in replacing these files, post on the Forums at Tweaking.com for help.

│ Files Checked & Verified: 8,735

│ Done Scanning Windows Packages Files.(31/12/2015 4:04:47 PM)
└────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────┐
│ Scanning Reparse Points.
│ Started at (31/12/2015 4:04:47 PM)


  • 0

#21
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

after running this program i get this message in my mail now 

Attached Thumbnails

  • 2015-12-31_1742.png

  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now run a fresh FRST scan please
 
For the RSS problem :
Go to Control Panel > program and features. Scroll down to the windows live install, and clicked change/uninstall! Then select the repair installation option.
  • 0

#23
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

Could you now run a fresh FRST scan please
 
For the RSS problem :
Go to Control Panel > program and features. Scroll down to the windows live install, and clicked change/uninstall! Then select the repair installation option.

thank you

   Here are the logs from the FRST scan

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
Ran by BR (administrator) on BRIAN-PC (01-01-2016 12:08:55)
Running from C:\Users\BR\Desktop
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Alibaba (China) Co., LTD. All rights reserved.) C:\Program Files (x86)\TaobaoProtect\TBSecSvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Alibaba Group) C:\Program Files (x86)\Alibaba\wwbizsrv\wwbizsrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(阿里巴巴(中国)有限公司) C:\Users\BR\AppData\Roaming\TaobaoProtect\TaobaoProtect.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087776 2014-08-26] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET) #2] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [aliim] => C:\Program Files (x86)\TradeManager\AliIM.exe [594744 2015-12-07] (Alibaba (China) Co., Ltd.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-01-04]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USBKVM Switcher.lnk [2015-10-10]
ShortcutTarget: USBKVM Switcher.lnk -> C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe ()
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: [DhcpNameServer] 64.59.144.16 64.59.150.132

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-CA&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-CA&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {07C7C110-7846-4522-8DA7-7316F05F3171} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1004 -> {5C92EB9F-4A20-4856-8F45-C04A70AC3398} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\5vqkojcs.default-1425818769644
FF DefaultSearchEngine: Ask Search
FF Homepage: hxxps://www.google.ca/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-26] ()
FF Plugin: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo64.dll [No File]
FF Plugin: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc64.dll [No File]
FF Plugin: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl64.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-26] ()
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [2015-12-07] ( )
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [2015-12-07] ( )
FF Plugin-x32: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo.dll [No File]
FF Plugin-x32: @alipay.com/npalidcp -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalidcp.dll [No File]
FF Plugin-x32: @alipay.com/npaliedit -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npaliedit.dll [No File]
FF Plugin-x32: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc.dll [No File]
FF Plugin-x32: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl.dll [No File]
FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.701 -> C:\Windows\system32\itruscert\NPComBrg701.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\TradeManager\npAliSSOLogin.dll [2015-02-09] (Alibaba software (Shanghai) Corporation.)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @citrixonline.com/appdetectorplugin -> C:\Users\BR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-28] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll [2015-03-30] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll [2015-03-30] ( )
FF Extension: New Tab Tools - C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\5vqkojcs.default-1425818769644\Extensions\[email protected] [2015-10-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-13] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.ca/
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-07]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 BackupService; C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-04-14] (Dassault Systèmes) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S4 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S4 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-06-07] (SolidWorks) [File not signed]
S4 SQLANYs_SmpParts; C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe [136568 2010-12-08] (iAnywhere Solutions, Inc.)
R2 TBSecSvc; C:\Program Files (x86)\TaobaoProtect\TBSecSvc.exe [227296 2015-12-25] (Alibaba (China) Co., LTD. All rights reserved.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [243448 2015-12-29] (RaMMicHaeL)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 wwbizsrv; C:\Program Files (x86)\Alibaba\wwbizsrv\wwbizsrv.exe [1770336 2015-08-23] (Alibaba Group)
S3 Blackberry Device Manager; "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X]
S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S2 pcas; "C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\pcas.exe" [X]
S2 secbizsrv; "C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\secbizsrv.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)
S3 SydexFDD; C:\Windows\SysWOW64\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows ® 2000 DDK provider) [File not signed]
S3 utqyodqx; C:\Windows\SysWOW64\Drivers\utqyodqx.sys [7168 2015-12-31] () [File not signed]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-01 12:08 - 2016-01-01 12:09 - 00027844 _____ C:\Users\BR\Desktop\FRST.txt
2016-01-01 11:59 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-01-01 11:59 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-01-01 11:59 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-01-01 11:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-01-01 11:58 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-01-01 11:58 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-12-31 17:41 - 2015-12-31 17:41 - 00002952 _____ C:\Windows\System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF}
2015-12-31 16:10 - 2015-12-31 16:10 - 00000000 ____D C:\RegBackup
2015-12-31 15:49 - 2015-12-31 15:50 - 00089030 _____ C:\Windows\ntbtlog.txt
2015-12-31 15:47 - 2015-12-31 15:47 - 00003648 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2015-12-31 15:47 - 2015-12-31 15:47 - 00002121 _____ C:\Users\BR\Desktop\Tweaking.com - Windows Repair.lnk
2015-12-31 15:46 - 2015-12-31 15:47 - 00183014 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2015-12-31 15:46 - 2015-12-31 15:46 - 21102368 _____ (Tweaking.com) C:\Users\BR\Desktop\tweaking.com_windows_repair_aio_setup.exe
2015-12-31 10:13 - 2015-12-31 11:50 - 00007168 _____ C:\Windows\SysWOW64\Drivers\utqyodqx.sys
2015-12-31 10:09 - 2015-12-31 10:12 - 00000000 ____D C:\Users\BR\Desktop\Base
2015-12-31 10:09 - 2015-09-04 13:18 - 00043230 _____ C:\Users\BR\Desktop\version.txt
2015-12-31 10:09 - 2015-09-04 12:53 - 00794112 _____ (Лаборатория Касперского, 2007-2015) C:\Users\BR\Desktop\avz.exe
2015-12-31 10:09 - 2015-09-04 11:19 - 00519242 _____ C:\Users\BR\Desktop\avz_ru.chm
2015-12-31 10:09 - 2011-01-14 10:52 - 00433648 _____ C:\Users\BR\Desktop\avz_en.chm
2015-12-31 10:09 - 2010-07-08 09:23 - 00000156 _____ C:\Users\BR\Desktop\avz.url
2015-12-31 10:07 - 2015-12-31 10:07 - 09842759 _____ C:\Users\BR\Desktop\avz4 (1).zip
2015-12-31 10:05 - 2015-12-31 10:05 - 09842759 _____ C:\Users\BR\Desktop\avz4.zip
2015-12-31 09:53 - 2015-12-31 09:53 - 00000000 ____D C:\Users\BR\AppData\Local\{10CF9506-F72C-4A06-A3DA-4845B6C97BB7}
2015-12-31 06:24 - 2015-12-31 06:24 - 05643545 ____R (Swearware) C:\Users\BR\Desktop\ComboFix.exe
2015-12-31 06:24 - 2015-12-31 06:24 - 00000000 ____D C:\32788R22FWJFW
2015-12-31 06:21 - 2015-12-31 06:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F14EB260-F01A-409E-B16B-A0BE31C831E7}
2015-12-30 12:18 - 2015-12-30 12:19 - 00000000 ____D C:\Users\BR\AppData\Local\{5DDBEF6E-2924-472C-95F9-E505DD818272}
2015-12-30 11:39 - 2015-12-30 11:39 - 02370560 _____ (Farbar) C:\Users\BR\Desktop\FRST64 (1).exe
2015-12-30 11:35 - 2015-12-30 11:35 - 01599336 _____ (Malwarebytes) C:\Users\BR\Desktop\JRT.exe
2015-12-30 11:31 - 2015-12-30 11:31 - 02370560 _____ (Farbar) C:\Users\BR\Desktop\FRST64.exe
2015-12-30 11:13 - 2015-12-30 11:18 - 00004181 _____ C:\Users\BR\Downloads\Fixlog.txt
2015-12-30 11:12 - 2015-12-30 11:12 - 00001139 _____ C:\Users\BR\Downloads\fixlist (2).txt
2015-12-30 03:06 - 2015-12-30 03:06 - 00000000 ____D C:\_589114_
2015-12-29 16:54 - 2015-12-29 16:54 - 00001139 _____ C:\Users\BR\Downloads\fixlist (1).txt
2015-12-29 11:05 - 2015-12-29 11:05 - 00000205 _____ C:\Users\BR\Downloads\Search.txt
2015-12-29 11:02 - 2015-12-29 11:02 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (4).exe
2015-12-29 10:46 - 2015-12-29 10:46 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (3).exe
2015-12-29 10:46 - 2015-12-29 10:46 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (2).exe
2015-12-29 08:00 - 2015-12-29 08:02 - 00066890 _____ C:\Users\BR\Downloads\Addition.txt
2015-12-29 07:58 - 2015-12-29 08:02 - 00069567 _____ C:\Users\BR\Downloads\FRST.txt
2015-12-29 07:58 - 2015-12-29 07:58 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (1).exe
2015-12-29 07:46 - 2016-01-01 12:08 - 00000000 ____D C:\FRST
2015-12-29 07:46 - 2015-12-29 07:46 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64.exe
2015-12-29 07:42 - 2015-12-29 07:42 - 00000000 ____D C:\Users\BR\AppData\Local\{036388DF-B448-4985-85BA-187DCCC10FAE}
2015-12-28 15:47 - 2015-12-28 15:47 - 00002563 _____ C:\Users\BR\AppData\Local\recently-used.xbel
2015-12-28 15:47 - 2015-12-28 15:47 - 00000000 ____D C:\Users\BR\AppData\Local\{299021E1-649E-4A8E-AD2E-3076FA51C664}
2015-12-28 15:21 - 2015-12-28 15:21 - 00000000 ____D C:\Users\Public\CyberLink
2015-12-28 02:37 - 2015-12-28 02:37 - 00000000 ____D C:\Users\BR\AppData\Local\{58D77E0F-BB45-4B4F-9584-91CF2F636547}
2015-12-27 23:04 - 2015-12-27 23:04 - 00000000 ____D C:\Users\BR\AppData\Local\{DEBEFDA7-783B-4625-9FD7-14D923AB27FB}
2015-12-27 14:21 - 2015-12-27 14:21 - 00000000 ____D C:\_193560_
2015-12-27 09:26 - 2015-12-27 09:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF492E9B-954A-4209-98E7-24564F3942EF}
2015-12-26 07:10 - 2015-12-26 07:10 - 00000000 ____D C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-12-26 07:09 - 2015-12-26 07:13 - 00000000 ____D C:\Users\BR\AppData\Roaming\WindSolutions
2015-12-26 07:09 - 2015-12-26 07:13 - 00000000 ____D C:\ProgramData\WindSolutions
2015-12-26 07:09 - 2015-12-26 07:09 - 06234272 _____ (WindSolutions) C:\Users\BR\Downloads\Install_CopyTransControlCenter (1).exe
2015-12-26 07:08 - 2015-12-26 07:09 - 06234272 _____ (WindSolutions) C:\Users\BR\Downloads\Install_CopyTransControlCenter.exe
2015-12-25 21:09 - 2015-12-25 21:09 - 00000000 ____D C:\Users\BR\AppData\Local\{ADBF5FBD-C56C-4795-823B-B30E3F2E23C7}
2015-12-25 11:52 - 2015-12-25 12:32 - 00000000 ____D C:\AdwCleaner
2015-12-25 11:51 - 2015-12-25 11:51 - 01743360 _____ C:\Users\BR\Downloads\adwcleaner_5.026.exe
2015-12-25 11:38 - 2015-12-25 11:38 - 00034258 _____ C:\Windows\system32\.crusader
2015-12-25 11:11 - 2015-12-25 11:56 - 00000000 ____D C:\Program Files\HitmanPro
2015-12-25 11:09 - 2015-12-25 11:40 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-25 11:09 - 2015-12-25 11:10 - 11337112 _____ (SurfRight B.V.) C:\Users\BR\Downloads\HitmanPro_x64 (1).exe
2015-12-25 11:08 - 2015-12-25 11:09 - 11323704 _____ (SurfRight B.V.) C:\Users\BR\Downloads\HitmanPro_x64.exe
2015-12-25 11:00 - 2015-12-25 11:00 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\BR\Downloads\iExplore (2).exe
2015-12-25 10:59 - 2015-12-25 10:59 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\BR\Downloads\iExplore (1).exe
2015-12-25 10:58 - 2015-12-25 10:58 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\BR\Downloads\iExplore.exe
2015-12-25 10:55 - 2015-12-25 10:58 - 00240744 _____ C:\TDSSKiller.3.1.0.9_25.12.2015_10.55.03_log.txt
2015-12-25 10:54 - 2015-12-25 10:54 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller.exe
2015-12-25 10:54 - 2015-12-25 10:54 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller (2).exe
2015-12-25 10:54 - 2015-12-25 10:54 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller (1).exe
2015-12-25 09:17 - 2015-12-25 09:17 - 00000000 ____D C:\_959793_
2015-12-24 22:14 - 2015-12-24 22:14 - 00000000 ____D C:\Users\BR\AppData\Local\{E41F5F8B-272A-40F6-9138-D4F504D7166D}
2015-12-24 20:07 - 2015-12-24 20:07 - 00000000 ____D C:\Users\BR\AppData\Local\{722101BB-3843-44A4-8A06-8B87569EB1E4}
2015-12-24 15:15 - 2015-12-25 19:10 - 00000000 ____D C:\Program Files (x86)\TaobaoProtect
2015-12-24 02:03 - 2015-12-24 02:03 - 00000000 ____D C:\Users\BR\AppData\Local\{8414D312-047F-47EE-856E-A3F3BCB15293}
2015-12-23 17:08 - 2015-12-23 17:08 - 00000000 ____D C:\_438108_
2015-12-23 09:29 - 2015-12-23 09:30 - 00000000 ____D C:\Users\BR\AppData\Local\{FF891592-3DB8-4CB7-8A85-9D683B8A1C94}
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_686760_
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_668944_
2015-12-22 15:00 - 2015-12-22 15:00 - 00000000 ____D C:\Users\BR\AppData\Local\{24753264-BEC7-4003-B927-F350040A6E91}
2015-12-22 01:43 - 2015-12-22 01:43 - 00000000 ____D C:\Users\BR\AppData\Local\{7C37C019-85A4-448D-A586-AC5ABD762AA9}
2015-12-21 07:21 - 2015-12-21 07:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F07FFADB-940F-4113-8352-5F39E802755C}
2015-12-20 07:52 - 2015-12-20 07:52 - 00000000 ____D C:\Users\BR\AppData\Local\{616552FB-1478-48A0-986A-7990DABC54A4}
2015-12-19 16:24 - 2015-12-19 16:25 - 08107995 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015121613252443.rar
2015-12-19 16:12 - 2015-12-19 16:12 - 00000000 ____D C:\Users\BR\AppData\Local\{13ECE924-563E-44F2-8937-2FF512C7C66E}
2015-12-19 05:53 - 2015-12-19 05:53 - 00000000 ____D C:\Users\BR\AppData\Local\{38BC2977-FC58-4EFC-9397-EA1FFE1D4A9F}
2015-12-18 21:49 - 2015-12-18 21:49 - 00000000 ____D C:\Users\BR\AppData\Local\{1802FFCE-569A-45A8-8221-1BC4AB692500}
2015-12-18 06:22 - 2015-12-18 06:22 - 00000000 ____D C:\Users\BR\AppData\Local\{92C3F0F6-1BAF-4A3B-9FC2-D0B629648F96}
2015-12-17 07:25 - 2015-12-17 07:26 - 00000000 ____D C:\Users\BR\AppData\Local\{8CF4EA93-2D2D-4EB6-96A1-9B9C742C67FB}
2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\MSI4e876.tmp
2015-12-16 08:50 - 2015-12-16 08:51 - 00000000 ____D C:\Users\BR\AppData\Local\{1CAD8E48-08F0-4619-BD4E-5489B2BD0DD5}
2015-12-15 18:36 - 2015-12-15 18:36 - 00000000 ____D C:\Users\BR\AppData\Local\{A811EA30-8249-4DF1-9000-FFEC6435B7D6}
2015-12-15 05:47 - 2015-12-15 05:47 - 00000000 ____D C:\Users\BR\AppData\Local\{DB07A58C-E54D-4F30-9020-1E6726BBD6E4}
2015-12-15 03:52 - 2015-12-15 03:52 - 00000000 ____D C:\_202433_
2015-12-14 08:46 - 2015-12-14 08:46 - 00000000 ____D C:\Users\BR\AppData\Local\{997223D9-F9B9-4D46-8F7A-21CB853E5B76}
2015-12-13 18:54 - 2015-12-13 18:54 - 00000000 ____D C:\Users\BR\AppData\Local\{A696FC79-93BB-42CB-B9D0-4B32959C2BB0}
2015-12-12 22:27 - 2015-12-12 22:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF42F38A-5DAA-406D-8AE3-8A28CDD1B258}
2015-12-12 09:16 - 2015-12-12 09:16 - 00000000 ____D C:\Users\BR\AppData\Local\{E02A1284-03D5-40D5-A285-7CB11D2E1918}
2015-12-11 20:51 - 2015-12-11 20:51 - 03514636 _____ C:\Users\BR\Downloads\EE20151008011-CNC machine.pdf
2015-12-11 20:51 - 2015-12-11 20:51 - 03514636 _____ C:\Users\BR\Downloads\EE20151008011-CNC machine (1).pdf
2015-12-11 20:50 - 2015-12-11 20:51 - 00000000 ____D C:\Users\BR\AppData\Local\{429F7793-9B28-4B16-A490-05CFF5792621}
2015-12-11 06:40 - 2015-12-11 06:40 - 00000000 ____D C:\Users\BR\AppData\Local\{85A360A4-18AA-4383-890A-E82CB17D9F66}
2015-12-10 08:29 - 2009-12-24 15:44 - 06285911 _____ (Ruizhitianhong ) C:\Users\BR\Downloads\0501(English).exe
2015-12-10 08:20 - 2015-12-10 08:20 - 00003369 _____ C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Program Updates.lnk
2015-12-10 08:20 - 2015-12-10 08:20 - 00000000 ____D C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruizhitianhong
2015-12-10 08:20 - 2015-12-10 08:20 - 00000000 ____D C:\Program Files (x86)\Ruizhitianhong
2015-12-10 08:18 - 2015-12-10 08:18 - 00000000 ____D C:\MSI6fb2f.tmp
2015-12-10 08:17 - 2015-12-10 08:18 - 05765714 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2010714163010734.rar
2015-12-10 08:16 - 2015-06-04 14:57 - 00000000 ____D C:\Users\BR\Downloads\A55S
2015-12-10 08:16 - 2014-08-25 17:21 - 01612005 _____ C:\Users\BR\Downloads\A55说明书.pdf
2015-12-10 08:16 - 2014-08-25 17:21 - 00082656 _____ C:\Users\BR\Downloads\A55接线图.dwg
2015-12-10 08:16 - 2014-08-25 17:21 - 00042796 _____ C:\Users\BR\Downloads\A55接线图.pdf
2015-12-10 08:16 - 2014-03-11 09:47 - 06684216 _____ C:\Users\BR\Downloads\P1_2467(气缸多刀头[5寸彩屏][USB1]).pkg
2015-12-10 08:15 - 2015-12-10 08:16 - 08052729 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015641523210.rar
2015-12-10 08:02 - 2015-12-10 08:03 - 09242259 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c201564152342835.rar
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\Users\BR\AppData\Local\{05452CF0-1A0C-4A18-BD99-BB6F66E384C9}
2015-12-10 06:30 - 2015-12-10 06:30 - 00000000 ____D C:\Users\BR\AppData\Local\{8B5960BF-E7E6-4ED9-B841-3F8F18390F7F}
2015-12-10 05:44 - 2015-12-10 05:44 - 00000000 ____D C:\Users\BR\AppData\Local\{F9EBF3C3-9C29-421D-BEF0-CCEA331C7C82}
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_086883_
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_068569_
2015-12-09 16:30 - 2015-12-09 16:30 - 00000000 ____D C:\Users\BR\AppData\Local\{981BBA3C-5913-4C25-8913-D83454C4F1E4}
2015-12-09 03:22 - 2015-12-09 03:22 - 00000000 ____D C:\MSIef277.tmp
2015-12-09 03:21 - 2015-12-09 03:21 - 00000000 ____D C:\MSIef260.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\MSIef250.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\_981808_
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef23c.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef232.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef21c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa7c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa64.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\_058984_
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\MSIefa4d.tmp
2015-12-09 03:00 - 2015-12-09 03:00 - 00000000 ____D C:\MSIefa36.tmp
2015-12-09 02:55 - 2015-12-09 02:55 - 00000000 ____D C:\_569156_
2015-12-08 21:53 - 2015-12-08 21:53 - 00000000 ____D C:\Users\BR\AppData\Local\{4D0A455B-8325-4F07-AF20-3AC961F8AB17}
2015-12-08 16:12 - 2015-11-20 10:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 16:12 - 2015-11-20 10:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 16:12 - 2015-11-20 10:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 16:12 - 2015-11-05 11:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 16:12 - 2015-11-05 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 16:12 - 2015-11-03 11:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 16:12 - 2015-11-03 10:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 16:11 - 2015-11-20 10:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 16:11 - 2015-11-20 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 16:11 - 2015-11-20 10:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 16:11 - 2015-11-20 10:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 16:11 - 2015-11-20 10:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 16:11 - 2015-11-20 10:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 16:11 - 2015-11-11 13:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 16:11 - 2015-11-11 12:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 16:11 - 2015-11-11 10:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 16:11 - 2015-11-11 10:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 16:11 - 2015-11-11 10:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 16:11 - 2015-11-11 10:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 16:11 - 2015-11-11 08:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 16:11 - 2015-11-11 08:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 16:11 - 2015-11-11 07:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 16:11 - 2015-11-11 07:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 16:11 - 2015-11-11 07:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 16:11 - 2015-11-11 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 16:11 - 2015-11-11 06:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 16:11 - 2015-11-10 10:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 16:11 - 2015-11-10 10:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 16:11 - 2015-11-10 10:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 16:11 - 2015-11-10 10:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 16:11 - 2015-11-10 10:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 16:11 - 2015-11-10 09:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 16:11 - 2015-11-09 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 16:11 - 2015-11-09 16:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 16:11 - 2015-11-09 16:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 16:11 - 2015-11-09 16:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 16:11 - 2015-11-09 16:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 16:11 - 2015-11-09 16:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 16:11 - 2015-11-09 16:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 16:11 - 2015-11-09 16:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 16:11 - 2015-11-09 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 16:11 - 2015-11-09 16:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 16:11 - 2015-11-09 16:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 16:11 - 2015-11-09 16:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 16:11 - 2015-11-09 16:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 16:11 - 2015-11-09 15:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 16:11 - 2015-11-09 15:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 16:11 - 2015-11-09 15:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 16:11 - 2015-11-09 15:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 16:11 - 2015-11-09 15:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 16:11 - 2015-11-09 15:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 16:11 - 2015-11-09 15:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 16:11 - 2015-11-09 15:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 16:11 - 2015-11-09 15:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 16:11 - 2015-11-09 15:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 16:11 - 2015-11-09 15:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 16:11 - 2015-11-08 14:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 16:11 - 2015-11-08 14:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 16:11 - 2015-11-08 14:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 16:11 - 2015-11-08 14:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 16:11 - 2015-11-08 14:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 16:11 - 2015-11-08 14:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 16:11 - 2015-11-08 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 16:11 - 2015-11-08 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 16:11 - 2015-11-08 14:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 16:11 - 2015-11-08 14:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 16:11 - 2015-11-08 14:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 16:11 - 2015-11-08 14:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 16:11 - 2015-11-08 14:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 16:11 - 2015-11-08 14:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 16:11 - 2015-11-08 14:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 16:11 - 2015-11-08 14:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 16:11 - 2015-11-08 13:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 16:11 - 2015-11-08 13:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 16:11 - 2015-11-08 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 16:11 - 2015-11-08 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 16:11 - 2015-11-08 13:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 16:11 - 2015-11-08 13:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 16:11 - 2015-11-08 13:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 16:11 - 2015-11-08 13:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 16:11 - 2015-11-08 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 16:11 - 2015-11-08 13:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 16:11 - 2015-11-08 13:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 16:11 - 2015-11-08 13:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 16:11 - 2015-11-08 12:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 16:11 - 2015-11-08 12:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 16:11 - 2015-11-08 12:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 16:11 - 2015-11-05 11:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 16:11 - 2015-11-05 11:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 16:11 - 2015-11-05 01:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 16:11 - 2015-10-08 15:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-08 16:11 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-08 16:11 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-08 16:11 - 2015-10-08 15:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-08 16:11 - 2015-10-08 11:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-08 16:11 - 2015-10-08 10:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-08 16:10 - 2015-11-03 11:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 16:10 - 2015-11-03 10:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 06:47 - 2015-12-08 06:47 - 00000000 ____D C:\Users\BR\AppData\Local\{BA213AC6-1ECF-4913-8CB9-C63F2121DACC}
2015-12-07 10:51 - 2015-12-07 10:51 - 00000000 ____D C:\Users\BR\AppData\Roaming\Sun
2015-12-07 10:51 - 2015-12-07 10:51 - 00000000 ____D C:\Users\BR\.oracle_jre_usage
2015-12-07 10:51 - 2015-12-07 10:51 - 00000000 ____D C:\MSI260f.tmp
2015-12-07 10:50 - 2015-12-07 10:50 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-07 10:50 - 2015-12-07 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-07 10:50 - 2015-12-07 10:50 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-07 10:50 - 2015-12-07 10:50 - 00000000 ____D C:\MSI2609.tmp
2015-12-07 10:49 - 2015-12-07 10:49 - 00584288 _____ (Oracle Corporation) C:\Users\BR\Downloads\chromeinstall-8u66.exe
2015-12-07 10:49 - 2015-12-07 10:49 - 00000000 ____D C:\Users\BR\AppData\LocalLow\Oracle
2015-12-07 09:35 - 2015-12-07 09:35 - 00000000 ____D C:\Users\BR\AppData\Local\{0AB1C510-D294-4C54-BF11-1DD088AE5765}
2015-12-07 09:21 - 2015-12-07 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-12-07 09:20 - 2015-12-07 09:20 - 00000000 ____D C:\MSI5f121.tmp
2015-12-07 09:17 - 2015-12-07 09:17 - 00000000 ____D C:\MSI5ef8e.tmp
2015-12-07 09:16 - 2015-12-07 09:16 - 00001715 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-07 09:16 - 2015-12-07 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-07 09:15 - 2015-12-07 09:16 - 00000000 ____D C:\Program Files\iTunes
2015-12-07 09:15 - 2015-12-07 09:15 - 00000000 ____D C:\Program Files\iPod
2015-12-07 09:13 - 2015-12-07 09:13 - 00000000 ____D C:\MSI5dfea.tmp
2015-12-07 09:11 - 2015-12-07 09:11 - 00000000 ____D C:\MSI5dfe6.tmp
2015-12-07 09:11 - 2015-12-07 09:11 - 00000000 ____D C:\MSI5dfcb.tmp
2015-12-07 09:10 - 2015-12-07 09:10 - 00000000 ____D C:\MSI5dfb3.tmp
2015-12-07 09:10 - 2015-12-07 09:10 - 00000000 ____D C:\MSI5df64.tmp
2015-12-07 09:09 - 2015-12-07 09:09 - 00000000 ____D C:\MSI5ded2.tmp
2015-12-07 09:09 - 2015-12-07 09:09 - 00000000 ____D C:\MSI5deae.tmp
2015-12-07 09:08 - 2015-12-07 09:08 - 00000000 ____D C:\MSI5de43.tmp
2015-12-06 20:52 - 2015-12-06 20:52 - 00000000 ____D C:\Users\BR\AppData\Local\{E68EBFA1-08C7-40C4-BD0E-584F9CFFACFE}
2015-12-06 06:04 - 2015-12-06 06:05 - 00000000 ____D C:\Users\BR\AppData\Local\{81C29482-25ED-4C8C-A705-AC7B67C1D3C2}
2015-12-05 09:36 - 2015-12-05 09:36 - 00000000 ____D C:\Users\BR\AppData\Local\{3357B4EC-C35B-46A6-8C53-39C30CA6E265}
2015-12-05 05:10 - 2013-08-21 10:21 - 00000391 _____ C:\Users\BR\Downloads\readme.txt
2015-12-05 05:10 - 2013-08-21 10:19 - 00001194 _____ C:\Users\BR\Downloads\DonekInch.con
2015-12-05 05:10 - 2013-08-21 10:19 - 00001190 _____ C:\Users\BR\Downloads\DonekMM.con
2015-12-05 05:09 - 2015-12-05 05:09 - 00001746 _____ C:\Users\BR\Downloads\artcam.zip
2015-12-05 04:56 - 2015-12-05 04:57 - 00000000 ____D C:\Users\BR\AppData\Local\{058E250A-D549-4417-AFB0-4E3CFF6CE54D}
2015-12-05 00:08 - 2015-12-05 00:08 - 00000000 ____D C:\Users\BR\AppData\Local\{60016A71-765C-44C5-938D-92999C3D59C2}
2015-12-04 18:15 - 2015-12-04 18:15 - 00000000 ____D C:\Users\BR\AppData\Local\{C50E7D9F-8A5D-4DF8-8FC7-4072BA3714D7}
2015-12-04 03:42 - 2015-12-04 03:42 - 00000000 ____D C:\Users\BR\AppData\Local\{491C29EA-B0E9-4541-85B5-E5126776B699}
2015-12-03 07:40 - 2015-12-03 07:40 - 00000000 ____D C:\Users\BR\AppData\Local\{8844AA95-EB19-429F-A73F-A3941915807C}
2015-12-02 08:18 - 2015-12-02 08:19 - 00000000 ____D C:\Users\BR\AppData\Local\{DD7F81D0-3EC8-4B4D-B003-462A71CFBB4A}
2015-12-02 01:02 - 2015-12-02 01:02 - 00000000 ____D C:\MSI9bd18.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-01 12:09 - 2012-04-18 07:43 - 00000000 ____D C:\Users\BR\AppData\Roaming\Skype
2016-01-01 12:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2016-01-01 12:04 - 2012-03-13 05:15 - 00001267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-01 12:04 - 2012-03-13 05:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-01-01 12:03 - 2012-03-13 05:15 - 00001336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-01 12:03 - 2012-03-13 05:14 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-01 12:02 - 2014-05-02 18:02 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-01 12:02 - 2012-03-13 05:15 - 00001420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-01 12:01 - 2015-07-15 05:08 - 00000000 ____D C:\Users\BR\AppData\Roaming\TaobaoProtect
2016-01-01 11:54 - 2009-07-13 20:45 - 00015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-01 11:54 - 2009-07-13 20:45 - 00015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-01 11:39 - 2012-04-13 07:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-01 02:00 - 2012-04-01 19:31 - 00000000 ____D C:\Users\BR\AppData\Local\Adobe
2016-01-01 01:02 - 2014-05-02 18:02 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 17:32 - 2015-08-18 11:07 - 00000000 ____D C:\Users\BR\AppData\Local\aef
2015-12-31 17:31 - 2009-07-13 21:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-31 17:31 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-31 17:29 - 2015-11-04 08:56 - 00000000 ____D C:\Users\Public\Documents\dumps
2015-12-31 17:29 - 2014-05-13 18:36 - 00000000 ____D C:\Program Files (x86)\TradeManager
2015-12-31 17:27 - 2015-05-10 08:12 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-31 17:27 - 2015-04-22 02:27 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-12-31 17:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\tracing
2015-12-31 17:24 - 2015-10-08 11:40 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-12-31 17:24 - 2012-04-01 10:22 - 00147248 _____ C:\Users\BR\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-31 17:23 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 17:23 - 2009-07-13 20:45 - 00594160 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-31 17:18 - 2009-07-13 18:34 - 00000651 _____ C:\Windows\win.ini
2015-12-31 15:47 - 2014-01-25 06:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-12-31 15:47 - 2014-01-25 06:25 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-12-31 09:55 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-30 12:09 - 2009-07-13 18:34 - 00001235 _____ C:\Windows\system32\Drivers\etc\hosts_bak_949
2015-12-30 11:13 - 2012-08-19 16:35 - 00000000 ____D C:\Users\BR\AppData\LocalLow\Temp
2015-12-30 10:49 - 2015-09-28 06:56 - 00000000 ____D C:\Users\BR\AppData\Local\Citrix
2015-12-30 10:49 - 2015-01-04 09:14 - 00000000 ____D C:\ProgramData\Foolish IT
2015-12-30 10:41 - 2015-05-03 13:07 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-12-30 10:41 - 2013-08-06 16:23 - 00000258 __RSH C:\Users\BR\ntuser.pol
2015-12-30 10:41 - 2012-04-01 10:22 - 00000000 ____D C:\Users\BR
2015-12-28 15:47 - 2015-03-18 05:51 - 00000000 ____D C:\Users\BR\Desktop\all pinups
2015-12-28 15:47 - 2014-09-07 16:32 - 00000000 ____D C:\Users\BR\AppData\Local\gtk-2.0
2015-12-28 15:47 - 2014-09-07 16:27 - 00000000 ____D C:\Users\BR\.gimp-2.8
2015-12-26 03:00 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-26 03:00 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-25 08:52 - 2015-08-01 09:24 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-25 08:43 - 2015-03-19 11:49 - 00000000 ____D C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
2015-12-25 08:43 - 2015-03-18 06:21 - 00000000 ____D C:\Program Files (x86)\Unchecky
2015-12-25 08:43 - 2012-05-05 16:39 - 00000000 ____D C:\Users\BR\AppData\Local\Google
2015-12-25 08:43 - 2012-03-13 12:25 - 00000000 ____D C:\Users\LogMeInRemoteUser
2015-12-25 08:43 - 2012-03-13 05:09 - 00000000 ____D C:\Users\BRIAN
2015-12-25 08:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-12-22 15:04 - 2015-11-07 08:52 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-22 11:26 - 2014-11-15 16:10 - 00000000 ____D C:\Users\BR\AppData\Roaming\Apple Computer
2015-12-22 09:37 - 2015-11-07 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-22 09:37 - 2012-04-01 09:07 - 00000000 ____D C:\Users\bcom
2015-12-16 16:55 - 2015-11-15 08:58 - 00000000 ____D C:\ProgramData\SSDir
2015-12-13 01:00 - 2012-04-01 16:16 - 00000000 ____D C:\Users\BR\AppData\Local\ElevatedDiagnostics
2015-12-11 20:30 - 2014-11-20 08:35 - 00000000 ____D C:\Users\BR\AppData\Local\Apple Inc
2015-12-11 11:14 - 2012-03-13 04:34 - 00000000 ____D C:\Users\BR\Documents\TUMBLEWEED INVOICES
2015-12-10 08:20 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2015-12-09 04:18 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 03:38 - 2012-05-12 02:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 03:38 - 2012-05-12 02:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 03:22 - 2012-03-13 15:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 03:20 - 2012-05-12 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 03:15 - 2013-08-16 11:47 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 03:03 - 2012-03-14 08:27 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 19:39 - 2012-03-13 04:24 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-07 10:50 - 2014-01-18 13:56 - 00000000 ____D C:\ProgramData\Oracle
2015-12-07 09:15 - 2015-09-27 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-07 09:15 - 2014-11-15 16:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-06 14:53 - 2013-08-07 07:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-02 00:57 - 2014-05-02 18:02 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 00:57 - 2014-05-02 18:02 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2014-09-09 15:27 - 2014-09-09 15:30 - 0000000 _____ () C:\Users\BR\AppData\Roaming\bibstats
2014-10-27 08:16 - 2014-11-13 19:01 - 0000308 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.Exception.log
2014-10-27 08:09 - 2014-11-28 09:44 - 0004042 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-10-27 08:16 - 2014-11-13 19:01 - 0000308 _____ () C:\Users\BR\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-11-11 10:57 - 2014-11-11 10:57 - 0000044 _____ () C:\Users\BR\AppData\Roaming\WB.CFG
2014-10-27 09:02 - 2014-10-27 09:02 - 0009728 _____ () C:\Users\BR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-28 15:47 - 2015-12-28 15:47 - 0002563 _____ () C:\Users\BR\AppData\Local\recently-used.xbel
2015-09-26 12:43 - 2015-09-26 12:43 - 0000017 _____ () C:\Users\BR\AppData\Local\resmon.resmoncfg
2012-06-07 20:09 - 2012-06-07 20:09 - 0000000 _____ () C:\Users\BR\AppData\Local\Temptable.xml
2012-09-23 13:15 - 2012-09-23 13:15 - 0137289 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
2012-09-23 13:15 - 2012-09-23 13:15 - 0132486 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
2012-09-23 13:15 - 2012-09-23 13:15 - 0132533 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
2012-09-23 13:15 - 2012-09-23 13:15 - 0003890 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 0121078 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.0
2012-10-03 17:21 - 2012-10-03 17:21 - 0044248 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
2012-10-03 17:18 - 2012-10-03 17:18 - 0112551 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.0
2012-10-03 17:18 - 2012-10-03 17:18 - 0040181 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 0115714 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.0
2012-10-03 17:21 - 2012-10-03 17:21 - 0038427 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 0134269 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.0
2012-10-03 17:22 - 2012-10-03 17:22 - 0049466 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 0135858 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.0
2012-10-03 17:22 - 2012-10-03 17:22 - 0050685 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.1
2012-10-03 17:22 - 2012-10-03 17:22 - 0050520 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
2012-10-03 17:23 - 2012-10-03 17:23 - 0136857 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.0
2012-10-03 17:23 - 2012-10-03 17:23 - 0049261 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.1
2012-10-03 17:23 - 2012-10-03 17:23 - 0049486 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
2012-08-22 15:05 - 2012-08-22 15:05 - 0006400 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
2012-08-22 15:05 - 2012-08-22 15:05 - 0001969 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
2014-09-04 10:40 - 2014-09-04 10:40 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-03-13 06:52 - 2014-07-22 14:04 - 0003834 _____ () C:\ProgramData\hpzinstall.log
2012-03-13 17:47 - 2012-12-22 17:06 - 0000173 _____ () C:\ProgramData\LockFilePath.ini
2012-12-02 12:08 - 2012-12-02 12:08 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-30 12:49

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
Ran by BR (2016-01-01 12:10:51)
Running from C:\Users\BR\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-13 13:09:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-998330651-303224156-1059126384-500 - Administrator - Disabled)
bcom (S-1-5-21-998330651-303224156-1059126384-1003 - Administrator - Enabled) => C:\Users\bcom
BR (S-1-5-21-998330651-303224156-1059126384-1004 - Administrator - Enabled) => C:\Users\BR
BRIAN (S-1-5-21-998330651-303224156-1059126384-1000 - Administrator - Enabled) => C:\Users\BRIAN
Guest (S-1-5-21-998330651-303224156-1059126384-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

0501(English) (HKLM-x32\...\{15330BA2-F4F1-4D1C-A0D8-A9C5F9056672}) (Version: 1.00.0000 - Ruizhitianhong)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
AliIM Plugins for Browser (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\AliIM Plugins for Browser) (Version: 1.0 - Alibaba(China) Co., Ltd)
AliSetup 0.1.0.52 (HKLM-x32\...\AliSetup) (Version: 0.1.0.52 - °¢Àï°Í°Í£¨Öйú£©ÓÐÏÞ¹«Ë¾)
Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArtCAM 2015 (64-bit) (HKLM-x32\...\ArtCAM 2015 (64-bit)) (Version: 2015 - Delcam Ltd)
ArtCAM 2015 R2 (64-bit) (HKLM-x32\...\ArtCAM 2015 R2 (64-bit)) (Version: 2015 R2 - Delcam Ltd)
ArtCAM 2015 R2 DL (64-bit) (HKLM-x32\...\ArtCAM 2015 R2 DL (64-bit)) (Version: 2015 R2 - Delcam Ltd)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.1.1.0 - Autodesk) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1B1BF50E-ACE8-4481-B362-89544FB1CD4B}) (Version: 1.0.357 - Citrix)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Corel Applications (HKLM-x32\...\Corel Applications) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam)
Delcam Exchange 2015 R4 (64-bit) (HKLM\...\Delcam Exchange 8.1.10) (Version: 8.1.10 - Delcam)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight 2015 SP2 x64 (HKLM\...\{1570DEC4-94DE-493E-8E34-BD382B813BAA}) (Version: 13.2.1065 - Dassault Systemes)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
eDrawings 2015 x64 (HKLM\...\{1849FD9A-F1F7-4D0C-BEE6-59C3337E5410}) (Version: 15.2.0033 - Dassault Systèmes SolidWorks Corp)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free DWG Viewer 7.3 (HKLM-x32\...\{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}) (Version: 7.3.0.174 - IGC)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
gsimple 2.05 (HKLM-x32\...\gsimple) (Version: 2.05 - S.Kontogiannis)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 5740 series Basic Device Software (HKLM\...\{7FAA9D15-FF0B-4593-8D4A-0B941FD1977A}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2226 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{308C7555-5D43-4D9A-BDC0-14B2948EF438}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.7.0 - Rosetta Stone Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scanything V1.0.8 (HKLM-x32\...\Scanything) (Version: 1.0.8 - Scanything)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SewArt (HKLM\...\{5E174DED-7BB1-4ABC-9EB9-97B8CAFE82E8}) (Version: 1.8.6 - S & S Computing)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SmoothDraw version 4.0.5 (HKLM-x32\...\SmoothDraw_is1) (Version: 4.0.5 - )
SMPIS (HKLM-x32\...\{999052D7-44A2-49F8-9851-A3D2D297EE03}) (Version: 29.00.000 - Merry Mechanization Inc.)
SolidWorks 2011 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20110-40200-1100-100) (Version: 19.2.0.49 - SolidWorks Corporation)
SolidWorks 2011 x64 Edition SP02 (Version: 19.120.49 - SolidWorks) Hidden
SolidWorks eDrawings 2011 SP02 (HKLM-x32\...\{67C6633B-5A12-4955-A5E4-98D703F9AFA3}) (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.)
SolidWorks eDrawings 2011 x64 Edition SP02 (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.) Hidden
SolidWorks Explorer 2011 SP02 (HKLM-x32\...\{5F590D74-AA75-410F-A778-3CDFCE12DCD4}) (Version: 19.20.49 - SolidWorks Corporation)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SQLAnywhere1000 (HKLM-x32\...\{349E9132-5101-4094-859E-0EEE6F3DDCD5}) (Version: 10.1.4157 - Merry Mechanization Inc)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TradeManager 2011 SP2 (HKLM-x32\...\TradeManager 2011 SP2) (Version:  - Alisoft)
TradeManager 2014 Beta1 (HKLM-x32\...\TradeManager) (Version:  - Alibaba (China) Network Technology Co., Ltd.)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trendnet USBKVM Switcher (HKLM-x32\...\Trendnet USBKVM Switcher_is1) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.8 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.7.3 - Tweaking.com)
Unchecky v0.4.2 (HKLM-x32\...\Unchecky) (Version: 0.4.2 - RaMMicHaeL)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{D0A3A97D-7918-4B0B-B91E-775E00C36122}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (x32 Version: 17.0.185.7427 - Wilcom) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{08D512D2-7D97-4E22-B7DB-82791106C086}\InprocServer32 -> C:\Users\BR\AppData\Roaming\alipay\cf\alicdo_x64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{4CEEAF57-0208-4CA4-A473-914C2D2FFC23}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll ()
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll ()
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B68D52-81A4-4E5D-A008-EBE7A5E1D7A8} - System32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {137B4BA2-DE24-4F80-BC1F-179956948A9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-26] (Adobe Systems Incorporated)
Task: {13C746E5-D9D4-410F-8374-C85DD78CB304} - System32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-28] (Skype Technologies S.A.)
Task: {19835642-4FB1-409E-B1C8-8C8DAB245E33} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {261C88CB-C0A6-449C-8B7E-520CB4278507} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {2761B74C-FF47-4ABC-B888-2B671AC244E5} - System32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7} => pcalua.exe -a E:\setup.exe -d E:\
Task: {2A07BD38-FBC3-414F-B3CC-3C4EBDE27B83} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {2A5E94B0-88B5-4A7C-AE52-03F3C01C221B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {379D608C-0688-4B10-B21D-50B5B2A22E4F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {3A971650-3B29-4284-8710-C3F626E29C5B} - System32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {4B06D158-F426-4D63-842D-A8D695E38F5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {4E972E24-4BA2-47D5-BEFD-94D785AA4E8C} - System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF} => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2015-09-11] (TechSmith Corporation)
Task: {58044AB4-8524-4227-9073-AAA8DF62A596} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6AB5DF9B-167C-4E53-B5F8-EC132C9AB8CD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {7016C1DA-8A0A-4266-A065-4ECEF51B751B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {76BFAC61-5025-4C95-9233-B223F5F3731E} - System32\Tasks\{8687F8BE-E36A-4EEF-AF42-1D43D36FA6D3} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {76ED6151-2ABF-4024-B54D-CD58CF67C42E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {80747828-AE28-4142-B594-2A8E87EF8F5F} - System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {83ABC68D-63B2-4F74-8BF4-D7192EC3CEEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {85F928BF-474B-410C-955F-9BC4A5E814AE} - System32\Tasks\{ECC6E21C-0E02-48C1-81A6-B7DF3E56C4A3} => pcalua.exe -a "C:\Program Files (x86)\MMI\MachineDriverInstaller.exe" -d C:\Users\BRIAN\Desktop -c C:\Users\BRIAN\Desktop\second-house.DXF
Task: {99DC5BAC-F1C3-4CDC-8CB1-F45B3B886E25} - System32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4} => pcalua.exe -a "E:\English\JDPaint55 1048\JDPaint.exe" -d "E:\English\JDPaint55 1048"
Task: {9A3CE333-775C-4F78-992D-AA2801A46B4E} - System32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99} => pcalua.exe -a L:\AutoCAD_2011_English_Win_64bit.exe -d L:\
Task: {9E7B5155-9C08-45C9-9779-27D04278AC5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {A478F95E-3FEA-4AA2-9564-F616630E60FB} - System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A} => pcalua.exe -a "C:\Users\BR\Documents\SolidWorks Downloads\SolidWorks 2011 SP02\swwi\data\setup.exe" -d "C:\Users\BR\Documents\SolidWorks Downloads\SolidWorks 2011 SP02\swwi\data"
Task: {B2F2642F-FDD6-42CB-B8D3-E88A1FA499AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {B8D12FC1-E648-45D7-848B-31825FFEEBFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {BC023B06-0D54-426A-B5F9-A28527102E43} - System32\Tasks\{349F7917-DF9C-433B-BD70-8DF9498AE672} => pcalua.exe -a C:\Windows\Installer\{4F113377-0BA1-4552-9ABB-9BF220FAF132}\i386_SldWorks.exe -d "C:\Program Files (x86)\Mozilla Firefox" -c C:\Users\BR\AppData\Local\Temp\car-trailer-tilt-deck.snapshot.1-1.zip
Task: {BEBB79F8-7713-4DBF-9FF9-0BA8E1E28A44} - System32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3} => pcalua.exe -a C:\Users\BR\Downloads\setup.exe -d C:\Users\BR\Downloads
Task: {C2F274BB-89DC-47A1-9631-13C61F5480A1} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {DA146781-94E4-4002-9603-F7F562CC1BD0} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {DD268EF9-0389-4933-BB76-5200E5670973} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FF68EC2C-3B0C-4266-A221-56BDB11B6623} - System32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF} => pcalua.exe -a C:\Users\BR\Downloads\Mach3Version3.043.066.exe -d C:\Users\BR\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-12-15 12:55 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-10 14:17 - 2010-09-09 09:05 - 00593920 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2009-10-22 18:50 - 2009-10-22 18:50 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-10-10 14:17 - 2007-07-17 15:26 - 00086016 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\kEYHOOK.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-11-23 16:20 - 2014-08-26 17:47 - 01491968 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-11-23 16:20 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-12-24 15:15 - 2015-12-24 15:15 - 00698152 _____ () C:\Users\BR\AppData\Roaming\TaobaoProtect\AliBench\AlibenchDLL.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\.DEFAULT\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\.DEFAULT\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\.DEFAULT\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\.DEFAULT\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\.DEFAULT\...\taobao.com -> hxxp://taobao.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\taobao.com -> hxxp://taobao.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2015-12-31 17:26 - 00002055 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-998330651-303224156-1059126384-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.59.144.16 - 64.59.150.132
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3E24F055-A793-4BC3-9A16-D0FE6B3C463E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{844CC82B-F7C5-4BB4-8ABE-D06B094CC431}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1C7FFD34-8C45-436D-AD53-C44D6F7792E0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{39A1014D-B4E5-4D68-B513-DF866CF1346A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A322132D-798A-4408-BAC5-F78362086A27}C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{3823B4EF-6015-4882-BDB0-D08670DC6591}C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{F9766DB5-ECC7-4B39-911A-D2C992E303B2}C:\program files\corel\coreldraw graphics suite x7\programs64\corelpp.exe] => (Block) C:\program files\corel\coreldraw graphics suite x7\programs64\corelpp.exe
FirewallRules: [TCP Query User{B66924A1-2898-4D5F-922E-3F2B541EB8D5}C:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe
FirewallRules: [{003199E7-F3D4-4855-A99E-9881CCBECFB0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3293F6F-47E2-440E-BBAC-F5748EA0FE3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23E27FB3-17FA-439E-8FE2-06C493D4ADD8}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7C8C\HPDiagnosticCoreUI.exe
FirewallRules: [{E65320DB-6128-418D-A2BD-DC17A52A89CB}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7C8C\HPDiagnosticCoreUI.exe
FirewallRules: [{D3BBE9C6-0BE9-4FB5-A8CA-0BDA4BB1591F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7CE1\HPDiagnosticCoreUI.exe
FirewallRules: [{80A410DE-8A53-407E-A8CE-B9ED8FE8020C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7CE1\HPDiagnosticCoreUI.exe
FirewallRules: [{E6F293E2-6915-4AC6-9F28-4A36790A0284}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS009B\HPDiagnosticCoreUI.exe
FirewallRules: [{990BBD40-2528-4C32-87D3-D1F20994748D}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS009B\HPDiagnosticCoreUI.exe
FirewallRules: [{4BACD219-02D1-4C0F-BCF2-6F813730AEAD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0512\HPDiagnosticCoreUI.exe
FirewallRules: [{A39B8EFF-3CD5-49AF-B3E2-DBAA73C3543A}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0512\HPDiagnosticCoreUI.exe
FirewallRules: [{B0C07EC0-6F56-47E9-99F9-690BD44506D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5EC189C1-B421-42A1-840E-D964A86FA79B}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS322E\HPDiagnosticCoreUI.exe
FirewallRules: [{988ED1AC-5F8F-4948-B373-64EEEB75182F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS322E\HPDiagnosticCoreUI.exe
FirewallRules: [{A3A0DA32-4233-4E8F-81C5-DBBDA5F47912}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3287\HPDiagnosticCoreUI.exe
FirewallRules: [{10561FF4-6315-422E-A1AF-B4E80BFFC0D1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3287\HPDiagnosticCoreUI.exe
FirewallRules: [{2A0D9AE8-1BE3-4830-94E5-291F01FA58BB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{DBBCB9FE-15EB-442E-B802-A877D5D08D6E}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{ADD81609-0193-41F8-B9B3-344F35919B02}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{7EE9638F-0AF8-4235-B00C-882E8427918D}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{BC2ABEDF-319A-4B7C-9FB1-949AFDB6C3DB}] => (Allow) LPort=5357
FirewallRules: [{F9062624-2CB2-4849-9868-6CA039DF9CCE}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0CD2D92C-20DC-4B6F-85F7-C52F9AD05039}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS46C2\HPDiagnosticCoreUI.exe
FirewallRules: [{B759FA54-FE23-4BB7-A0D4-415EF5B075F4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS46C2\HPDiagnosticCoreUI.exe
FirewallRules: [{59E0119D-F5E9-4DE4-97A7-55391074CB71}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09A5\HPDiagnosticCoreUI.exe
FirewallRules: [{85361578-1DAE-48E5-917A-B3832C3A2D3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09A5\HPDiagnosticCoreUI.exe
FirewallRules: [{1197CDED-FA4A-49AB-8E6A-3F9C46EA6F44}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1EC3\HPDiagnosticCoreUI.exe
FirewallRules: [{38BF8B07-58FE-4F12-BCDD-0A3324BAE0A8}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1EC3\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{51604C14-85A4-4FBF-9B99-2ECDB3BE1D75}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe
FirewallRules: [UDP Query User{5F823EF2-C276-4EAD-9CF2-698CBAFE7BEA}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe
FirewallRules: [{5EDEBE08-673A-43E2-AD9D-53C22F761C16}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7B95\hppiw.exe
FirewallRules: [{2A1EA390-5879-48BA-B5B3-5C87C97EE946}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7B95\hppiw.exe
FirewallRules: [{13DC79E0-9AF1-4BB4-90B5-397DC5CE191E}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7D6E\hppiw.exe
FirewallRules: [{B09296D2-74C0-46EA-A93A-B866A5ED24DF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7D6E\hppiw.exe
FirewallRules: [{44969DF3-EC0B-498A-A914-77ABF3B3F6B0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7F1A\HPDiagnosticCoreUI.exe
FirewallRules: [{E1E55C7B-31A5-4B79-A713-368C25B95CDB}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7F1A\HPDiagnosticCoreUI.exe
FirewallRules: [{66DA3659-152C-46F6-ADCD-23BA5B73D7BE}] => (Allow) C:\Users\BR\AppData\Local\Temp\nshB06D.tmp\Installer-10687648.exe
FirewallRules: [{A8B5C510-89A2-46D8-9A13-233BCE4A1D98}] => (Allow) C:\Users\BR\AppData\Local\Temp\nshB06D.tmp\Installer-10687648.exe
FirewallRules: [{C44A8C61-4676-474E-9E8D-2967DD81CE2D}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4934\HPDiagnosticCoreUI.exe
FirewallRules: [{189424F1-668B-4464-A4E7-F25E9C25300C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4934\HPDiagnosticCoreUI.exe
FirewallRules: [{E41ED782-97A7-45A4-8771-7A466EFE4DC8}] => (Allow) C:\Users\BR\AppData\Local\Temp\nsqADA0.tmp\CnetInstaller-10199284.exe
FirewallRules: [{13449073-679D-40C3-AB0E-409472A4848E}] => (Allow) C:\Users\BR\AppData\Local\Temp\nsqADA0.tmp\CnetInstaller-10199284.exe
FirewallRules: [TCP Query User{67AAEE04-7D3E-4C60-8D06-7F7FEE2910C0}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{700AA15B-C295-4C09-858A-0D79637507B6}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{7185AA24-23D7-4423-A3B6-D0697FB671C6}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1F18\HPDiagnosticCoreUI.exe
FirewallRules: [{E4757F6C-E780-476C-8DB5-89AD346486F8}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1F18\HPDiagnosticCoreUI.exe
FirewallRules: [{4177EE37-4857-4F9E-AB77-18AD559CA840}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS736C\HPDiagnosticCoreUI.exe
FirewallRules: [{451B0525-55D7-4687-B06A-521D6C146343}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS736C\HPDiagnosticCoreUI.exe
FirewallRules: [{483A26BC-6D9D-4CE1-AF86-D04E6A6300CD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS588D\HPDiagnosticCoreUI.exe
FirewallRules: [{938823D9-7B2B-4AF2-A2EA-CC0703249777}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS588D\HPDiagnosticCoreUI.exe
FirewallRules: [{84D084C8-0DC8-4659-82EB-DA4511F8C27B}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{B27C61AC-00BB-47D8-B762-16568A4F90F6}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{6A424BB9-FE6C-47F6-A29B-8147C6DA51FD}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{1BF37708-5420-459A-AA16-30C5A756E847}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{B28BE0D6-A839-4BE5-B836-E2234AF2C0E4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3625\HPDiagnosticCoreUI.exe
FirewallRules: [{95B56342-D2F9-4B68-9609-14C9E7918B14}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3625\HPDiagnosticCoreUI.exe
FirewallRules: [{0111580A-F501-4908-8C28-DE91BA57ACC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0528\HPDiagnosticCoreUI.exe
FirewallRules: [{519E4658-2826-4A73-A232-C4FF114DB0B9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0528\HPDiagnosticCoreUI.exe
FirewallRules: [{AB3E64BF-233B-428D-B27E-572097323426}] => (Allow) C:\Program Files (x86)\TradeManager\AliIM.exe
FirewallRules: [{EB8C366E-610E-4827-947B-76EF90FED829}] => (Allow) C:\Program Files (x86)\TradeManager\AliIM.exe
FirewallRules: [{8501C27E-AC5F-445B-B799-237B21844F8B}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0818\HPDiagnosticCoreUI.exe
FirewallRules: [{2B436B6A-E40F-4F3E-95E0-C49A947EA2ED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0818\HPDiagnosticCoreUI.exe
FirewallRules: [{413C1BF8-302A-45D5-A7DE-A4239246816C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09EE\HPDiagnosticCoreUI.exe
FirewallRules: [{93952101-D547-4CD7-ACF4-D67EF19D6CD0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09EE\HPDiagnosticCoreUI.exe
FirewallRules: [{F3BBF457-724F-4FD2-98E9-B3C70374D729}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS11FE\HPDiagnosticCoreUI.exe
FirewallRules: [{6B893360-9D7D-4AE0-AEC9-835C6A2CB92F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS11FE\HPDiagnosticCoreUI.exe
FirewallRules: [{EE29406B-2EA0-4C93-BE14-FA9A3F431CAC}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1798\HPDiagnosticCoreUI.exe
FirewallRules: [{70CDCC93-B1C0-4395-B835-A08DC303028B}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1798\HPDiagnosticCoreUI.exe
FirewallRules: [{15E1948A-CDE4-42CC-B2CA-0BF6FCAF0C9C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3737\HPDiagnosticCoreUI.exe
FirewallRules: [{3C1B4D49-001C-45AE-9AD6-1D89637B1685}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3737\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{9760DBB7-7239-473E-9284-9903B0BAA92F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{CECE58A7-7F34-484D-95D2-483139A765E3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{2847B238-D1E2-4D34-AAE4-3CB1A298BE65}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{63D0C4D3-FF8C-46AB-B62D-E1A5B8961AAE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{25030047-6BFE-4F50-B7A5-4BD344457055}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1E25\HPDiagnosticCoreUI.exe
FirewallRules: [{F46F108E-29F4-46D3-9ECF-EA24E330EBBA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1E25\HPDiagnosticCoreUI.exe
FirewallRules: [{CBD4D803-EC00-44BC-8250-8E45261CDA99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DC277A1F-33E1-4DDD-B2CC-DCE31F2848F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{849CFAC8-7D1D-4ECF-A687-542D9503C59E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D46930F-E5C0-4897-85B0-E0B20E1AAFF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F499371-6E50-47BB-B019-D5742FAAA18F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6600\HPDiagnosticCoreUI.exe
FirewallRules: [{17C2D378-35F0-42C2-8470-7847567E24B2}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6600\HPDiagnosticCoreUI.exe
FirewallRules: [{8EA6976D-2E13-4ECF-9C14-542D3785F141}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6655\HPDiagnosticCoreUI.exe
FirewallRules: [{B6829C2E-A6F1-428A-B64C-FEA957BECE03}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6655\HPDiagnosticCoreUI.exe
FirewallRules: [{C67A39D9-6485-41F2-88DB-08071017F6F3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6B44\HPDiagnosticCoreUI.exe
FirewallRules: [{12A2E634-3A8B-4F38-967B-A791DCE93EC4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6B44\HPDiagnosticCoreUI.exe
FirewallRules: [{BBD369D7-D523-4DC6-8FB8-CB65D41EC114}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS52D7\HPDiagnosticCoreUI.exe
FirewallRules: [{7054FE1B-4A1E-4664-A1D3-DA22BF9ACEC3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS52D7\HPDiagnosticCoreUI.exe
FirewallRules: [{68808FC2-A0CC-4B23-87E8-0A8874287BA6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDD6EF14-BA10-4C7E-A470-A45FD119178C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{64F72563-4808-449D-80E7-E0E9F6E0F90B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9EF70F7F-9B12-4452-AE83-98E8D97A4A96}] => (Allow) LPort=2869
FirewallRules: [{BD751605-AF01-475B-9FF6-49621CE2E09D}] => (Allow) LPort=1900
FirewallRules: [{5A95AC7F-87D3-4515-92CD-41F59AE42CFD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{732BC2FD-E9D4-4C1B-9D75-95E7BC3D1A93}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

31-12-2015 00:11:18 Scheduled Checkpoint
01-01-2016 11:58:01 Installed DirectX
01-01-2016 11:58:47 Installed DirectX

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Description: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2016 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (12/31/2015 05:28:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (12/31/2015 05:28:09 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (12/31/2015 05:16:01 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICESOFTWAREPROTECTIONPLATFORM\OSPPWMI.MOF

Error: (12/31/2015 04:07:58 PM) (Source: ESENT) (EventID: 215) (User: )
Description: wlmail (1464) WindowsLiveMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (12/31/2015 04:07:41 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: StartService failed with hr = 0x8007043c

Error: (12/31/2015 01:05:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avz.exe, version: 4.45.0.94, time stamp: 0x2a425e19
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x748ae4a4
Faulting process id: 0x574
Faulting application start time: 0xavz.exe0
Faulting application path: avz.exe1
Faulting module path: avz.exe2
Report Id: avz.exe3

Error: (12/31/2015 11:44:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avz.exe, version: 4.45.0.94, time stamp: 0x2a425e19
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x748ae4a4
Faulting process id: 0xfd8
Faulting application start time: 0xavz.exe0
Faulting application path: avz.exe1
Faulting module path: avz.exe2
Report Id: avz.exe3

Error: (12/31/2015 12:00:04 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (12/30/2015 11:13:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {b6959164-32e1-4af3-a21f-b6aeaaa8998d}

System errors:
=============
Error: (12/31/2015 05:42:35 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}740{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/31/2015 05:41:58 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\wisptis.exe -Embedding740{A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}

Error: (12/31/2015 05:35:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (12/31/2015 05:33:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Defender service hung on starting.

Error: (12/31/2015 05:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053

Error: (12/31/2015 05:31:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

Error: (12/31/2015 05:31:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/31/2015 05:25:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alipay security business service service failed to start due to the following error:
%%2

Error: (12/31/2015 05:25:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alipay payment client security service service failed to start due to the following error:
%%2

Error: (12/31/2015 05:25:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%1053

CodeIntegrity:
===================================
  Date: 2015-04-21 17:46:43.370
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-21 17:46:43.276
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-11 09:47:59.071
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-11 09:47:58.952
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-08 17:24:30.044
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-08 17:24:29.919
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 10:02:55.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 10:02:55.724
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 08:44:55.120
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 08:44:55.000
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 7133.18 MB
Available physical RAM: 3416.91 MB
Total Virtual: 14264.57 MB
Available Virtual: 11335.1 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.39 GB) (Free:731 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
Drive l: (My Book) (Fixed) (Total:2794.49 GB) (Free:2709.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.

==================== End of Addition.txt ============================


  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If this does not work in normal mode could you run it from safe mode

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
Attached File  fixlist.txt   7.62KB   140 downloads

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
2015-12-31 09:53 - 2015-12-31 09:53 - 00000000 ____D C:\Users\BR\AppData\Local\{10CF9506-F72C-4A06-A3DA-4845B6C97BB7}
2015-12-31 06:21 - 2015-12-31 06:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F14EB260-F01A-409E-B16B-A0BE31C831E7}
2015-12-30 12:18 - 2015-12-30 12:19 - 00000000 ____D C:\Users\BR\AppData\Local\{5DDBEF6E-2924-472C-95F9-E505DD818272}
2015-12-29 07:42 - 2015-12-29 07:42 - 00000000 ____D C:\Users\BR\AppData\Local\{036388DF-B448-4985-85BA-187DCCC10FAE}
2015-12-28 15:47 - 2015-12-28 15:47 - 00000000 ____D C:\Users\BR\AppData\Local\{299021E1-649E-4A8E-AD2E-3076FA51C664}
2015-12-28 02:37 - 2015-12-28 02:37 - 00000000 ____D C:\Users\BR\AppData\Local\{58D77E0F-BB45-4B4F-9584-91CF2F636547}
2015-12-27 23:04 - 2015-12-27 23:04 - 00000000 ____D C:\Users\BR\AppData\Local\{DEBEFDA7-783B-4625-9FD7-14D923AB27FB}
2015-12-27 14:21 - 2015-12-27 14:21 - 00000000 ____D C:\_193560_
2015-12-27 09:26 - 2015-12-27 09:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF492E9B-954A-4209-98E7-24564F3942EF}
2015-12-25 21:09 - 2015-12-25 21:09 - 00000000 ____D C:\Users\BR\AppData\Local\{ADBF5FBD-C56C-4795-823B-B30E3F2E23C7}
2015-12-25 09:17 - 2015-12-25 09:17 - 00000000 ____D C:\_959793_
2015-12-24 22:14 - 2015-12-24 22:14 - 00000000 ____D C:\Users\BR\AppData\Local\{E41F5F8B-272A-40F6-9138-D4F504D7166D}
2015-12-24 20:07 - 2015-12-24 20:07 - 00000000 ____D C:\Users\BR\AppData\Local\{722101BB-3843-44A4-8A06-8B87569EB1E4}
2015-12-24 02:03 - 2015-12-24 02:03 - 00000000 ____D C:\Users\BR\AppData\Local\{8414D312-047F-47EE-856E-A3F3BCB15293}
2015-12-23 17:08 - 2015-12-23 17:08 - 00000000 ____D C:\_438108_
2015-12-23 09:29 - 2015-12-23 09:30 - 00000000 ____D C:\Users\BR\AppData\Local\{FF891592-3DB8-4CB7-8A85-9D683B8A1C94}
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_686760_
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_668944_
2015-12-22 15:00 - 2015-12-22 15:00 - 00000000 ____D C:\Users\BR\AppData\Local\{24753264-BEC7-4003-B927-F350040A6E91}
2015-12-22 01:43 - 2015-12-22 01:43 - 00000000 ____D C:\Users\BR\AppData\Local\{7C37C019-85A4-448D-A586-AC5ABD762AA9}
2015-12-21 07:21 - 2015-12-21 07:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F07FFADB-940F-4113-8352-5F39E802755C}
2015-12-20 07:52 - 2015-12-20 07:52 - 00000000 ____D C:\Users\BR\AppData\Local\{616552FB-1478-48A0-986A-7990DABC54A4}
2015-12-19 16:24 - 2015-12-19 16:25 - 08107995 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015121613252443.rar
2015-12-19 16:12 - 2015-12-19 16:12 - 00000000 ____D C:\Users\BR\AppData\Local\{13ECE924-563E-44F2-8937-2FF512C7C66E}
2015-12-19 05:53 - 2015-12-19 05:53 - 00000000 ____D C:\Users\BR\AppData\Local\{38BC2977-FC58-4EFC-9397-EA1FFE1D4A9F}
2015-12-18 21:49 - 2015-12-18 21:49 - 00000000 ____D C:\Users\BR\AppData\Local\{1802FFCE-569A-45A8-8221-1BC4AB692500}
2015-12-18 06:22 - 2015-12-18 06:22 - 00000000 ____D C:\Users\BR\AppData\Local\{92C3F0F6-1BAF-4A3B-9FC2-D0B629648F96}
2015-12-17 07:25 - 2015-12-17 07:26 - 00000000 ____D C:\Users\BR\AppData\Local\{8CF4EA93-2D2D-4EB6-96A1-9B9C742C67FB}
2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\MSI4e876.tmp
2015-12-16 08:50 - 2015-12-16 08:51 - 00000000 ____D C:\Users\BR\AppData\Local\{1CAD8E48-08F0-4619-BD4E-5489B2BD0DD5}
2015-12-15 18:36 - 2015-12-15 18:36 - 00000000 ____D C:\Users\BR\AppData\Local\{A811EA30-8249-4DF1-9000-FFEC6435B7D6}
2015-12-15 05:47 - 2015-12-15 05:47 - 00000000 ____D C:\Users\BR\AppData\Local\{DB07A58C-E54D-4F30-9020-1E6726BBD6E4}
2015-12-15 03:52 - 2015-12-15 03:52 - 00000000 ____D C:\_202433_
2015-12-14 08:46 - 2015-12-14 08:46 - 00000000 ____D C:\Users\BR\AppData\Local\{997223D9-F9B9-4D46-8F7A-21CB853E5B76}
2015-12-13 18:54 - 2015-12-13 18:54 - 00000000 ____D C:\Users\BR\AppData\Local\{A696FC79-93BB-42CB-B9D0-4B32959C2BB0}
2015-12-12 22:27 - 2015-12-12 22:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF42F38A-5DAA-406D-8AE3-8A28CDD1B258}
2015-12-12 09:16 - 2015-12-12 09:16 - 00000000 ____D C:\Users\BR\AppData\Local\{E02A1284-03D5-40D5-A285-7CB11D2E1918}
2015-12-11 20:50 - 2015-12-11 20:51 - 00000000 ____D C:\Users\BR\AppData\Local\{429F7793-9B28-4B16-A490-05CFF5792621}
2015-12-11 06:40 - 2015-12-11 06:40 - 00000000 ____D C:\Users\BR\AppData\Local\{85A360A4-18AA-4383-890A-E82CB17D9F66}
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\Users\BR\AppData\Local\{05452CF0-1A0C-4A18-BD99-BB6F66E384C9}
2015-12-10 06:30 - 2015-12-10 06:30 - 00000000 ____D C:\Users\BR\AppData\Local\{8B5960BF-E7E6-4ED9-B841-3F8F18390F7F}
2015-12-10 05:44 - 2015-12-10 05:44 - 00000000 ____D C:\Users\BR\AppData\Local\{F9EBF3C3-9C29-421D-BEF0-CCEA331C7C82}
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_086883_
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_068569_
2015-12-09 16:30 - 2015-12-09 16:30 - 00000000 ____D C:\Users\BR\AppData\Local\{981BBA3C-5913-4C25-8913-D83454C4F1E4}
2015-12-09 03:22 - 2015-12-09 03:22 - 00000000 ____D C:\MSIef277.tmp
2015-12-09 03:21 - 2015-12-09 03:21 - 00000000 ____D C:\MSIef260.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\MSIef250.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\_981808_
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef23c.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef232.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef21c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa7c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa64.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\_058984_
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\MSIefa4d.tmp
2015-12-09 03:00 - 2015-12-09 03:00 - 00000000 ____D C:\MSIefa36.tmp
2015-12-09 02:55 - 2015-12-09 02:55 - 00000000 ____D C:\_569156_
2015-12-08 21:53 - 2015-12-08 21:53 - 00000000 ____D C:\Users\BR\AppData\Local\{4D0A455B-8325-4F07-AF20-3AC961F8AB17}
2015-12-08 06:47 - 2015-12-08 06:47 - 00000000 ____D C:\Users\BR\AppData\Local\{BA213AC6-1ECF-4913-8CB9-C63F2121DACC}
2015-12-07 09:35 - 2015-12-07 09:35 - 00000000 ____D C:\Users\BR\AppData\Local\{0AB1C510-D294-4C54-BF11-1DD088AE5765}
2015-12-06 20:52 - 2015-12-06 20:52 - 00000000 ____D C:\Users\BR\AppData\Local\{E68EBFA1-08C7-40C4-BD0E-584F9CFFACFE}
2015-12-06 06:04 - 2015-12-06 06:05 - 00000000 ____D C:\Users\BR\AppData\Local\{81C29482-25ED-4C8C-A705-AC7B67C1D3C2}
2015-12-05 09:36 - 2015-12-05 09:36 - 00000000 ____D C:\Users\BR\AppData\Local\{3357B4EC-C35B-46A6-8C53-39C30CA6E265}
2015-12-05 04:56 - 2015-12-05 04:57 - 00000000 ____D C:\Users\BR\AppData\Local\{058E250A-D549-4417-AFB0-4E3CFF6CE54D}
2015-12-05 00:08 - 2015-12-05 00:08 - 00000000 ____D C:\Users\BR\AppData\Local\{60016A71-765C-44C5-938D-92999C3D59C2}
2015-12-04 18:15 - 2015-12-04 18:15 - 00000000 ____D C:\Users\BR\AppData\Local\{C50E7D9F-8A5D-4DF8-8FC7-4072BA3714D7}
2015-12-04 03:42 - 2015-12-04 03:42 - 00000000 ____D C:\Users\BR\AppData\Local\{491C29EA-B0E9-4541-85B5-E5126776B699}
2015-12-03 07:40 - 2015-12-03 07:40 - 00000000 ____D C:\Users\BR\AppData\Local\{8844AA95-EB19-429F-A73F-A3941915807C}
2015-12-02 08:18 - 2015-12-02 08:19 - 00000000 ____D C:\Users\BR\AppData\Local\{DD7F81D0-3EC8-4B4D-B003-462A71CFBB4A}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#25
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

If this does not work in normal mode could you run it from safe mode

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
attachicon.giffixlist.txt

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
2015-12-31 09:53 - 2015-12-31 09:53 - 00000000 ____D C:\Users\BR\AppData\Local\{10CF9506-F72C-4A06-A3DA-4845B6C97BB7}
2015-12-31 06:21 - 2015-12-31 06:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F14EB260-F01A-409E-B16B-A0BE31C831E7}
2015-12-30 12:18 - 2015-12-30 12:19 - 00000000 ____D C:\Users\BR\AppData\Local\{5DDBEF6E-2924-472C-95F9-E505DD818272}
2015-12-29 07:42 - 2015-12-29 07:42 - 00000000 ____D C:\Users\BR\AppData\Local\{036388DF-B448-4985-85BA-187DCCC10FAE}
2015-12-28 15:47 - 2015-12-28 15:47 - 00000000 ____D C:\Users\BR\AppData\Local\{299021E1-649E-4A8E-AD2E-3076FA51C664}
2015-12-28 02:37 - 2015-12-28 02:37 - 00000000 ____D C:\Users\BR\AppData\Local\{58D77E0F-BB45-4B4F-9584-91CF2F636547}
2015-12-27 23:04 - 2015-12-27 23:04 - 00000000 ____D C:\Users\BR\AppData\Local\{DEBEFDA7-783B-4625-9FD7-14D923AB27FB}
2015-12-27 14:21 - 2015-12-27 14:21 - 00000000 ____D C:\_193560_
2015-12-27 09:26 - 2015-12-27 09:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF492E9B-954A-4209-98E7-24564F3942EF}
2015-12-25 21:09 - 2015-12-25 21:09 - 00000000 ____D C:\Users\BR\AppData\Local\{ADBF5FBD-C56C-4795-823B-B30E3F2E23C7}
2015-12-25 09:17 - 2015-12-25 09:17 - 00000000 ____D C:\_959793_
2015-12-24 22:14 - 2015-12-24 22:14 - 00000000 ____D C:\Users\BR\AppData\Local\{E41F5F8B-272A-40F6-9138-D4F504D7166D}
2015-12-24 20:07 - 2015-12-24 20:07 - 00000000 ____D C:\Users\BR\AppData\Local\{722101BB-3843-44A4-8A06-8B87569EB1E4}
2015-12-24 02:03 - 2015-12-24 02:03 - 00000000 ____D C:\Users\BR\AppData\Local\{8414D312-047F-47EE-856E-A3F3BCB15293}
2015-12-23 17:08 - 2015-12-23 17:08 - 00000000 ____D C:\_438108_
2015-12-23 09:29 - 2015-12-23 09:30 - 00000000 ____D C:\Users\BR\AppData\Local\{FF891592-3DB8-4CB7-8A85-9D683B8A1C94}
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_686760_
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_668944_
2015-12-22 15:00 - 2015-12-22 15:00 - 00000000 ____D C:\Users\BR\AppData\Local\{24753264-BEC7-4003-B927-F350040A6E91}
2015-12-22 01:43 - 2015-12-22 01:43 - 00000000 ____D C:\Users\BR\AppData\Local\{7C37C019-85A4-448D-A586-AC5ABD762AA9}
2015-12-21 07:21 - 2015-12-21 07:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F07FFADB-940F-4113-8352-5F39E802755C}
2015-12-20 07:52 - 2015-12-20 07:52 - 00000000 ____D C:\Users\BR\AppData\Local\{616552FB-1478-48A0-986A-7990DABC54A4}
2015-12-19 16:24 - 2015-12-19 16:25 - 08107995 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015121613252443.rar
2015-12-19 16:12 - 2015-12-19 16:12 - 00000000 ____D C:\Users\BR\AppData\Local\{13ECE924-563E-44F2-8937-2FF512C7C66E}
2015-12-19 05:53 - 2015-12-19 05:53 - 00000000 ____D C:\Users\BR\AppData\Local\{38BC2977-FC58-4EFC-9397-EA1FFE1D4A9F}
2015-12-18 21:49 - 2015-12-18 21:49 - 00000000 ____D C:\Users\BR\AppData\Local\{1802FFCE-569A-45A8-8221-1BC4AB692500}
2015-12-18 06:22 - 2015-12-18 06:22 - 00000000 ____D C:\Users\BR\AppData\Local\{92C3F0F6-1BAF-4A3B-9FC2-D0B629648F96}
2015-12-17 07:25 - 2015-12-17 07:26 - 00000000 ____D C:\Users\BR\AppData\Local\{8CF4EA93-2D2D-4EB6-96A1-9B9C742C67FB}
2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\MSI4e876.tmp
2015-12-16 08:50 - 2015-12-16 08:51 - 00000000 ____D C:\Users\BR\AppData\Local\{1CAD8E48-08F0-4619-BD4E-5489B2BD0DD5}
2015-12-15 18:36 - 2015-12-15 18:36 - 00000000 ____D C:\Users\BR\AppData\Local\{A811EA30-8249-4DF1-9000-FFEC6435B7D6}
2015-12-15 05:47 - 2015-12-15 05:47 - 00000000 ____D C:\Users\BR\AppData\Local\{DB07A58C-E54D-4F30-9020-1E6726BBD6E4}
2015-12-15 03:52 - 2015-12-15 03:52 - 00000000 ____D C:\_202433_
2015-12-14 08:46 - 2015-12-14 08:46 - 00000000 ____D C:\Users\BR\AppData\Local\{997223D9-F9B9-4D46-8F7A-21CB853E5B76}
2015-12-13 18:54 - 2015-12-13 18:54 - 00000000 ____D C:\Users\BR\AppData\Local\{A696FC79-93BB-42CB-B9D0-4B32959C2BB0}
2015-12-12 22:27 - 2015-12-12 22:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF42F38A-5DAA-406D-8AE3-8A28CDD1B258}
2015-12-12 09:16 - 2015-12-12 09:16 - 00000000 ____D C:\Users\BR\AppData\Local\{E02A1284-03D5-40D5-A285-7CB11D2E1918}
2015-12-11 20:50 - 2015-12-11 20:51 - 00000000 ____D C:\Users\BR\AppData\Local\{429F7793-9B28-4B16-A490-05CFF5792621}
2015-12-11 06:40 - 2015-12-11 06:40 - 00000000 ____D C:\Users\BR\AppData\Local\{85A360A4-18AA-4383-890A-E82CB17D9F66}
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\Users\BR\AppData\Local\{05452CF0-1A0C-4A18-BD99-BB6F66E384C9}
2015-12-10 06:30 - 2015-12-10 06:30 - 00000000 ____D C:\Users\BR\AppData\Local\{8B5960BF-E7E6-4ED9-B841-3F8F18390F7F}
2015-12-10 05:44 - 2015-12-10 05:44 - 00000000 ____D C:\Users\BR\AppData\Local\{F9EBF3C3-9C29-421D-BEF0-CCEA331C7C82}
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_086883_
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_068569_
2015-12-09 16:30 - 2015-12-09 16:30 - 00000000 ____D C:\Users\BR\AppData\Local\{981BBA3C-5913-4C25-8913-D83454C4F1E4}
2015-12-09 03:22 - 2015-12-09 03:22 - 00000000 ____D C:\MSIef277.tmp
2015-12-09 03:21 - 2015-12-09 03:21 - 00000000 ____D C:\MSIef260.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\MSIef250.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\_981808_
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef23c.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef232.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef21c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa7c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa64.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\_058984_
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\MSIefa4d.tmp
2015-12-09 03:00 - 2015-12-09 03:00 - 00000000 ____D C:\MSIefa36.tmp
2015-12-09 02:55 - 2015-12-09 02:55 - 00000000 ____D C:\_569156_
2015-12-08 21:53 - 2015-12-08 21:53 - 00000000 ____D C:\Users\BR\AppData\Local\{4D0A455B-8325-4F07-AF20-3AC961F8AB17}
2015-12-08 06:47 - 2015-12-08 06:47 - 00000000 ____D C:\Users\BR\AppData\Local\{BA213AC6-1ECF-4913-8CB9-C63F2121DACC}
2015-12-07 09:35 - 2015-12-07 09:35 - 00000000 ____D C:\Users\BR\AppData\Local\{0AB1C510-D294-4C54-BF11-1DD088AE5765}
2015-12-06 20:52 - 2015-12-06 20:52 - 00000000 ____D C:\Users\BR\AppData\Local\{E68EBFA1-08C7-40C4-BD0E-584F9CFFACFE}
2015-12-06 06:04 - 2015-12-06 06:05 - 00000000 ____D C:\Users\BR\AppData\Local\{81C29482-25ED-4C8C-A705-AC7B67C1D3C2}
2015-12-05 09:36 - 2015-12-05 09:36 - 00000000 ____D C:\Users\BR\AppData\Local\{3357B4EC-C35B-46A6-8C53-39C30CA6E265}
2015-12-05 04:56 - 2015-12-05 04:57 - 00000000 ____D C:\Users\BR\AppData\Local\{058E250A-D549-4417-AFB0-4E3CFF6CE54D}
2015-12-05 00:08 - 2015-12-05 00:08 - 00000000 ____D C:\Users\BR\AppData\Local\{60016A71-765C-44C5-938D-92999C3D59C2}
2015-12-04 18:15 - 2015-12-04 18:15 - 00000000 ____D C:\Users\BR\AppData\Local\{C50E7D9F-8A5D-4DF8-8FC7-4072BA3714D7}
2015-12-04 03:42 - 2015-12-04 03:42 - 00000000 ____D C:\Users\BR\AppData\Local\{491C29EA-B0E9-4541-85B5-E5126776B699}
2015-12-03 07:40 - 2015-12-03 07:40 - 00000000 ____D C:\Users\BR\AppData\Local\{8844AA95-EB19-429F-A73F-A3941915807C}
2015-12-02 08:18 - 2015-12-02 08:19 - 00000000 ____D C:\Users\BR\AppData\Local\{DD7F81D0-3EC8-4B4D-B003-462A71CFBB4A}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

 

 

 

OK ran the test but did not see any new log so I ran it again in safe mode now I am not sure where the log is on the desktop I will post what I have there I think some of these I already gave you but am not sure Sorry 

 

#1

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
Ran by BR (2016-01-01 12:10:51)
Running from C:\Users\BR\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-13 13:09:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-998330651-303224156-1059126384-500 - Administrator - Disabled)
bcom (S-1-5-21-998330651-303224156-1059126384-1003 - Administrator - Enabled) => C:\Users\bcom
BR (S-1-5-21-998330651-303224156-1059126384-1004 - Administrator - Enabled) => C:\Users\BR
BRIAN (S-1-5-21-998330651-303224156-1059126384-1000 - Administrator - Enabled) => C:\Users\BRIAN
Guest (S-1-5-21-998330651-303224156-1059126384-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

0501(English) (HKLM-x32\...\{15330BA2-F4F1-4D1C-A0D8-A9C5F9056672}) (Version: 1.00.0000 - Ruizhitianhong)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
AliIM Plugins for Browser (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\AliIM Plugins for Browser) (Version: 1.0 - Alibaba(China) Co., Ltd)
AliSetup 0.1.0.52 (HKLM-x32\...\AliSetup) (Version: 0.1.0.52 - °¢Àï°Í°Í£¨Öйú£©ÓÐÏÞ¹«Ë¾)
Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArtCAM 2015 (64-bit) (HKLM-x32\...\ArtCAM 2015 (64-bit)) (Version: 2015 - Delcam Ltd)
ArtCAM 2015 R2 (64-bit) (HKLM-x32\...\ArtCAM 2015 R2 (64-bit)) (Version: 2015 R2 - Delcam Ltd)
ArtCAM 2015 R2 DL (64-bit) (HKLM-x32\...\ArtCAM 2015 R2 DL (64-bit)) (Version: 2015 R2 - Delcam Ltd)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.1.1.0 - Autodesk) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1B1BF50E-ACE8-4481-B362-89544FB1CD4B}) (Version: 1.0.357 - Citrix)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Corel Applications (HKLM-x32\...\Corel Applications) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam)
Delcam Exchange 2015 R4 (64-bit) (HKLM\...\Delcam Exchange 8.1.10) (Version: 8.1.10 - Delcam)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight 2015 SP2 x64 (HKLM\...\{1570DEC4-94DE-493E-8E34-BD382B813BAA}) (Version: 13.2.1065 - Dassault Systemes)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
eDrawings 2015 x64 (HKLM\...\{1849FD9A-F1F7-4D0C-BEE6-59C3337E5410}) (Version: 15.2.0033 - Dassault Systèmes SolidWorks Corp)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free DWG Viewer 7.3 (HKLM-x32\...\{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}) (Version: 7.3.0.174 - IGC)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
gsimple 2.05 (HKLM-x32\...\gsimple) (Version: 2.05 - S.Kontogiannis)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 5740 series Basic Device Software (HKLM\...\{7FAA9D15-FF0B-4593-8D4A-0B941FD1977A}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2226 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{308C7555-5D43-4D9A-BDC0-14B2948EF438}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.7.0 - Rosetta Stone Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scanything V1.0.8 (HKLM-x32\...\Scanything) (Version: 1.0.8 - Scanything)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SewArt (HKLM\...\{5E174DED-7BB1-4ABC-9EB9-97B8CAFE82E8}) (Version: 1.8.6 - S & S Computing)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SmoothDraw version 4.0.5 (HKLM-x32\...\SmoothDraw_is1) (Version: 4.0.5 - )
SMPIS (HKLM-x32\...\{999052D7-44A2-49F8-9851-A3D2D297EE03}) (Version: 29.00.000 - Merry Mechanization Inc.)
SolidWorks 2011 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20110-40200-1100-100) (Version: 19.2.0.49 - SolidWorks Corporation)
SolidWorks 2011 x64 Edition SP02 (Version: 19.120.49 - SolidWorks) Hidden
SolidWorks eDrawings 2011 SP02 (HKLM-x32\...\{67C6633B-5A12-4955-A5E4-98D703F9AFA3}) (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.)
SolidWorks eDrawings 2011 x64 Edition SP02 (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.) Hidden
SolidWorks Explorer 2011 SP02 (HKLM-x32\...\{5F590D74-AA75-410F-A778-3CDFCE12DCD4}) (Version: 19.20.49 - SolidWorks Corporation)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SQLAnywhere1000 (HKLM-x32\...\{349E9132-5101-4094-859E-0EEE6F3DDCD5}) (Version: 10.1.4157 - Merry Mechanization Inc)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TradeManager 2011 SP2 (HKLM-x32\...\TradeManager 2011 SP2) (Version:  - Alisoft)
TradeManager 2014 Beta1 (HKLM-x32\...\TradeManager) (Version:  - Alibaba (China) Network Technology Co., Ltd.)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trendnet USBKVM Switcher (HKLM-x32\...\Trendnet USBKVM Switcher_is1) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.8 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.7.3 - Tweaking.com)
Unchecky v0.4.2 (HKLM-x32\...\Unchecky) (Version: 0.4.2 - RaMMicHaeL)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{D0A3A97D-7918-4B0B-B91E-775E00C36122}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Wilcom TrueSizer e3.0 (x32 Version: 17.0.185.7427 - Wilcom) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{08D512D2-7D97-4E22-B7DB-82791106C086}\InprocServer32 -> C:\Users\BR\AppData\Roaming\alipay\cf\alicdo_x64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{4CEEAF57-0208-4CA4-A473-914C2D2FFC23}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll ()
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll ()
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B68D52-81A4-4E5D-A008-EBE7A5E1D7A8} - System32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {137B4BA2-DE24-4F80-BC1F-179956948A9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-26] (Adobe Systems Incorporated)
Task: {13C746E5-D9D4-410F-8374-C85DD78CB304} - System32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-28] (Skype Technologies S.A.)
Task: {19835642-4FB1-409E-B1C8-8C8DAB245E33} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {261C88CB-C0A6-449C-8B7E-520CB4278507} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {2761B74C-FF47-4ABC-B888-2B671AC244E5} - System32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7} => pcalua.exe -a E:\setup.exe -d E:\
Task: {2A07BD38-FBC3-414F-B3CC-3C4EBDE27B83} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {2A5E94B0-88B5-4A7C-AE52-03F3C01C221B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {379D608C-0688-4B10-B21D-50B5B2A22E4F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {3A971650-3B29-4284-8710-C3F626E29C5B} - System32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {4B06D158-F426-4D63-842D-A8D695E38F5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {4E972E24-4BA2-47D5-BEFD-94D785AA4E8C} - System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF} => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2015-09-11] (TechSmith Corporation)
Task: {58044AB4-8524-4227-9073-AAA8DF62A596} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6AB5DF9B-167C-4E53-B5F8-EC132C9AB8CD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {7016C1DA-8A0A-4266-A065-4ECEF51B751B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {76BFAC61-5025-4C95-9233-B223F5F3731E} - System32\Tasks\{8687F8BE-E36A-4EEF-AF42-1D43D36FA6D3} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {76ED6151-2ABF-4024-B54D-CD58CF67C42E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {80747828-AE28-4142-B594-2A8E87EF8F5F} - System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {83ABC68D-63B2-4F74-8BF4-D7192EC3CEEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {85F928BF-474B-410C-955F-9BC4A5E814AE} - System32\Tasks\{ECC6E21C-0E02-48C1-81A6-B7DF3E56C4A3} => pcalua.exe -a "C:\Program Files (x86)\MMI\MachineDriverInstaller.exe" -d C:\Users\BRIAN\Desktop -c C:\Users\BRIAN\Desktop\second-house.DXF
Task: {99DC5BAC-F1C3-4CDC-8CB1-F45B3B886E25} - System32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4} => pcalua.exe -a "E:\English\JDPaint55 1048\JDPaint.exe" -d "E:\English\JDPaint55 1048"
Task: {9A3CE333-775C-4F78-992D-AA2801A46B4E} - System32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99} => pcalua.exe -a L:\AutoCAD_2011_English_Win_64bit.exe -d L:\
Task: {9E7B5155-9C08-45C9-9779-27D04278AC5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {A478F95E-3FEA-4AA2-9564-F616630E60FB} - System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A} => pcalua.exe -a "C:\Users\BR\Documents\SolidWorks Downloads\SolidWorks 2011 SP02\swwi\data\setup.exe" -d "C:\Users\BR\Documents\SolidWorks Downloads\SolidWorks 2011 SP02\swwi\data"
Task: {B2F2642F-FDD6-42CB-B8D3-E88A1FA499AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {B8D12FC1-E648-45D7-848B-31825FFEEBFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {BC023B06-0D54-426A-B5F9-A28527102E43} - System32\Tasks\{349F7917-DF9C-433B-BD70-8DF9498AE672} => pcalua.exe -a C:\Windows\Installer\{4F113377-0BA1-4552-9ABB-9BF220FAF132}\i386_SldWorks.exe -d "C:\Program Files (x86)\Mozilla Firefox" -c C:\Users\BR\AppData\Local\Temp\car-trailer-tilt-deck.snapshot.1-1.zip
Task: {BEBB79F8-7713-4DBF-9FF9-0BA8E1E28A44} - System32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3} => pcalua.exe -a C:\Users\BR\Downloads\setup.exe -d C:\Users\BR\Downloads
Task: {C2F274BB-89DC-47A1-9631-13C61F5480A1} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {DA146781-94E4-4002-9603-F7F562CC1BD0} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {DD268EF9-0389-4933-BB76-5200E5670973} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FF68EC2C-3B0C-4266-A221-56BDB11B6623} - System32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF} => pcalua.exe -a C:\Users\BR\Downloads\Mach3Version3.043.066.exe -d C:\Users\BR\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-12-15 12:55 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-10 14:17 - 2010-09-09 09:05 - 00593920 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2009-10-22 18:50 - 2009-10-22 18:50 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-10-10 14:17 - 2007-07-17 15:26 - 00086016 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\kEYHOOK.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-11-23 16:20 - 2014-08-26 17:47 - 01491968 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-11-23 16:20 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-12-24 15:15 - 2015-12-24 15:15 - 00698152 _____ () C:\Users\BR\AppData\Roaming\TaobaoProtect\AliBench\AlibenchDLL.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\.DEFAULT\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\.DEFAULT\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\.DEFAULT\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\.DEFAULT\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\.DEFAULT\...\taobao.com -> hxxp://taobao.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\taobao.com -> hxxp://taobao.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2015-12-31 17:26 - 00002055 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-998330651-303224156-1059126384-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.59.144.16 - 64.59.150.132
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3E24F055-A793-4BC3-9A16-D0FE6B3C463E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{844CC82B-F7C5-4BB4-8ABE-D06B094CC431}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1C7FFD34-8C45-436D-AD53-C44D6F7792E0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{39A1014D-B4E5-4D68-B513-DF866CF1346A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A322132D-798A-4408-BAC5-F78362086A27}C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{3823B4EF-6015-4882-BDB0-D08670DC6591}C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8620\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{F9766DB5-ECC7-4B39-911A-D2C992E303B2}C:\program files\corel\coreldraw graphics suite x7\programs64\corelpp.exe] => (Block) C:\program files\corel\coreldraw graphics suite x7\programs64\corelpp.exe
FirewallRules: [TCP Query User{B66924A1-2898-4D5F-922E-3F2B541EB8D5}C:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe
FirewallRules: [{003199E7-F3D4-4855-A99E-9881CCBECFB0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3293F6F-47E2-440E-BBAC-F5748EA0FE3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23E27FB3-17FA-439E-8FE2-06C493D4ADD8}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7C8C\HPDiagnosticCoreUI.exe
FirewallRules: [{E65320DB-6128-418D-A2BD-DC17A52A89CB}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7C8C\HPDiagnosticCoreUI.exe
FirewallRules: [{D3BBE9C6-0BE9-4FB5-A8CA-0BDA4BB1591F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7CE1\HPDiagnosticCoreUI.exe
FirewallRules: [{80A410DE-8A53-407E-A8CE-B9ED8FE8020C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7CE1\HPDiagnosticCoreUI.exe
FirewallRules: [{E6F293E2-6915-4AC6-9F28-4A36790A0284}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS009B\HPDiagnosticCoreUI.exe
FirewallRules: [{990BBD40-2528-4C32-87D3-D1F20994748D}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS009B\HPDiagnosticCoreUI.exe
FirewallRules: [{4BACD219-02D1-4C0F-BCF2-6F813730AEAD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0512\HPDiagnosticCoreUI.exe
FirewallRules: [{A39B8EFF-3CD5-49AF-B3E2-DBAA73C3543A}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0512\HPDiagnosticCoreUI.exe
FirewallRules: [{B0C07EC0-6F56-47E9-99F9-690BD44506D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5EC189C1-B421-42A1-840E-D964A86FA79B}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS322E\HPDiagnosticCoreUI.exe
FirewallRules: [{988ED1AC-5F8F-4948-B373-64EEEB75182F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS322E\HPDiagnosticCoreUI.exe
FirewallRules: [{A3A0DA32-4233-4E8F-81C5-DBBDA5F47912}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3287\HPDiagnosticCoreUI.exe
FirewallRules: [{10561FF4-6315-422E-A1AF-B4E80BFFC0D1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3287\HPDiagnosticCoreUI.exe
FirewallRules: [{2A0D9AE8-1BE3-4830-94E5-291F01FA58BB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{DBBCB9FE-15EB-442E-B802-A877D5D08D6E}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{ADD81609-0193-41F8-B9B3-344F35919B02}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{7EE9638F-0AF8-4235-B00C-882E8427918D}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{BC2ABEDF-319A-4B7C-9FB1-949AFDB6C3DB}] => (Allow) LPort=5357
FirewallRules: [{F9062624-2CB2-4849-9868-6CA039DF9CCE}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0CD2D92C-20DC-4B6F-85F7-C52F9AD05039}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS46C2\HPDiagnosticCoreUI.exe
FirewallRules: [{B759FA54-FE23-4BB7-A0D4-415EF5B075F4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS46C2\HPDiagnosticCoreUI.exe
FirewallRules: [{59E0119D-F5E9-4DE4-97A7-55391074CB71}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09A5\HPDiagnosticCoreUI.exe
FirewallRules: [{85361578-1DAE-48E5-917A-B3832C3A2D3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09A5\HPDiagnosticCoreUI.exe
FirewallRules: [{1197CDED-FA4A-49AB-8E6A-3F9C46EA6F44}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1EC3\HPDiagnosticCoreUI.exe
FirewallRules: [{38BF8B07-58FE-4F12-BCDD-0A3324BAE0A8}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1EC3\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{51604C14-85A4-4FBF-9B99-2ECDB3BE1D75}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe
FirewallRules: [UDP Query User{5F823EF2-C276-4EAD-9CF2-698CBAFE7BEA}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe
FirewallRules: [{5EDEBE08-673A-43E2-AD9D-53C22F761C16}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7B95\hppiw.exe
FirewallRules: [{2A1EA390-5879-48BA-B5B3-5C87C97EE946}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7B95\hppiw.exe
FirewallRules: [{13DC79E0-9AF1-4BB4-90B5-397DC5CE191E}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7D6E\hppiw.exe
FirewallRules: [{B09296D2-74C0-46EA-A93A-B866A5ED24DF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7D6E\hppiw.exe
FirewallRules: [{44969DF3-EC0B-498A-A914-77ABF3B3F6B0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7F1A\HPDiagnosticCoreUI.exe
FirewallRules: [{E1E55C7B-31A5-4B79-A713-368C25B95CDB}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7F1A\HPDiagnosticCoreUI.exe
FirewallRules: [{66DA3659-152C-46F6-ADCD-23BA5B73D7BE}] => (Allow) C:\Users\BR\AppData\Local\Temp\nshB06D.tmp\Installer-10687648.exe
FirewallRules: [{A8B5C510-89A2-46D8-9A13-233BCE4A1D98}] => (Allow) C:\Users\BR\AppData\Local\Temp\nshB06D.tmp\Installer-10687648.exe
FirewallRules: [{C44A8C61-4676-474E-9E8D-2967DD81CE2D}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4934\HPDiagnosticCoreUI.exe
FirewallRules: [{189424F1-668B-4464-A4E7-F25E9C25300C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4934\HPDiagnosticCoreUI.exe
FirewallRules: [{E41ED782-97A7-45A4-8771-7A466EFE4DC8}] => (Allow) C:\Users\BR\AppData\Local\Temp\nsqADA0.tmp\CnetInstaller-10199284.exe
FirewallRules: [{13449073-679D-40C3-AB0E-409472A4848E}] => (Allow) C:\Users\BR\AppData\Local\Temp\nsqADA0.tmp\CnetInstaller-10199284.exe
FirewallRules: [TCP Query User{67AAEE04-7D3E-4C60-8D06-7F7FEE2910C0}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{700AA15B-C295-4C09-858A-0D79637507B6}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{7185AA24-23D7-4423-A3B6-D0697FB671C6}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1F18\HPDiagnosticCoreUI.exe
FirewallRules: [{E4757F6C-E780-476C-8DB5-89AD346486F8}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1F18\HPDiagnosticCoreUI.exe
FirewallRules: [{4177EE37-4857-4F9E-AB77-18AD559CA840}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS736C\HPDiagnosticCoreUI.exe
FirewallRules: [{451B0525-55D7-4687-B06A-521D6C146343}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS736C\HPDiagnosticCoreUI.exe
FirewallRules: [{483A26BC-6D9D-4CE1-AF86-D04E6A6300CD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS588D\HPDiagnosticCoreUI.exe
FirewallRules: [{938823D9-7B2B-4AF2-A2EA-CC0703249777}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS588D\HPDiagnosticCoreUI.exe
FirewallRules: [{84D084C8-0DC8-4659-82EB-DA4511F8C27B}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{B27C61AC-00BB-47D8-B762-16568A4F90F6}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{6A424BB9-FE6C-47F6-A29B-8147C6DA51FD}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{1BF37708-5420-459A-AA16-30C5A756E847}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{B28BE0D6-A839-4BE5-B836-E2234AF2C0E4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3625\HPDiagnosticCoreUI.exe
FirewallRules: [{95B56342-D2F9-4B68-9609-14C9E7918B14}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3625\HPDiagnosticCoreUI.exe
FirewallRules: [{0111580A-F501-4908-8C28-DE91BA57ACC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0528\HPDiagnosticCoreUI.exe
FirewallRules: [{519E4658-2826-4A73-A232-C4FF114DB0B9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0528\HPDiagnosticCoreUI.exe
FirewallRules: [{AB3E64BF-233B-428D-B27E-572097323426}] => (Allow) C:\Program Files (x86)\TradeManager\AliIM.exe
FirewallRules: [{EB8C366E-610E-4827-947B-76EF90FED829}] => (Allow) C:\Program Files (x86)\TradeManager\AliIM.exe
FirewallRules: [{8501C27E-AC5F-445B-B799-237B21844F8B}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0818\HPDiagnosticCoreUI.exe
FirewallRules: [{2B436B6A-E40F-4F3E-95E0-C49A947EA2ED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0818\HPDiagnosticCoreUI.exe
FirewallRules: [{413C1BF8-302A-45D5-A7DE-A4239246816C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09EE\HPDiagnosticCoreUI.exe
FirewallRules: [{93952101-D547-4CD7-ACF4-D67EF19D6CD0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS09EE\HPDiagnosticCoreUI.exe
FirewallRules: [{F3BBF457-724F-4FD2-98E9-B3C70374D729}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS11FE\HPDiagnosticCoreUI.exe
FirewallRules: [{6B893360-9D7D-4AE0-AEC9-835C6A2CB92F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS11FE\HPDiagnosticCoreUI.exe
FirewallRules: [{EE29406B-2EA0-4C93-BE14-FA9A3F431CAC}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1798\HPDiagnosticCoreUI.exe
FirewallRules: [{70CDCC93-B1C0-4395-B835-A08DC303028B}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1798\HPDiagnosticCoreUI.exe
FirewallRules: [{15E1948A-CDE4-42CC-B2CA-0BF6FCAF0C9C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3737\HPDiagnosticCoreUI.exe
FirewallRules: [{3C1B4D49-001C-45AE-9AD6-1D89637B1685}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3737\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{9760DBB7-7239-473E-9284-9903B0BAA92F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{CECE58A7-7F34-484D-95D2-483139A765E3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{2847B238-D1E2-4D34-AAE4-3CB1A298BE65}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{63D0C4D3-FF8C-46AB-B62D-E1A5B8961AAE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{25030047-6BFE-4F50-B7A5-4BD344457055}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1E25\HPDiagnosticCoreUI.exe
FirewallRules: [{F46F108E-29F4-46D3-9ECF-EA24E330EBBA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS1E25\HPDiagnosticCoreUI.exe
FirewallRules: [{CBD4D803-EC00-44BC-8250-8E45261CDA99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DC277A1F-33E1-4DDD-B2CC-DCE31F2848F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{849CFAC8-7D1D-4ECF-A687-542D9503C59E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D46930F-E5C0-4897-85B0-E0B20E1AAFF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F499371-6E50-47BB-B019-D5742FAAA18F}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6600\HPDiagnosticCoreUI.exe
FirewallRules: [{17C2D378-35F0-42C2-8470-7847567E24B2}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6600\HPDiagnosticCoreUI.exe
FirewallRules: [{8EA6976D-2E13-4ECF-9C14-542D3785F141}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6655\HPDiagnosticCoreUI.exe
FirewallRules: [{B6829C2E-A6F1-428A-B64C-FEA957BECE03}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6655\HPDiagnosticCoreUI.exe
FirewallRules: [{C67A39D9-6485-41F2-88DB-08071017F6F3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6B44\HPDiagnosticCoreUI.exe
FirewallRules: [{12A2E634-3A8B-4F38-967B-A791DCE93EC4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS6B44\HPDiagnosticCoreUI.exe
FirewallRules: [{BBD369D7-D523-4DC6-8FB8-CB65D41EC114}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS52D7\HPDiagnosticCoreUI.exe
FirewallRules: [{7054FE1B-4A1E-4664-A1D3-DA22BF9ACEC3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS52D7\HPDiagnosticCoreUI.exe
FirewallRules: [{68808FC2-A0CC-4B23-87E8-0A8874287BA6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDD6EF14-BA10-4C7E-A470-A45FD119178C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{64F72563-4808-449D-80E7-E0E9F6E0F90B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9EF70F7F-9B12-4452-AE83-98E8D97A4A96}] => (Allow) LPort=2869
FirewallRules: [{BD751605-AF01-475B-9FF6-49621CE2E09D}] => (Allow) LPort=1900
FirewallRules: [{5A95AC7F-87D3-4515-92CD-41F59AE42CFD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{732BC2FD-E9D4-4C1B-9D75-95E7BC3D1A93}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

31-12-2015 00:11:18 Scheduled Checkpoint
01-01-2016 11:58:01 Installed DirectX
01-01-2016 11:58:47 Installed DirectX

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Description: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2016 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (12/31/2015 05:28:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (12/31/2015 05:28:09 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (12/31/2015 05:16:01 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICESOFTWAREPROTECTIONPLATFORM\OSPPWMI.MOF

Error: (12/31/2015 04:07:58 PM) (Source: ESENT) (EventID: 215) (User: )
Description: wlmail (1464) WindowsLiveMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (12/31/2015 04:07:41 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: StartService failed with hr = 0x8007043c

Error: (12/31/2015 01:05:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avz.exe, version: 4.45.0.94, time stamp: 0x2a425e19
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x748ae4a4
Faulting process id: 0x574
Faulting application start time: 0xavz.exe0
Faulting application path: avz.exe1
Faulting module path: avz.exe2
Report Id: avz.exe3

Error: (12/31/2015 11:44:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avz.exe, version: 4.45.0.94, time stamp: 0x2a425e19
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x748ae4a4
Faulting process id: 0xfd8
Faulting application start time: 0xavz.exe0
Faulting application path: avz.exe1
Faulting module path: avz.exe2
Report Id: avz.exe3

Error: (12/31/2015 12:00:04 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (12/30/2015 11:13:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {b6959164-32e1-4af3-a21f-b6aeaaa8998d}

System errors:
=============
Error: (12/31/2015 05:42:35 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}740{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/31/2015 05:41:58 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\wisptis.exe -Embedding740{A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}

Error: (12/31/2015 05:35:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (12/31/2015 05:33:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Defender service hung on starting.

Error: (12/31/2015 05:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053

Error: (12/31/2015 05:31:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

Error: (12/31/2015 05:31:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/31/2015 05:25:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alipay security business service service failed to start due to the following error:
%%2

Error: (12/31/2015 05:25:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alipay payment client security service service failed to start due to the following error:
%%2

Error: (12/31/2015 05:25:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%1053

CodeIntegrity:
===================================
  Date: 2015-04-21 17:46:43.370
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-21 17:46:43.276
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-11 09:47:59.071
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-11 09:47:58.952
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-08 17:24:30.044
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-08 17:24:29.919
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 10:02:55.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 10:02:55.724
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 08:44:55.120
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-06 08:44:55.000
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\SYDEXFDD.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 7133.18 MB
Available physical RAM: 3416.91 MB
Total Virtual: 14264.57 MB
Available Virtual: 11335.1 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.39 GB) (Free:731 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
Drive l: (My Book) (Fixed) (Total:2794.49 GB) (Free:2709.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.

==================== End of Addition.txt ============================

 

 

 

 

#2

Fix result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
Ran by BR (2016-01-01 13:20:55) Run:2
Running from C:\Users\BR\Desktop
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
2015-12-31 09:53 - 2015-12-31 09:53 - 00000000 ____D C:\Users\BR\AppData\Local\{10CF9506-F72C-4A06-A3DA-4845B6C97BB7}
2015-12-31 06:21 - 2015-12-31 06:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F14EB260-F01A-409E-B16B-A0BE31C831E7}
2015-12-30 12:18 - 2015-12-30 12:19 - 00000000 ____D C:\Users\BR\AppData\Local\{5DDBEF6E-2924-472C-95F9-E505DD818272}
2015-12-29 07:42 - 2015-12-29 07:42 - 00000000 ____D C:\Users\BR\AppData\Local\{036388DF-B448-4985-85BA-187DCCC10FAE}
2015-12-28 15:47 - 2015-12-28 15:47 - 00000000 ____D C:\Users\BR\AppData\Local\{299021E1-649E-4A8E-AD2E-3076FA51C664}
2015-12-28 02:37 - 2015-12-28 02:37 - 00000000 ____D C:\Users\BR\AppData\Local\{58D77E0F-BB45-4B4F-9584-91CF2F636547}
2015-12-27 23:04 - 2015-12-27 23:04 - 00000000 ____D C:\Users\BR\AppData\Local\{DEBEFDA7-783B-4625-9FD7-14D923AB27FB}
2015-12-27 14:21 - 2015-12-27 14:21 - 00000000 ____D C:\_193560_
2015-12-27 09:26 - 2015-12-27 09:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF492E9B-954A-4209-98E7-24564F3942EF}
2015-12-25 21:09 - 2015-12-25 21:09 - 00000000 ____D C:\Users\BR\AppData\Local\{ADBF5FBD-C56C-4795-823B-B30E3F2E23C7}
2015-12-25 09:17 - 2015-12-25 09:17 - 00000000 ____D C:\_959793_
2015-12-24 22:14 - 2015-12-24 22:14 - 00000000 ____D C:\Users\BR\AppData\Local\{E41F5F8B-272A-40F6-9138-D4F504D7166D}
2015-12-24 20:07 - 2015-12-24 20:07 - 00000000 ____D C:\Users\BR\AppData\Local\{722101BB-3843-44A4-8A06-8B87569EB1E4}
2015-12-24 02:03 - 2015-12-24 02:03 - 00000000 ____D C:\Users\BR\AppData\Local\{8414D312-047F-47EE-856E-A3F3BCB15293}
2015-12-23 17:08 - 2015-12-23 17:08 - 00000000 ____D C:\_438108_
2015-12-23 09:29 - 2015-12-23 09:30 - 00000000 ____D C:\Users\BR\AppData\Local\{FF891592-3DB8-4CB7-8A85-9D683B8A1C94}
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_686760_
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_668944_
2015-12-22 15:00 - 2015-12-22 15:00 - 00000000 ____D C:\Users\BR\AppData\Local\{24753264-BEC7-4003-B927-F350040A6E91}
2015-12-22 01:43 - 2015-12-22 01:43 - 00000000 ____D C:\Users\BR\AppData\Local\{7C37C019-85A4-448D-A586-AC5ABD762AA9}
2015-12-21 07:21 - 2015-12-21 07:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F07FFADB-940F-4113-8352-5F39E802755C}
2015-12-20 07:52 - 2015-12-20 07:52 - 00000000 ____D C:\Users\BR\AppData\Local\{616552FB-1478-48A0-986A-7990DABC54A4}
2015-12-19 16:24 - 2015-12-19 16:25 - 08107995 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015121613252443.rar
2015-12-19 16:12 - 2015-12-19 16:12 - 00000000 ____D C:\Users\BR\AppData\Local\{13ECE924-563E-44F2-8937-2FF512C7C66E}
2015-12-19 05:53 - 2015-12-19 05:53 - 00000000 ____D C:\Users\BR\AppData\Local\{38BC2977-FC58-4EFC-9397-EA1FFE1D4A9F}
2015-12-18 21:49 - 2015-12-18 21:49 - 00000000 ____D C:\Users\BR\AppData\Local\{1802FFCE-569A-45A8-8221-1BC4AB692500}
2015-12-18 06:22 - 2015-12-18 06:22 - 00000000 ____D C:\Users\BR\AppData\Local\{92C3F0F6-1BAF-4A3B-9FC2-D0B629648F96}
2015-12-17 07:25 - 2015-12-17 07:26 - 00000000 ____D C:\Users\BR\AppData\Local\{8CF4EA93-2D2D-4EB6-96A1-9B9C742C67FB}
2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\MSI4e876.tmp
2015-12-16 08:50 - 2015-12-16 08:51 - 00000000 ____D C:\Users\BR\AppData\Local\{1CAD8E48-08F0-4619-BD4E-5489B2BD0DD5}
2015-12-15 18:36 - 2015-12-15 18:36 - 00000000 ____D C:\Users\BR\AppData\Local\{A811EA30-8249-4DF1-9000-FFEC6435B7D6}
2015-12-15 05:47 - 2015-12-15 05:47 - 00000000 ____D C:\Users\BR\AppData\Local\{DB07A58C-E54D-4F30-9020-1E6726BBD6E4}
2015-12-15 03:52 - 2015-12-15 03:52 - 00000000 ____D C:\_202433_
2015-12-14 08:46 - 2015-12-14 08:46 - 00000000 ____D C:\Users\BR\AppData\Local\{997223D9-F9B9-4D46-8F7A-21CB853E5B76}
2015-12-13 18:54 - 2015-12-13 18:54 - 00000000 ____D C:\Users\BR\AppData\Local\{A696FC79-93BB-42CB-B9D0-4B32959C2BB0}
2015-12-12 22:27 - 2015-12-12 22:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF42F38A-5DAA-406D-8AE3-8A28CDD1B258}
2015-12-12 09:16 - 2015-12-12 09:16 - 00000000 ____D C:\Users\BR\AppData\Local\{E02A1284-03D5-40D5-A285-7CB11D2E1918}
2015-12-11 20:50 - 2015-12-11 20:51 - 00000000 ____D C:\Users\BR\AppData\Local\{429F7793-9B28-4B16-A490-05CFF5792621}
2015-12-11 06:40 - 2015-12-11 06:40 - 00000000 ____D C:\Users\BR\AppData\Local\{85A360A4-18AA-4383-890A-E82CB17D9F66}
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\Users\BR\AppData\Local\{05452CF0-1A0C-4A18-BD99-BB6F66E384C9}
2015-12-10 06:30 - 2015-12-10 06:30 - 00000000 ____D C:\Users\BR\AppData\Local\{8B5960BF-E7E6-4ED9-B841-3F8F18390F7F}
2015-12-10 05:44 - 2015-12-10 05:44 - 00000000 ____D C:\Users\BR\AppData\Local\{F9EBF3C3-9C29-421D-BEF0-CCEA331C7C82}
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_086883_
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_068569_
2015-12-09 16:30 - 2015-12-09 16:30 - 00000000 ____D C:\Users\BR\AppData\Local\{981BBA3C-5913-4C25-8913-D83454C4F1E4}
2015-12-09 03:22 - 2015-12-09 03:22 - 00000000 ____D C:\MSIef277.tmp
2015-12-09 03:21 - 2015-12-09 03:21 - 00000000 ____D C:\MSIef260.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\MSIef250.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\_981808_
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef23c.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef232.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef21c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa7c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa64.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\_058984_
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\MSIefa4d.tmp
2015-12-09 03:00 - 2015-12-09 03:00 - 00000000 ____D C:\MSIefa36.tmp
2015-12-09 02:55 - 2015-12-09 02:55 - 00000000 ____D C:\_569156_
2015-12-08 21:53 - 2015-12-08 21:53 - 00000000 ____D C:\Users\BR\AppData\Local\{4D0A455B-8325-4F07-AF20-3AC961F8AB17}
2015-12-08 06:47 - 2015-12-08 06:47 - 00000000 ____D C:\Users\BR\AppData\Local\{BA213AC6-1ECF-4913-8CB9-C63F2121DACC}
2015-12-07 09:35 - 2015-12-07 09:35 - 00000000 ____D C:\Users\BR\AppData\Local\{0AB1C510-D294-4C54-BF11-1DD088AE5765}
2015-12-06 20:52 - 2015-12-06 20:52 - 00000000 ____D C:\Users\BR\AppData\Local\{E68EBFA1-08C7-40C4-BD0E-584F9CFFACFE}
2015-12-06 06:04 - 2015-12-06 06:05 - 00000000 ____D C:\Users\BR\AppData\Local\{81C29482-25ED-4C8C-A705-AC7B67C1D3C2}
2015-12-05 09:36 - 2015-12-05 09:36 - 00000000 ____D C:\Users\BR\AppData\Local\{3357B4EC-C35B-46A6-8C53-39C30CA6E265}
2015-12-05 04:56 - 2015-12-05 04:57 - 00000000 ____D C:\Users\BR\AppData\Local\{058E250A-D549-4417-AFB0-4E3CFF6CE54D}
2015-12-05 00:08 - 2015-12-05 00:08 - 00000000 ____D C:\Users\BR\AppData\Local\{60016A71-765C-44C5-938D-92999C3D59C2}
2015-12-04 18:15 - 2015-12-04 18:15 - 00000000 ____D C:\Users\BR\AppData\Local\{C50E7D9F-8A5D-4DF8-8FC7-4072BA3714D7}
2015-12-04 03:42 - 2015-12-04 03:42 - 00000000 ____D C:\Users\BR\AppData\Local\{491C29EA-B0E9-4541-85B5-E5126776B699}
2015-12-03 07:40 - 2015-12-03 07:40 - 00000000 ____D C:\Users\BR\AppData\Local\{8844AA95-EB19-429F-A73F-A3941915807C}
2015-12-02 08:18 - 2015-12-02 08:19 - 00000000 ____D C:\Users\BR\AppData\Local\{DD7F81D0-3EC8-4B4D-B003-462A71CFBB4A}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Error: Restore point can only be created in normal mode.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
"C:\Users\BR\AppData\Local\{10CF9506-F72C-4A06-A3DA-4845B6C97BB7}" => not found.
"C:\Users\BR\AppData\Local\{F14EB260-F01A-409E-B16B-A0BE31C831E7}" => not found.
"C:\Users\BR\AppData\Local\{5DDBEF6E-2924-472C-95F9-E505DD818272}" => not found.
"C:\Users\BR\AppData\Local\{036388DF-B448-4985-85BA-187DCCC10FAE}" => not found.
"C:\Users\BR\AppData\Local\{299021E1-649E-4A8E-AD2E-3076FA51C664}" => not found.
"C:\Users\BR\AppData\Local\{58D77E0F-BB45-4B4F-9584-91CF2F636547}" => not found.
"C:\Users\BR\AppData\Local\{DEBEFDA7-783B-4625-9FD7-14D923AB27FB}" => not found.
"C:\_193560_" => not found.
"C:\Users\BR\AppData\Local\{AF492E9B-954A-4209-98E7-24564F3942EF}" => not found.
"C:\Users\BR\AppData\Local\{ADBF5FBD-C56C-4795-823B-B30E3F2E23C7}" => not found.
"C:\_959793_" => not found.
"C:\Users\BR\AppData\Local\{E41F5F8B-272A-40F6-9138-D4F504D7166D}" => not found.
"C:\Users\BR\AppData\Local\{722101BB-3843-44A4-8A06-8B87569EB1E4}" => not found.
"C:\Users\BR\AppData\Local\{8414D312-047F-47EE-856E-A3F3BCB15293}" => not found.
"C:\_438108_" => not found.
"C:\Users\BR\AppData\Local\{FF891592-3DB8-4CB7-8A85-9D683B8A1C94}" => not found.
"C:\_686760_" => not found.
"C:\_668944_" => not found.
"C:\Users\BR\AppData\Local\{24753264-BEC7-4003-B927-F350040A6E91}" => not found.
"C:\Users\BR\AppData\Local\{7C37C019-85A4-448D-A586-AC5ABD762AA9}" => not found.
"C:\Users\BR\AppData\Local\{F07FFADB-940F-4113-8352-5F39E802755C}" => not found.
"C:\Users\BR\AppData\Local\{616552FB-1478-48A0-986A-7990DABC54A4}" => not found.
"C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015121613252443.rar" => not found.
"C:\Users\BR\AppData\Local\{13ECE924-563E-44F2-8937-2FF512C7C66E}" => not found.
"C:\Users\BR\AppData\Local\{38BC2977-FC58-4EFC-9397-EA1FFE1D4A9F}" => not found.
"C:\Users\BR\AppData\Local\{1802FFCE-569A-45A8-8221-1BC4AB692500}" => not found.
"C:\Users\BR\AppData\Local\{92C3F0F6-1BAF-4A3B-9FC2-D0B629648F96}" => not found.
"C:\Users\BR\AppData\Local\{8CF4EA93-2D2D-4EB6-96A1-9B9C742C67FB}" => not found.
"C:\MSI4e876.tmp" => not found.
"C:\Users\BR\AppData\Local\{1CAD8E48-08F0-4619-BD4E-5489B2BD0DD5}" => not found.
"C:\Users\BR\AppData\Local\{A811EA30-8249-4DF1-9000-FFEC6435B7D6}" => not found.
"C:\Users\BR\AppData\Local\{DB07A58C-E54D-4F30-9020-1E6726BBD6E4}" => not found.
"C:\_202433_" => not found.
"C:\Users\BR\AppData\Local\{997223D9-F9B9-4D46-8F7A-21CB853E5B76}" => not found.
"C:\Users\BR\AppData\Local\{A696FC79-93BB-42CB-B9D0-4B32959C2BB0}" => not found.
"C:\Users\BR\AppData\Local\{AF42F38A-5DAA-406D-8AE3-8A28CDD1B258}" => not found.
"C:\Users\BR\AppData\Local\{E02A1284-03D5-40D5-A285-7CB11D2E1918}" => not found.
"C:\Users\BR\AppData\Local\{429F7793-9B28-4B16-A490-05CFF5792621}" => not found.
"C:\Users\BR\AppData\Local\{85A360A4-18AA-4383-890A-E82CB17D9F66}" => not found.
"C:\Users\BR\AppData\Local\{05452CF0-1A0C-4A18-BD99-BB6F66E384C9}" => not found.
"C:\Users\BR\AppData\Local\{8B5960BF-E7E6-4ED9-B841-3F8F18390F7F}" => not found.
"C:\Users\BR\AppData\Local\{F9EBF3C3-9C29-421D-BEF0-CCEA331C7C82}" => not found.
"C:\_086883_" => not found.
"C:\_068569_" => not found.
"C:\Users\BR\AppData\Local\{981BBA3C-5913-4C25-8913-D83454C4F1E4}" => not found.
"C:\MSIef277.tmp" => not found.
"C:\MSIef260.tmp" => not found.
"C:\MSIef250.tmp" => not found.
"C:\_981808_" => not found.
"C:\MSIef23c.tmp" => not found.
"C:\MSIef232.tmp" => not found.
"C:\MSIef21c.tmp" => not found.
"C:\MSIefa7c.tmp" => not found.
"C:\MSIefa64.tmp" => not found.
"C:\_058984_" => not found.
"C:\MSIefa4d.tmp" => not found.
"C:\MSIefa36.tmp" => not found.
"C:\_569156_" => not found.
"C:\Users\BR\AppData\Local\{4D0A455B-8325-4F07-AF20-3AC961F8AB17}" => not found.
"C:\Users\BR\AppData\Local\{BA213AC6-1ECF-4913-8CB9-C63F2121DACC}" => not found.
"C:\Users\BR\AppData\Local\{0AB1C510-D294-4C54-BF11-1DD088AE5765}" => not found.
"C:\Users\BR\AppData\Local\{E68EBFA1-08C7-40C4-BD0E-584F9CFFACFE}" => not found.
"C:\Users\BR\AppData\Local\{81C29482-25ED-4C8C-A705-AC7B67C1D3C2}" => not found.
"C:\Users\BR\AppData\Local\{3357B4EC-C35B-46A6-8C53-39C30CA6E265}" => not found.
"C:\Users\BR\AppData\Local\{058E250A-D549-4417-AFB0-4E3CFF6CE54D}" => not found.
"C:\Users\BR\AppData\Local\{60016A71-765C-44C5-938D-92999C3D59C2}" => not found.
"C:\Users\BR\AppData\Local\{C50E7D9F-8A5D-4DF8-8FC7-4072BA3714D7}" => not found.
"C:\Users\BR\AppData\Local\{491C29EA-B0E9-4541-85B5-E5126776B699}" => not found.
"C:\Users\BR\AppData\Local\{8844AA95-EB19-429F-A73F-A3941915807C}" => not found.
"C:\Users\BR\AppData\Local\{DD7F81D0-3EC8-4B4D-B003-462A71CFBB4A}" => not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

 

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

 

========= End of Reg: =========

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========

EmptyTemp: => 34.2 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 13:21:01 ====

 

 

 

#3

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
Ran by BR (administrator) on BRIAN-PC (01-01-2016 12:08:55)
Running from C:\Users\BR\Desktop
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Alibaba (China) Co., LTD. All rights reserved.) C:\Program Files (x86)\TaobaoProtect\TBSecSvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Alibaba Group) C:\Program Files (x86)\Alibaba\wwbizsrv\wwbizsrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(阿里巴巴(中国)有限公司) C:\Users\BR\AppData\Roaming\TaobaoProtect\TaobaoProtect.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087776 2014-08-26] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET) #2] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [aliim] => C:\Program Files (x86)\TradeManager\AliIM.exe [594744 2015-12-07] (Alibaba (China) Co., Ltd.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-01-04]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USBKVM Switcher.lnk [2015-10-10]
ShortcutTarget: USBKVM Switcher.lnk -> C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe ()
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: [DhcpNameServer] 64.59.144.16 64.59.150.132

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-CA&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-CA&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {07C7C110-7846-4522-8DA7-7316F05F3171} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1004 -> {5C92EB9F-4A20-4856-8F45-C04A70AC3398} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\5vqkojcs.default-1425818769644
FF DefaultSearchEngine: Ask Search
FF Homepage: hxxps://www.google.ca/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-26] ()
FF Plugin: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo64.dll [No File]
FF Plugin: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc64.dll [No File]
FF Plugin: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl64.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-26] ()
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [2015-12-07] ( )
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [2015-12-07] ( )
FF Plugin-x32: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo.dll [No File]
FF Plugin-x32: @alipay.com/npalidcp -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalidcp.dll [No File]
FF Plugin-x32: @alipay.com/npaliedit -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npaliedit.dll [No File]
FF Plugin-x32: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc.dll [No File]
FF Plugin-x32: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl.dll [No File]
FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.701 -> C:\Windows\system32\itruscert\NPComBrg701.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\TradeManager\npAliSSOLogin.dll [2015-02-09] (Alibaba software (Shanghai) Corporation.)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @citrixonline.com/appdetectorplugin -> C:\Users\BR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-28] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll [2015-03-30] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll [2015-03-30] ( )
FF Extension: New Tab Tools - C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\5vqkojcs.default-1425818769644\Extensions\[email protected] [2015-10-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-13] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.ca/
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-07]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 BackupService; C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-04-14] (Dassault Systèmes) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S4 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S4 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-06-07] (SolidWorks) [File not signed]
S4 SQLANYs_SmpParts; C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe [136568 2010-12-08] (iAnywhere Solutions, Inc.)
R2 TBSecSvc; C:\Program Files (x86)\TaobaoProtect\TBSecSvc.exe [227296 2015-12-25] (Alibaba (China) Co., LTD. All rights reserved.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [243448 2015-12-29] (RaMMicHaeL)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 wwbizsrv; C:\Program Files (x86)\Alibaba\wwbizsrv\wwbizsrv.exe [1770336 2015-08-23] (Alibaba Group)
S3 Blackberry Device Manager; "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X]
S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S2 pcas; "C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\pcas.exe" [X]
S2 secbizsrv; "C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\secbizsrv.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)
S3 SydexFDD; C:\Windows\SysWOW64\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows ® 2000 DDK provider) [File not signed]
S3 utqyodqx; C:\Windows\SysWOW64\Drivers\utqyodqx.sys [7168 2015-12-31] () [File not signed]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-01 12:08 - 2016-01-01 12:09 - 00027844 _____ C:\Users\BR\Desktop\FRST.txt
2016-01-01 11:59 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-01-01 11:59 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-01-01 11:59 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-01-01 11:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-01-01 11:58 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-01-01 11:58 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-12-31 17:41 - 2015-12-31 17:41 - 00002952 _____ C:\Windows\System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF}
2015-12-31 16:10 - 2015-12-31 16:10 - 00000000 ____D C:\RegBackup
2015-12-31 15:49 - 2015-12-31 15:50 - 00089030 _____ C:\Windows\ntbtlog.txt
2015-12-31 15:47 - 2015-12-31 15:47 - 00003648 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2015-12-31 15:47 - 2015-12-31 15:47 - 00002121 _____ C:\Users\BR\Desktop\Tweaking.com - Windows Repair.lnk
2015-12-31 15:46 - 2015-12-31 15:47 - 00183014 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2015-12-31 15:46 - 2015-12-31 15:46 - 21102368 _____ (Tweaking.com) C:\Users\BR\Desktop\tweaking.com_windows_repair_aio_setup.exe
2015-12-31 10:13 - 2015-12-31 11:50 - 00007168 _____ C:\Windows\SysWOW64\Drivers\utqyodqx.sys
2015-12-31 10:09 - 2015-12-31 10:12 - 00000000 ____D C:\Users\BR\Desktop\Base
2015-12-31 10:09 - 2015-09-04 13:18 - 00043230 _____ C:\Users\BR\Desktop\version.txt
2015-12-31 10:09 - 2015-09-04 12:53 - 00794112 _____ (Лаборатория Касперского, 2007-2015) C:\Users\BR\Desktop\avz.exe
2015-12-31 10:09 - 2015-09-04 11:19 - 00519242 _____ C:\Users\BR\Desktop\avz_ru.chm
2015-12-31 10:09 - 2011-01-14 10:52 - 00433648 _____ C:\Users\BR\Desktop\avz_en.chm
2015-12-31 10:09 - 2010-07-08 09:23 - 00000156 _____ C:\Users\BR\Desktop\avz.url
2015-12-31 10:07 - 2015-12-31 10:07 - 09842759 _____ C:\Users\BR\Desktop\avz4 (1).zip
2015-12-31 10:05 - 2015-12-31 10:05 - 09842759 _____ C:\Users\BR\Desktop\avz4.zip
2015-12-31 09:53 - 2015-12-31 09:53 - 00000000 ____D C:\Users\BR\AppData\Local\{10CF9506-F72C-4A06-A3DA-4845B6C97BB7}
2015-12-31 06:24 - 2015-12-31 06:24 - 05643545 ____R (Swearware) C:\Users\BR\Desktop\ComboFix.exe
2015-12-31 06:24 - 2015-12-31 06:24 - 00000000 ____D C:\32788R22FWJFW
2015-12-31 06:21 - 2015-12-31 06:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F14EB260-F01A-409E-B16B-A0BE31C831E7}
2015-12-30 12:18 - 2015-12-30 12:19 - 00000000 ____D C:\Users\BR\AppData\Local\{5DDBEF6E-2924-472C-95F9-E505DD818272}
2015-12-30 11:39 - 2015-12-30 11:39 - 02370560 _____ (Farbar) C:\Users\BR\Desktop\FRST64 (1).exe
2015-12-30 11:35 - 2015-12-30 11:35 - 01599336 _____ (Malwarebytes) C:\Users\BR\Desktop\JRT.exe
2015-12-30 11:31 - 2015-12-30 11:31 - 02370560 _____ (Farbar) C:\Users\BR\Desktop\FRST64.exe
2015-12-30 11:13 - 2015-12-30 11:18 - 00004181 _____ C:\Users\BR\Downloads\Fixlog.txt
2015-12-30 11:12 - 2015-12-30 11:12 - 00001139 _____ C:\Users\BR\Downloads\fixlist (2).txt
2015-12-30 03:06 - 2015-12-30 03:06 - 00000000 ____D C:\_589114_
2015-12-29 16:54 - 2015-12-29 16:54 - 00001139 _____ C:\Users\BR\Downloads\fixlist (1).txt
2015-12-29 11:05 - 2015-12-29 11:05 - 00000205 _____ C:\Users\BR\Downloads\Search.txt
2015-12-29 11:02 - 2015-12-29 11:02 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (4).exe
2015-12-29 10:46 - 2015-12-29 10:46 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (3).exe
2015-12-29 10:46 - 2015-12-29 10:46 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (2).exe
2015-12-29 08:00 - 2015-12-29 08:02 - 00066890 _____ C:\Users\BR\Downloads\Addition.txt
2015-12-29 07:58 - 2015-12-29 08:02 - 00069567 _____ C:\Users\BR\Downloads\FRST.txt
2015-12-29 07:58 - 2015-12-29 07:58 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64 (1).exe
2015-12-29 07:46 - 2016-01-01 12:08 - 00000000 ____D C:\FRST
2015-12-29 07:46 - 2015-12-29 07:46 - 02370560 _____ (Farbar) C:\Users\BR\Downloads\FRST64.exe
2015-12-29 07:42 - 2015-12-29 07:42 - 00000000 ____D C:\Users\BR\AppData\Local\{036388DF-B448-4985-85BA-187DCCC10FAE}
2015-12-28 15:47 - 2015-12-28 15:47 - 00002563 _____ C:\Users\BR\AppData\Local\recently-used.xbel
2015-12-28 15:47 - 2015-12-28 15:47 - 00000000 ____D C:\Users\BR\AppData\Local\{299021E1-649E-4A8E-AD2E-3076FA51C664}
2015-12-28 15:21 - 2015-12-28 15:21 - 00000000 ____D C:\Users\Public\CyberLink
2015-12-28 02:37 - 2015-12-28 02:37 - 00000000 ____D C:\Users\BR\AppData\Local\{58D77E0F-BB45-4B4F-9584-91CF2F636547}
2015-12-27 23:04 - 2015-12-27 23:04 - 00000000 ____D C:\Users\BR\AppData\Local\{DEBEFDA7-783B-4625-9FD7-14D923AB27FB}
2015-12-27 14:21 - 2015-12-27 14:21 - 00000000 ____D C:\_193560_
2015-12-27 09:26 - 2015-12-27 09:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF492E9B-954A-4209-98E7-24564F3942EF}
2015-12-26 07:10 - 2015-12-26 07:10 - 00000000 ____D C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-12-26 07:09 - 2015-12-26 07:13 - 00000000 ____D C:\Users\BR\AppData\Roaming\WindSolutions
2015-12-26 07:09 - 2015-12-26 07:13 - 00000000 ____D C:\ProgramData\WindSolutions
2015-12-26 07:09 - 2015-12-26 07:09 - 06234272 _____ (WindSolutions) C:\Users\BR\Downloads\Install_CopyTransControlCenter (1).exe
2015-12-26 07:08 - 2015-12-26 07:09 - 06234272 _____ (WindSolutions) C:\Users\BR\Downloads\Install_CopyTransControlCenter.exe
2015-12-25 21:09 - 2015-12-25 21:09 - 00000000 ____D C:\Users\BR\AppData\Local\{ADBF5FBD-C56C-4795-823B-B30E3F2E23C7}
2015-12-25 11:52 - 2015-12-25 12:32 - 00000000 ____D C:\AdwCleaner
2015-12-25 11:51 - 2015-12-25 11:51 - 01743360 _____ C:\Users\BR\Downloads\adwcleaner_5.026.exe
2015-12-25 11:38 - 2015-12-25 11:38 - 00034258 _____ C:\Windows\system32\.crusader
2015-12-25 11:11 - 2015-12-25 11:56 - 00000000 ____D C:\Program Files\HitmanPro
2015-12-25 11:09 - 2015-12-25 11:40 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-25 11:09 - 2015-12-25 11:10 - 11337112 _____ (SurfRight B.V.) C:\Users\BR\Downloads\HitmanPro_x64 (1).exe
2015-12-25 11:08 - 2015-12-25 11:09 - 11323704 _____ (SurfRight B.V.) C:\Users\BR\Downloads\HitmanPro_x64.exe
2015-12-25 11:00 - 2015-12-25 11:00 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\BR\Downloads\iExplore (2).exe
2015-12-25 10:59 - 2015-12-25 10:59 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\BR\Downloads\iExplore (1).exe
2015-12-25 10:58 - 2015-12-25 10:58 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\BR\Downloads\iExplore.exe
2015-12-25 10:55 - 2015-12-25 10:58 - 00240744 _____ C:\TDSSKiller.3.1.0.9_25.12.2015_10.55.03_log.txt
2015-12-25 10:54 - 2015-12-25 10:54 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller.exe
2015-12-25 10:54 - 2015-12-25 10:54 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller (2).exe
2015-12-25 10:54 - 2015-12-25 10:54 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller (1).exe
2015-12-25 09:17 - 2015-12-25 09:17 - 00000000 ____D C:\_959793_
2015-12-24 22:14 - 2015-12-24 22:14 - 00000000 ____D C:\Users\BR\AppData\Local\{E41F5F8B-272A-40F6-9138-D4F504D7166D}
2015-12-24 20:07 - 2015-12-24 20:07 - 00000000 ____D C:\Users\BR\AppData\Local\{722101BB-3843-44A4-8A06-8B87569EB1E4}
2015-12-24 15:15 - 2015-12-25 19:10 - 00000000 ____D C:\Program Files (x86)\TaobaoProtect
2015-12-24 02:03 - 2015-12-24 02:03 - 00000000 ____D C:\Users\BR\AppData\Local\{8414D312-047F-47EE-856E-A3F3BCB15293}
2015-12-23 17:08 - 2015-12-23 17:08 - 00000000 ____D C:\_438108_
2015-12-23 09:29 - 2015-12-23 09:30 - 00000000 ____D C:\Users\BR\AppData\Local\{FF891592-3DB8-4CB7-8A85-9D683B8A1C94}
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_686760_
2015-12-23 02:29 - 2015-12-23 02:29 - 00000000 ____D C:\_668944_
2015-12-22 15:00 - 2015-12-22 15:00 - 00000000 ____D C:\Users\BR\AppData\Local\{24753264-BEC7-4003-B927-F350040A6E91}
2015-12-22 01:43 - 2015-12-22 01:43 - 00000000 ____D C:\Users\BR\AppData\Local\{7C37C019-85A4-448D-A586-AC5ABD762AA9}
2015-12-21 07:21 - 2015-12-21 07:21 - 00000000 ____D C:\Users\BR\AppData\Local\{F07FFADB-940F-4113-8352-5F39E802755C}
2015-12-20 07:52 - 2015-12-20 07:52 - 00000000 ____D C:\Users\BR\AppData\Local\{616552FB-1478-48A0-986A-7990DABC54A4}
2015-12-19 16:24 - 2015-12-19 16:25 - 08107995 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015121613252443.rar
2015-12-19 16:12 - 2015-12-19 16:12 - 00000000 ____D C:\Users\BR\AppData\Local\{13ECE924-563E-44F2-8937-2FF512C7C66E}
2015-12-19 05:53 - 2015-12-19 05:53 - 00000000 ____D C:\Users\BR\AppData\Local\{38BC2977-FC58-4EFC-9397-EA1FFE1D4A9F}
2015-12-18 21:49 - 2015-12-18 21:49 - 00000000 ____D C:\Users\BR\AppData\Local\{1802FFCE-569A-45A8-8221-1BC4AB692500}
2015-12-18 06:22 - 2015-12-18 06:22 - 00000000 ____D C:\Users\BR\AppData\Local\{92C3F0F6-1BAF-4A3B-9FC2-D0B629648F96}
2015-12-17 07:25 - 2015-12-17 07:26 - 00000000 ____D C:\Users\BR\AppData\Local\{8CF4EA93-2D2D-4EB6-96A1-9B9C742C67FB}
2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\MSI4e876.tmp
2015-12-16 08:50 - 2015-12-16 08:51 - 00000000 ____D C:\Users\BR\AppData\Local\{1CAD8E48-08F0-4619-BD4E-5489B2BD0DD5}
2015-12-15 18:36 - 2015-12-15 18:36 - 00000000 ____D C:\Users\BR\AppData\Local\{A811EA30-8249-4DF1-9000-FFEC6435B7D6}
2015-12-15 05:47 - 2015-12-15 05:47 - 00000000 ____D C:\Users\BR\AppData\Local\{DB07A58C-E54D-4F30-9020-1E6726BBD6E4}
2015-12-15 03:52 - 2015-12-15 03:52 - 00000000 ____D C:\_202433_
2015-12-14 08:46 - 2015-12-14 08:46 - 00000000 ____D C:\Users\BR\AppData\Local\{997223D9-F9B9-4D46-8F7A-21CB853E5B76}
2015-12-13 18:54 - 2015-12-13 18:54 - 00000000 ____D C:\Users\BR\AppData\Local\{A696FC79-93BB-42CB-B9D0-4B32959C2BB0}
2015-12-12 22:27 - 2015-12-12 22:27 - 00000000 ____D C:\Users\BR\AppData\Local\{AF42F38A-5DAA-406D-8AE3-8A28CDD1B258}
2015-12-12 09:16 - 2015-12-12 09:16 - 00000000 ____D C:\Users\BR\AppData\Local\{E02A1284-03D5-40D5-A285-7CB11D2E1918}
2015-12-11 20:51 - 2015-12-11 20:51 - 03514636 _____ C:\Users\BR\Downloads\EE20151008011-CNC machine.pdf
2015-12-11 20:51 - 2015-12-11 20:51 - 03514636 _____ C:\Users\BR\Downloads\EE20151008011-CNC machine (1).pdf
2015-12-11 20:50 - 2015-12-11 20:51 - 00000000 ____D C:\Users\BR\AppData\Local\{429F7793-9B28-4B16-A490-05CFF5792621}
2015-12-11 06:40 - 2015-12-11 06:40 - 00000000 ____D C:\Users\BR\AppData\Local\{85A360A4-18AA-4383-890A-E82CB17D9F66}
2015-12-10 08:29 - 2009-12-24 15:44 - 06285911 _____ (Ruizhitianhong ) C:\Users\BR\Downloads\0501(English).exe
2015-12-10 08:20 - 2015-12-10 08:20 - 00003369 _____ C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Program Updates.lnk
2015-12-10 08:20 - 2015-12-10 08:20 - 00000000 ____D C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruizhitianhong
2015-12-10 08:20 - 2015-12-10 08:20 - 00000000 ____D C:\Program Files (x86)\Ruizhitianhong
2015-12-10 08:18 - 2015-12-10 08:18 - 00000000 ____D C:\MSI6fb2f.tmp
2015-12-10 08:17 - 2015-12-10 08:18 - 05765714 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2010714163010734.rar
2015-12-10 08:16 - 2015-06-04 14:57 - 00000000 ____D C:\Users\BR\Downloads\A55S
2015-12-10 08:16 - 2014-08-25 17:21 - 01612005 _____ C:\Users\BR\Downloads\A55说明书.pdf
2015-12-10 08:16 - 2014-08-25 17:21 - 00082656 _____ C:\Users\BR\Downloads\A55接线图.dwg
2015-12-10 08:16 - 2014-08-25 17:21 - 00042796 _____ C:\Users\BR\Downloads\A55接线图.pdf
2015-12-10 08:16 - 2014-03-11 09:47 - 06684216 _____ C:\Users\BR\Downloads\P1_2467(气缸多刀头[5寸彩屏][USB1]).pkg
2015-12-10 08:15 - 2015-12-10 08:16 - 08052729 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c2015641523210.rar
2015-12-10 08:02 - 2015-12-10 08:03 - 09242259 _____ C:\Users\BR\Downloads\D%3a%5cvhost%5c095c09bd2e7f097b251d8c05a2044d15%5chttpdocs%5cdownload%5c201564152342835.rar
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\Users\BR\AppData\Local\{05452CF0-1A0C-4A18-BD99-BB6F66E384C9}
2015-12-10 06:30 - 2015-12-10 06:30 - 00000000 ____D C:\Users\BR\AppData\Local\{8B5960BF-E7E6-4ED9-B841-3F8F18390F7F}
2015-12-10 05:44 - 2015-12-10 05:44 - 00000000 ____D C:\Users\BR\AppData\Local\{F9EBF3C3-9C29-421D-BEF0-CCEA331C7C82}
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_086883_
2015-12-10 02:26 - 2015-12-10 02:26 - 00000000 ____D C:\_068569_
2015-12-09 16:30 - 2015-12-09 16:30 - 00000000 ____D C:\Users\BR\AppData\Local\{981BBA3C-5913-4C25-8913-D83454C4F1E4}
2015-12-09 03:22 - 2015-12-09 03:22 - 00000000 ____D C:\MSIef277.tmp
2015-12-09 03:21 - 2015-12-09 03:21 - 00000000 ____D C:\MSIef260.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\MSIef250.tmp
2015-12-09 03:19 - 2015-12-09 03:19 - 00000000 ____D C:\_981808_
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef23c.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef232.tmp
2015-12-09 03:18 - 2015-12-09 03:18 - 00000000 ____D C:\MSIef21c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa7c.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\MSIefa64.tmp
2015-12-09 03:03 - 2015-12-09 03:03 - 00000000 ____D C:\_058984_
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\MSIefa4d.tmp
2015-12-09 03:00 - 2015-12-09 03:00 - 00000000 ____D C:\MSIefa36.tmp
2015-12-09 02:55 - 2015-12-09 02:55 - 00000000 ____D C:\_569156_
2015-12-08 21:53 - 2015-12-08 21:53 - 00000000 ____D C:\Users\BR\AppData\Local\{4D0A455B-8325-4F07-AF20-3AC961F8AB17}
2015-12-08 16:12 - 2015-11-20 10:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 16:12 - 2015-11-20 10:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 16:12 - 2015-11-20 10:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 16:12 - 2015-11-05 11:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 16:12 - 2015-11-05 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 16:12 - 2015-11-03 11:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 16:12 - 2015-11-03 10:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 16:11 - 2015-11-20 10:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 16:11 - 2015-11-20 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 16:11 - 2015-11-20 10:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 16:11 - 2015-11-20 10:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 16:11 - 2015-11-20 10:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 16:11 - 2015-11-20 10:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 16:11 - 2015-11-20 10:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 16:11 - 2015-11-11 13:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 16:11 - 2015-11-11 12:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 16:11 - 2015-11-11 10:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 16:11 - 2015-11-11 10:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 16:11 - 2015-11-11 10:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 16:11 - 2015-11-11 10:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 16:11 - 2015-11-11 08:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 16:11 - 2015-11-11 08:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 16:11 - 2015-11-11 07:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 16:11 - 2015-11-11 07:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 16:11 - 2015-11-11 07:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 16:11 - 2015-11-11 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 16:11 - 2015-11-11 06:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 16:11 - 2015-11-10 10:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 16:11 - 2015-11-10 10:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 16:11 - 2015-11-10 10:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 16:11 - 2015-11-10 10:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 16:11 - 2015-11-10 10:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 16:11 - 2015-11-10 09:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 16:11 - 2015-11-09 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 16:11 - 2015-11-09 16:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 16:11 - 2015-11-09 16:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 16:11 - 2015-11-09 16:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 16:11 - 2015-11-09 16:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 16:11 - 2015-11-09 16:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 16:11 - 2015-11-09 16:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 16:11 - 2015-11-09 16:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 16:11 - 2015-11-09 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 16:11 - 2015-11-09 16:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 16:11 - 2015-11-09 16:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 16:11 - 2015-11-09 16:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 16:11 - 2015-11-09 16:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 16:11 - 2015-11-09 15:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 16:11 - 2015-11-09 15:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 16:11 - 2015-11-09 15:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 16:11 - 2015-11-09 15:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 16:11 - 2015-11-09 15:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 16:11 - 2015-11-09 15:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 16:11 - 2015-11-09 15:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 16:11 - 2015-11-09 15:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 16:11 - 2015-11-09 15:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 16:11 - 2015-11-09 15:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 16:11 - 2015-11-09 15:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 16:11 - 2015-11-08 14:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 16:11 - 2015-11-08 14:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 16:11 - 2015-11-08 14:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 16:11 - 2015-11-08 14:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 16:11 - 2015-11-08 14:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 16:11 - 2015-11-08 14:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 16:11 - 2015-11-08 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 16:11 - 2015-11-08 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 16:11 - 2015-11-08 14:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 16:11 - 2015-11-08 14:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 16:11 - 2015-11-08 14:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 16:11 - 2015-11-08 14:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 16:11 - 2015-11-08 14:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 16:11 - 2015-11-08 14:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 16:11 - 2015-11-08 14:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 16:11 - 2015-11-08 14:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 16:11 - 2015-11-08 13:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 16:11 - 2015-11-08 13:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 16:11 - 2015-11-08 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 16:11 - 2015-11-08 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 16:11 - 2015-11-08 13:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 16:11 - 2015-11-08 13:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 16:11 - 2015-11-08 13:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 16:11 - 2015-11-08 13:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 16:11 - 2015-11-08 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 16:11 - 2015-11-08 13:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 16:11 - 2015-11-08 13:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 16:11 - 2015-11-08 13:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 16:11 - 2015-11-08 12:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 16:11 - 2015-11-08 12:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 16:11 - 2015-11-08 12:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 16:11 - 2015-11-05 11:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 16:11 - 2015-11-05 11:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 16:11 - 2015-11-05 01:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 16:11 - 2015-10-08 15:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-08 16:11 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-08 16:11 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-08 16:11 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-08 16:11 - 2015-10-08 15:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-08 16:11 - 2015-10-08 11:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-08 16:11 - 2015-10-08 10:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-08 16:10 - 2015-11-03 11:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 16:10 - 2015-11-03 10:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 06:47 - 2015-12-08 06:47 - 00000000 ____D C:\Users\BR\AppData\Local\{BA213AC6-1ECF-4913-8CB9-C63F2121DACC}
2015-12-07 10:51 - 2015-12-07 10:51 - 00000000 ____D C:\Users\BR\AppData\Roaming\Sun
2015-12-07 10:51 - 2015-12-07 10:51 - 00000000 ____D C:\Users\BR\.oracle_jre_usage
2015-12-07 10:51 - 2015-12-07 10:51 - 00000000 ____D C:\MSI260f.tmp
2015-12-07 10:50 - 2015-12-07 10:50 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-07 10:50 - 2015-12-07 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-07 10:50 - 2015-12-07 10:50 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-07 10:50 - 2015-12-07 10:50 - 00000000 ____D C:\MSI2609.tmp
2015-12-07 10:49 - 2015-12-07 10:49 - 00584288 _____ (Oracle Corporation) C:\Users\BR\Downloads\chromeinstall-8u66.exe
2015-12-07 10:49 - 2015-12-07 10:49 - 00000000 ____D C:\Users\BR\AppData\LocalLow\Oracle
2015-12-07 09:35 - 2015-12-07 09:35 - 00000000 ____D C:\Users\BR\AppData\Local\{0AB1C510-D294-4C54-BF11-1DD088AE5765}
2015-12-07 09:21 - 2015-12-07 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-12-07 09:20 - 2015-12-07 09:20 - 00000000 ____D C:\MSI5f121.tmp
2015-12-07 09:17 - 2015-12-07 09:17 - 00000000 ____D C:\MSI5ef8e.tmp
2015-12-07 09:16 - 2015-12-07 09:16 - 00001715 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-07 09:16 - 2015-12-07 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-07 09:15 - 2015-12-07 09:16 - 00000000 ____D C:\Program Files\iTunes
2015-12-07 09:15 - 2015-12-07 09:15 - 00000000 ____D C:\Program Files\iPod
2015-12-07 09:13 - 2015-12-07 09:13 - 00000000 ____D C:\MSI5dfea.tmp
2015-12-07 09:11 - 2015-12-07 09:11 - 00000000 ____D C:\MSI5dfe6.tmp
2015-12-07 09:11 - 2015-12-07 09:11 - 00000000 ____D C:\MSI5dfcb.tmp
2015-12-07 09:10 - 2015-12-07 09:10 - 00000000 ____D C:\MSI5dfb3.tmp
2015-12-07 09:10 - 2015-12-07 09:10 - 00000000 ____D C:\MSI5df64.tmp
2015-12-07 09:09 - 2015-12-07 09:09 - 00000000 ____D C:\MSI5ded2.tmp
2015-12-07 09:09 - 2015-12-07 09:09 - 00000000 ____D C:\MSI5deae.tmp
2015-12-07 09:08 - 2015-12-07 09:08 - 00000000 ____D C:\MSI5de43.tmp
2015-12-06 20:52 - 2015-12-06 20:52 - 00000000 ____D C:\Users\BR\AppData\Local\{E68EBFA1-08C7-40C4-BD0E-584F9CFFACFE}
2015-12-06 06:04 - 2015-12-06 06:05 - 00000000 ____D C:\Users\BR\AppData\Local\{81C29482-25ED-4C8C-A705-AC7B67C1D3C2}
2015-12-05 09:36 - 2015-12-05 09:36 - 00000000 ____D C:\Users\BR\AppData\Local\{3357B4EC-C35B-46A6-8C53-39C30CA6E265}
2015-12-05 05:10 - 2013-08-21 10:21 - 00000391 _____ C:\Users\BR\Downloads\readme.txt
2015-12-05 05:10 - 2013-08-21 10:19 - 00001194 _____ C:\Users\BR\Downloads\DonekInch.con
2015-12-05 05:10 - 2013-08-21 10:19 - 00001190 _____ C:\Users\BR\Downloads\DonekMM.con
2015-12-05 05:09 - 2015-12-05 05:09 - 00001746 _____ C:\Users\BR\Downloads\artcam.zip
2015-12-05 04:56 - 2015-12-05 04:57 - 00000000 ____D C:\Users\BR\AppData\Local\{058E250A-D549-4417-AFB0-4E3CFF6CE54D}
2015-12-05 00:08 - 2015-12-05 00:08 - 00000000 ____D C:\Users\BR\AppData\Local\{60016A71-765C-44C5-938D-92999C3D59C2}
2015-12-04 18:15 - 2015-12-04 18:15 - 00000000 ____D C:\Users\BR\AppData\Local\{C50E7D9F-8A5D-4DF8-8FC7-4072BA3714D7}
2015-12-04 03:42 - 2015-12-04 03:42 - 00000000 ____D C:\Users\BR\AppData\Local\{491C29EA-B0E9-4541-85B5-E5126776B699}
2015-12-03 07:40 - 2015-12-03 07:40 - 00000000 ____D C:\Users\BR\AppData\Local\{8844AA95-EB19-429F-A73F-A3941915807C}
2015-12-02 08:18 - 2015-12-02 08:19 - 00000000 ____D C:\Users\BR\AppData\Local\{DD7F81D0-3EC8-4B4D-B003-462A71CFBB4A}
2015-12-02 01:02 - 2015-12-02 01:02 - 00000000 ____D C:\MSI9bd18.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-01 12:09 - 2012-04-18 07:43 - 00000000 ____D C:\Users\BR\AppData\Roaming\Skype
2016-01-01 12:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2016-01-01 12:04 - 2012-03-13 05:15 - 00001267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-01 12:04 - 2012-03-13 05:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-01-01 12:03 - 2012-03-13 05:15 - 00001336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-01 12:03 - 2012-03-13 05:14 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-01 12:02 - 2014-05-02 18:02 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-01 12:02 - 2012-03-13 05:15 - 00001420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-01 12:01 - 2015-07-15 05:08 - 00000000 ____D C:\Users\BR\AppData\Roaming\TaobaoProtect
2016-01-01 11:54 - 2009-07-13 20:45 - 00015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-01 11:54 - 2009-07-13 20:45 - 00015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-01 11:39 - 2012-04-13 07:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-01 02:00 - 2012-04-01 19:31 - 00000000 ____D C:\Users\BR\AppData\Local\Adobe
2016-01-01 01:02 - 2014-05-02 18:02 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 17:32 - 2015-08-18 11:07 - 00000000 ____D C:\Users\BR\AppData\Local\aef
2015-12-31 17:31 - 2009-07-13 21:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-31 17:31 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-31 17:29 - 2015-11-04 08:56 - 00000000 ____D C:\Users\Public\Documents\dumps
2015-12-31 17:29 - 2014-05-13 18:36 - 00000000 ____D C:\Program Files (x86)\TradeManager
2015-12-31 17:27 - 2015-05-10 08:12 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-31 17:27 - 2015-04-22 02:27 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-12-31 17:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\tracing
2015-12-31 17:24 - 2015-10-08 11:40 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-12-31 17:24 - 2012-04-01 10:22 - 00147248 _____ C:\Users\BR\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-31 17:23 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 17:23 - 2009-07-13 20:45 - 00594160 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-31 17:18 - 2009-07-13 18:34 - 00000651 _____ C:\Windows\win.ini
2015-12-31 15:47 - 2014-01-25 06:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-12-31 15:47 - 2014-01-25 06:25 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-12-31 09:55 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-30 12:09 - 2009-07-13 18:34 - 00001235 _____ C:\Windows\system32\Drivers\etc\hosts_bak_949
2015-12-30 11:13 - 2012-08-19 16:35 - 00000000 ____D C:\Users\BR\AppData\LocalLow\Temp
2015-12-30 10:49 - 2015-09-28 06:56 - 00000000 ____D C:\Users\BR\AppData\Local\Citrix
2015-12-30 10:49 - 2015-01-04 09:14 - 00000000 ____D C:\ProgramData\Foolish IT
2015-12-30 10:41 - 2015-05-03 13:07 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-12-30 10:41 - 2013-08-06 16:23 - 00000258 __RSH C:\Users\BR\ntuser.pol
2015-12-30 10:41 - 2012-04-01 10:22 - 00000000 ____D C:\Users\BR
2015-12-28 15:47 - 2015-03-18 05:51 - 00000000 ____D C:\Users\BR\Desktop\all pinups
2015-12-28 15:47 - 2014-09-07 16:32 - 00000000 ____D C:\Users\BR\AppData\Local\gtk-2.0
2015-12-28 15:47 - 2014-09-07 16:27 - 00000000 ____D C:\Users\BR\.gimp-2.8
2015-12-26 03:00 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-26 03:00 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-25 08:52 - 2015-08-01 09:24 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-25 08:43 - 2015-03-19 11:49 - 00000000 ____D C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
2015-12-25 08:43 - 2015-03-18 06:21 - 00000000 ____D C:\Program Files (x86)\Unchecky
2015-12-25 08:43 - 2012-05-05 16:39 - 00000000 ____D C:\Users\BR\AppData\Local\Google
2015-12-25 08:43 - 2012-03-13 12:25 - 00000000 ____D C:\Users\LogMeInRemoteUser
2015-12-25 08:43 - 2012-03-13 05:09 - 00000000 ____D C:\Users\BRIAN
2015-12-25 08:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-12-22 15:04 - 2015-11-07 08:52 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-22 11:26 - 2014-11-15 16:10 - 00000000 ____D C:\Users\BR\AppData\Roaming\Apple Computer
2015-12-22 09:37 - 2015-11-07 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-22 09:37 - 2012-04-01 09:07 - 00000000 ____D C:\Users\bcom
2015-12-16 16:55 - 2015-11-15 08:58 - 00000000 ____D C:\ProgramData\SSDir
2015-12-13 01:00 - 2012-04-01 16:16 - 00000000 ____D C:\Users\BR\AppData\Local\ElevatedDiagnostics
2015-12-11 20:30 - 2014-11-20 08:35 - 00000000 ____D C:\Users\BR\AppData\Local\Apple Inc
2015-12-11 11:14 - 2012-03-13 04:34 - 00000000 ____D C:\Users\BR\Documents\TUMBLEWEED INVOICES
2015-12-10 08:20 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2015-12-09 04:18 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 03:38 - 2012-05-12 02:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 03:38 - 2012-05-12 02:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 03:22 - 2012-03-13 15:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 03:20 - 2012-05-12 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 03:15 - 2013-08-16 11:47 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 03:03 - 2012-03-14 08:27 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 19:39 - 2012-03-13 04:24 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-07 10:50 - 2014-01-18 13:56 - 00000000 ____D C:\ProgramData\Oracle
2015-12-07 09:15 - 2015-09-27 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-07 09:15 - 2014-11-15 16:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-06 14:53 - 2013-08-07 07:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-02 00:57 - 2014-05-02 18:02 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 00:57 - 2014-05-02 18:02 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2014-09-09 15:27 - 2014-09-09 15:30 - 0000000 _____ () C:\Users\BR\AppData\Roaming\bibstats
2014-10-27 08:16 - 2014-11-13 19:01 - 0000308 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.Exception.log
2014-10-27 08:09 - 2014-11-28 09:44 - 0004042 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-10-27 08:16 - 2014-11-13 19:01 - 0000308 _____ () C:\Users\BR\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-11-11 10:57 - 2014-11-11 10:57 - 0000044 _____ () C:\Users\BR\AppData\Roaming\WB.CFG
2014-10-27 09:02 - 2014-10-27 09:02 - 0009728 _____ () C:\Users\BR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-28 15:47 - 2015-12-28 15:47 - 0002563 _____ () C:\Users\BR\AppData\Local\recently-used.xbel
2015-09-26 12:43 - 2015-09-26 12:43 - 0000017 _____ () C:\Users\BR\AppData\Local\resmon.resmoncfg
2012-06-07 20:09 - 2012-06-07 20:09 - 0000000 _____ () C:\Users\BR\AppData\Local\Temptable.xml
2012-09-23 13:15 - 2012-09-23 13:15 - 0137289 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
2012-09-23 13:15 - 2012-09-23 13:15 - 0132486 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
2012-09-23 13:15 - 2012-09-23 13:15 - 0132533 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
2012-09-23 13:15 - 2012-09-23 13:15 - 0003890 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 0121078 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.0
2012-10-03 17:21 - 2012-10-03 17:21 - 0044248 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
2012-10-03 17:18 - 2012-10-03 17:18 - 0112551 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.0
2012-10-03 17:18 - 2012-10-03 17:18 - 0040181 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 0115714 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.0
2012-10-03 17:21 - 2012-10-03 17:21 - 0038427 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 0134269 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.0
2012-10-03 17:22 - 2012-10-03 17:22 - 0049466 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 0135858 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.0
2012-10-03 17:22 - 2012-10-03 17:22 - 0050685 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.1
2012-10-03 17:22 - 2012-10-03 17:22 - 0050520 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
2012-10-03 17:23 - 2012-10-03 17:23 - 0136857 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.0
2012-10-03 17:23 - 2012-10-03 17:23 - 0049261 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.1
2012-10-03 17:23 - 2012-10-03 17:23 - 0049486 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
2012-08-22 15:05 - 2012-08-22 15:05 - 0006400 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
2012-08-22 15:05 - 2012-08-22 15:05 - 0001969 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
2014-09-04 10:40 - 2014-09-04 10:40 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-03-13 06:52 - 2014-07-22 14:04 - 0003834 _____ () C:\ProgramData\hpzinstall.log
2012-03-13 17:47 - 2012-12-22 17:06 - 0000173 _____ () C:\ProgramData\LockFilePath.ini
2012-12-02 12:08 - 2012-12-02 12:08 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-30 12:49

==================== End of FRST.txt ============================


  • 0

Advertisements


#26
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

What problems are you experiencing now.. Is your homepage OK


  • 0

#27
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

What problems are you experiencing now.. Is your homepage OK

yes everything is good now I do have a little glitch on the home page but I think it may be chrome. when I first log the home page looks different slightly then when I hit the home button 

Attached Thumbnails

  • first_home_page.png
  • after_hitting_home_button.png

  • 0

#28
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
They look OK for Chrome

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove Combofix

Click Start then Run.
On Windows7 or Vista you may use Start Search field if Run is not available.
In the box copy/paste the following command:

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

Then click OK (or press Enter ).
Wait for the uninstall process to complete.

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#29
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 164 posts

They look OK for Chrome

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove Combofix

Click Start then Run.
On Windows7 or Vista you may use Start Search field if Run is not available.
In the box copy/paste the following command:

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

Then click OK (or press Enter ).
Wait for the uninstall process to complete.

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

 

 

 

Great thank you for all your help!!


  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP