Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

wont download, upload, and installers wont work [Solved]

Started by Chef April , Jan 31 2016 04:18 PM
wont download upload installers malware virous

  • This topic is locked This topic is locked

#1
Chef April
Posted 31 January 2016 - 04:18 PM

Chef April

    Member

  • Member
  • PipPip
  • 37 posts

hello

I think i got a nasty nasty bug, so dirty if you respond to this post ya might wanna type with rubber gloves on. :)

my comp is  a toshiba laptop l-655- s5155 with windows 7 os

will not download or upload ( all browsers freeze and crash chrome, firefox, and even explorer if i try  )

and if i have got something to DL in explorer only it will not install. the installer locks and it gets a error and says its not working 

 

its a dirty dirty bad computer, i really do need it for collage school work so i really hope i don't have to burn it as a digital bio hazard!

 

help me if ya can thanks all

April 


  • 0

Advertisements

#2
BrianDrab
Posted 31 January 2016 - 04:25 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

Since you can't download anything I'm going to put together some instructions for you so we can get some logs. Do you happen to have another machine and a USB Thumb drive that you can download tools and transfer them over to your machine?


  • 0

#3
Chef April
Posted 31 January 2016 - 06:31 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

ok that would be great 


  • 0

#4
BrianDrab
Posted 31 January 2016 - 06:36 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

It doesn't appear that you answered my question.


  • 0

#5
Chef April
Posted 31 January 2016 - 06:42 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
I do not have annother computer at my house I could use. Only the library other days. Zip drive yes. And cell web access to read from today if comp is down
  • 0

#6
Chef April
Posted 31 January 2016 - 06:47 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
But I just did a test and explorer let me download a pic so maybe it will work
  • 0

#7
BrianDrab
Posted 31 January 2016 - 06:58 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

OK, please try the following and let me know if it works.

 

Fresh Set of Logs Needed
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the right version.
2. Right click on the file and select Run as administrator (If you don't have this option simply double-click the file to open). When the tool opens click Yes to disclaimer.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should be the desktop)
5. Please copy and paste log back here.
6. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
     Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.


  • 0

#8
Chef April
Posted 31 January 2016 - 09:52 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Ok wow, its a lot of info. Got it to work. One min and I will post
  • 0

#9
Chef April
Posted 31 January 2016 - 09:54 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

it posted two files a FRST one and a ADDITION one


  • 0

#10
Chef April
Posted 31 January 2016 - 09:56 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

this is the FRST.

 

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(BitTorrent Inc.) C:\Users\JOHN THE MAN\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_286_ActiveX.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12119872 2015-11-12] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ROC_roc_dec12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
HKLM-x32\...\Run: [VERIZONDM] => C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe [206120 2011-12-01] (SupportSoft, Inc.)
HKLM-x32\...\Run: [fst_us_68] => [X]
HKLM-x32\...\Run: [fst_us_70] => [X]
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1269208 2014-08-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TkBellExe] => C:\program files (x86)\real\realplayer\update\realsched.exe [286984 2015-09-24] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-10-14] (Google Inc.)
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\Run: [uTorrent] => C:\Users\JOHN THE MAN\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-23] (BitTorrent Inc.)
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\MountPoints2: {c49d0f64-b88b-11e4-851f-60eb69f1d265} - D:\Setup.exe
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-09-24]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:61015;https=127.0.0.1:61015
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{144C2DBE-8B41-4B4B-AC04-F4FE717B8A26}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{8A592FC1-E520-409E-B0DB-2CB24AEF2EBE}: [DhcpNameServer] 10.8.0.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=55&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&SSPV=
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com/g/
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=55&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&SSPV=
hxxp://start.toshiba.com/g/
URLSearchHook: HKLM-x32 - Vgrabber Toolbar - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope {03BBFD85-1FF2-4987-92B0-A312987B7E66} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM -> {03BBFD85-1FF2-4987-92B0-A312987B7E66} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=166&itype=n&ver=12565&tm=355&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {43586782-C232-4C3A-88A4-859FB844FDA7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {43586782-C232-4C3A-88A4-859FB844FDA7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=166&itype=n&ver=12565&tm=355&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3059010
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://search.my-tools-app.com/?babsrc=home&s=web&as=0&isid=9852&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {03BBFD85-1FF2-4987-92B0-A312987B7E66} URL = 
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=58&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=58&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {03BBFD85-1FF2-4987-92B0-A312987B7E66} URL = 
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {43586782-C232-4C3A-88A4-859FB844FDA7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS453
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={56B6D338-F6B9-4F56-8D48-2565410D86F0}&mid=3304f7d12e4c47d1bcc4b1a22f153b96-c6d99d63e392968ecb995946e7d1e069db742ae9&lang=en&ds=oc011&coid=avgtbdisoc&cmpid=&pr=sa&d=2014-09-02 21:02:30&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {9B58A700-D065-4E65-B6C3-5C8743AC0DD7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=166&itype=n&ver=12565&tm=355&src=ds&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-11-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-01-21] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2015-01-19] (Yahoo! Inc.)
BHO-x32: BFlix Class -> {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} -> C:\Program Files (x86)\BFlix\BFlix.dll [2011-12-30] (BFlix)
BHO-x32: I Want This -> {11111111-1111-1111-1111-110011221158} -> C:\Program Files (x86)\I Want This\I Want This.dll [2012-01-25] (215 Apps)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-11-10] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Browse For Change BHO -> {912C156F-05CF-4B62-851A-96E167A677B0} -> C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-27] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Vgrabber Toolbar -> {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} -> C:\Program Files (x86)\Vgrabber\prxtbVgra.dll [2011-05-09] (Conduit Ltd.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-01-21] (Microsoft Corporation)
BHO-x32: MyTools Class -> {C3A44133-7EAD-434C-AC9E-7F1DA176BA8C} -> C:\Program Files (x86)\MyTools\MyTools.dll [2011-12-30] (MyTools)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-02] (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.)
Toolbar: HKLM-x32 - Vgrabber Toolbar - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\Vgrabber\prxtbVgra.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM-x32 - No Name - {06C7AD57-B655-418D-9AB8-9526A6D2E052} -  No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2015-01-19] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-27] (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} -  No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> No Name - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\JOHN THE MAN\AppData\Roaming\Mozilla\Firefox\Profiles\iacpkkad.default-1454270609525
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-09-24] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-09-24] (RealTimes)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-04-16] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1981047535-1425690070-2209561917-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JOHN THE MAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-04] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1981047535-1425690070-2209561917-1001: DISH Anywhere.com/DISH Anywhere Video Player -> C:\Users\JOHN THE MAN\AppData\Roaming\DISH Anywhere\DISH Anywhere Video Player\npNMPCBrowserPlugin.dll [2014-09-01] (Nagravision)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-12] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-09-23] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331616&octid=EB_ORIGINAL_CTID&ISID=M4D44265B-90FD-4784-9FBE-7385541A7A8C&SearchSource=55&CUI=&UM=6&UP=SPB142F516-F74D-4FB9-876A-5C64721774E2&SSPV="
CHR Profile: C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2015-11-21]
CHR Extension: (Google Docs) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (YouTube) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-10]
CHR Extension: (MyTools extension) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkbppmdgdfccoihhajoeflficbpgcnm [2014-06-19] [UpdateUrl: hxxp://mytoolsapp.info/chrome_update.xml] <==== ATTENTION
CHR Extension: (Google Search) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-01-29]
CHR Extension: (SlingPlayer for DISH Anywhere) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn [2015-04-02]
CHR Extension: (Bflix) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpojpihgafjhbgkgaglhighomjceieff [2014-06-19] [UpdateUrl: hxxp://thebflix.com/chrome_update.xml] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JOHNTH~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cnkbppmdgdfccoihhajoeflficbpgcnm] - C:\Program Files (x86)\MyTools\MyTools.crx [2011-12-26]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [kpojpihgafjhbgkgaglhighomjceieff] - C:\Program Files (x86)\BFlix\BFlix.crx [2012-02-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Llynne\AppData\Local\I Want This\Chrome\I Want This.crx <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [358984 2014-05-21] (Verizon) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe [135608 2011-12-16] (Symantec Corporation)
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1103656 2015-09-24] (RealNetworks, Inc.)
R2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [206120 2011-12-01] (SupportSoft, Inc.)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [3272048 2015-01-16] ()
R2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [185640 2011-12-01] (SupportSoft, Inc.)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [252928 2010-02-25] (TOSHIBA Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39048 2015-01-16] (The OpenVPN Project)
S3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2014-11-21] (Windows ® Win 7 DDK provider)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-31 19:40 - 2016-01-31 19:43 - 00037956 _____ C:\Users\JOHN THE MAN\Desktop\FRST.txt
2016-01-31 17:16 - 2016-01-31 17:16 - 00004740 _____ C:\Users\JOHN THE MAN\Downloads\FRST.txt
2016-01-31 17:14 - 2016-01-31 19:40 - 00000000 ____D C:\FRST
2016-01-31 17:12 - 2016-01-31 17:14 - 02370560 _____ (Farbar) C:\Users\JOHN THE MAN\Desktop\FRST64.exe
2016-01-31 14:09 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2016-01-31 14:08 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2016-01-31 14:08 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-01-31 14:08 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-01-31 14:08 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2016-01-31 14:08 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2016-01-31 14:08 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2016-01-31 14:08 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2016-01-31 14:08 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2016-01-31 14:08 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2016-01-31 14:08 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2016-01-31 14:08 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2016-01-31 14:08 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2016-01-31 14:08 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2016-01-31 14:08 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2016-01-31 14:08 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2016-01-31 14:08 - 2013-10-01 12:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-01-31 14:08 - 2013-10-01 12:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-01-31 13:38 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2016-01-31 13:38 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2016-01-31 13:37 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2016-01-31 13:36 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-01-31 13:36 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2016-01-31 13:36 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-01-31 13:14 - 2011-09-22 17:18 - 00089960 _____ (Microsoft Corporation) C:\windows\SysWOW64\SQSRVRES.DLL
2016-01-31 13:14 - 2011-09-22 17:18 - 00073064 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-MSSQL$MSSMLBIZ-sqlctr10.3.5500.0.dll
2016-01-31 12:03 - 2016-01-31 12:04 - 00000000 ____D C:\afae688b76afab8db3b634d356512108
2016-01-31 12:03 - 2016-01-31 12:03 - 00000000 ____D C:\Users\JOHN THE MAN\Desktop\Old Firefox Data
2016-01-31 11:46 - 2015-08-05 09:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2016-01-31 11:46 - 2015-08-05 09:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-01-31 11:43 - 2016-01-31 11:43 - 00000119 _____ C:\Users\JOHN THE MAN\Desktop\NoScan.reg
2016-01-31 10:50 - 2016-01-31 10:50 - 00165248 _____ (ArenaNet) C:\Users\JOHN THE MAN\Downloads\Unconfirmed 436658.crdownload
2016-01-28 09:51 - 2016-01-28 09:51 - 00000000 __SHD C:\found.003
2016-01-14 21:34 - 2016-01-14 21:34 - 00000000 ____D C:\15489c3774bf297d62ba59b6dd4c
2016-01-14 19:15 - 2016-01-14 19:15 - 00000000 ____H C:\Users\JOHN THE MAN\AppData\Local\BIT67B7.tmp
2016-01-14 19:14 - 2016-01-14 19:14 - 00000000 _____ C:\Users\JOHN THE MAN\AppData\Local\{7736DF6D-1B59-4871-AE9A-CE299CEAFE22}
2016-01-12 11:57 - 2015-12-11 10:57 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-12 11:57 - 2015-12-08 13:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-01-12 11:57 - 2015-12-08 13:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-01-12 11:57 - 2015-12-08 13:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-01-12 11:57 - 2015-12-08 13:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 11:57 - 2015-12-08 13:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-01-12 11:57 - 2015-12-08 13:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-01-12 11:57 - 2015-12-08 13:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-01-12 11:57 - 2015-12-08 13:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 11:57 - 2015-12-08 13:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-12 11:57 - 2015-12-08 11:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-12 11:57 - 2015-12-08 11:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-12 11:57 - 2015-12-08 11:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-12 11:57 - 2015-12-08 11:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-12 11:57 - 2015-12-08 11:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-12 11:57 - 2015-12-08 11:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-12 11:57 - 2015-12-08 11:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-12 11:57 - 2015-11-16 17:11 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-12 11:57 - 2015-11-16 17:08 - 01381376 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-12 11:57 - 2015-11-16 17:08 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-12 11:57 - 2015-11-16 17:08 - 00705536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-12 11:57 - 2015-11-16 17:08 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-12 11:57 - 2015-11-16 17:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-12 11:57 - 2015-11-16 12:17 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-12 11:57 - 2015-11-13 15:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-12 11:57 - 2015-11-13 15:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-12 11:57 - 2015-11-13 15:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-01-12 11:57 - 2015-11-13 14:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-01-12 11:57 - 2015-11-13 14:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-01-12 11:57 - 2015-11-13 14:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-01-12 11:56 - 2015-12-08 13:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-01-12 11:56 - 2015-12-08 13:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-01-12 11:56 - 2015-12-08 13:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-01-12 11:56 - 2015-12-08 13:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-01-12 11:56 - 2015-12-08 13:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-01-12 11:56 - 2015-12-08 13:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-01-12 11:56 - 2015-12-08 13:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-01-12 11:56 - 2015-12-08 13:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-01-12 11:56 - 2015-12-08 13:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-01-12 11:56 - 2015-12-08 13:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-01-12 11:56 - 2015-12-08 13:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-01-12 11:56 - 2015-12-08 13:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-01-12 11:56 - 2015-12-08 13:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 01393152 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-12 11:56 - 2015-12-08 11:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-12 11:56 - 2015-12-08 11:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-12 11:56 - 2015-12-08 11:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-12 11:56 - 2015-12-08 11:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-12 11:56 - 2015-12-08 11:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-12 11:56 - 2015-12-08 11:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-12 11:56 - 2015-12-08 10:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-12 11:56 - 2015-12-08 10:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-12 11:56 - 2015-12-08 10:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-12 11:56 - 2015-12-08 09:58 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-12 11:55 - 2015-12-23 15:13 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-12 11:55 - 2015-12-23 14:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-01-12 11:55 - 2015-12-12 10:31 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-12 11:55 - 2015-12-12 10:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-12 11:55 - 2015-12-12 10:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-12 11:55 - 2015-12-12 10:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-12 11:55 - 2015-12-12 10:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-12 11:55 - 2015-12-12 10:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-12 11:55 - 2015-12-12 10:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-12 11:55 - 2015-12-12 10:07 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-12 11:55 - 2015-12-12 10:03 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-12 11:55 - 2015-12-12 10:02 - 20367360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-01-12 11:55 - 2015-12-12 10:02 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-12 11:55 - 2015-12-12 10:02 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-12 11:55 - 2015-12-12 09:55 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-12 11:55 - 2015-12-12 09:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-12 11:55 - 2015-12-12 09:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-01-12 11:55 - 2015-12-12 09:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-12 11:55 - 2015-12-12 09:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-12 11:55 - 2015-12-12 09:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-01-12 11:55 - 2015-12-12 09:37 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-12 11:55 - 2015-12-12 09:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-01-12 11:55 - 2015-12-12 09:37 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-01-12 11:55 - 2015-12-12 09:36 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-01-12 11:55 - 2015-12-12 09:36 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-01-12 11:55 - 2015-12-12 09:35 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-12 11:55 - 2015-12-12 09:33 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-01-12 11:55 - 2015-12-12 09:31 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-01-12 11:55 - 2015-12-12 09:30 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-01-12 11:55 - 2015-12-12 09:28 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-01-12 11:55 - 2015-12-12 09:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-01-12 11:55 - 2015-12-12 09:27 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-01-12 11:55 - 2015-12-12 09:27 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-01-12 11:55 - 2015-12-12 09:25 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-12 11:55 - 2015-12-12 09:23 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-12 11:55 - 2015-12-12 09:22 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-12 11:55 - 2015-12-12 09:21 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-12 11:55 - 2015-12-12 09:20 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-12 11:55 - 2015-12-12 09:19 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-01-12 11:55 - 2015-12-12 09:18 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-12 11:55 - 2015-12-12 09:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-12 11:55 - 2015-12-12 09:12 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-01-12 11:55 - 2015-12-12 09:10 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-01-12 11:55 - 2015-12-12 09:10 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-01-12 11:55 - 2015-12-12 09:09 - 04610560 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-01-12 11:55 - 2015-12-12 09:08 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-01-12 11:55 - 2015-12-12 09:02 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-01-12 11:55 - 2015-12-12 09:00 - 12856320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-01-12 11:55 - 2015-12-12 09:00 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-01-12 11:55 - 2015-12-12 09:00 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-01-12 11:55 - 2015-12-12 09:00 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-01-12 11:55 - 2015-12-12 08:54 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-12 11:55 - 2015-12-12 08:41 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-01-12 11:55 - 2015-12-12 08:38 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-01-12 11:55 - 2015-12-12 08:36 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-01-12 11:54 - 2015-12-12 10:54 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-12 11:54 - 2015-12-12 10:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-12 11:54 - 2015-12-12 10:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-12 11:54 - 2015-12-12 10:07 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-12 11:54 - 2015-12-12 10:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-12 11:54 - 2015-12-12 10:02 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-12 11:54 - 2015-12-12 09:40 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-12 11:54 - 2015-12-12 09:06 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-12 11:54 - 2015-12-12 08:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-12 11:53 - 2015-12-08 13:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-01-12 11:53 - 2015-12-08 11:07 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-12 11:52 - 2015-12-30 11:08 - 05572544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-12 11:52 - 2015-12-30 11:01 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-12 11:52 - 2015-12-08 13:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-01-12 11:52 - 2015-12-08 11:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-12 11:51 - 2015-12-30 11:08 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-12 11:51 - 2015-12-30 11:08 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-12 11:51 - 2015-12-30 11:05 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-12 11:51 - 2015-12-30 11:02 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-01-12 11:51 - 2015-12-30 11:02 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-01-12 11:51 - 2015-12-30 11:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-01-12 11:51 - 2015-12-30 11:02 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-12 11:51 - 2015-12-30 11:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-12 11:51 - 2015-12-30 11:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-01-12 11:51 - 2015-12-30 11:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-12 11:51 - 2015-12-30 11:01 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-12 11:51 - 2015-12-30 11:01 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-12 11:51 - 2015-12-30 11:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-12 11:51 - 2015-12-30 11:01 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-12 11:51 - 2015-12-30 11:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-12 11:51 - 2015-12-30 11:00 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-01-12 11:51 - 2015-12-30 10:59 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-12 11:51 - 2015-12-30 10:59 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-12 11:51 - 2015-12-30 10:59 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-12 11:51 - 2015-12-30 10:58 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-12 11:51 - 2015-12-30 10:58 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-12 11:51 - 2015-12-30 10:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-01-12 11:51 - 2015-12-30 10:57 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-12 11:51 - 2015-12-30 10:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-01-12 11:51 - 2015-12-30 10:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-12 11:51 - 2015-12-30 10:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-12 11:51 - 2015-12-30 10:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:47 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-01-12 11:51 - 2015-12-30 10:47 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-01-12 11:51 - 2015-12-30 10:44 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-01-12 11:51 - 2015-12-30 10:41 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-01-12 11:51 - 2015-12-30 10:40 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-01-12 11:51 - 2015-12-30 10:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-01-12 11:51 - 2015-12-30 10:39 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-01-12 11:51 - 2015-12-30 10:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-01-12 11:51 - 2015-12-30 10:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-01-12 11:51 - 2015-12-30 10:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-01-12 11:51 - 2015-12-30 10:38 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-01-12 11:51 - 2015-12-30 10:38 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 10:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 09:57 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-12 11:51 - 2015-12-30 09:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-01-12 11:51 - 2015-12-30 09:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-12 11:51 - 2015-12-30 09:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-01-12 11:51 - 2015-12-30 09:43 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-12 11:51 - 2015-12-30 09:42 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-12 11:51 - 2015-12-30 09:42 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-12 11:51 - 2015-12-30 09:41 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-12 11:51 - 2015-12-30 09:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-12 11:51 - 2015-12-30 09:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-01-12 11:51 - 2015-12-30 09:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-01-12 11:51 - 2015-12-30 09:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-01-12 11:51 - 2015-12-30 09:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-01-12 11:51 - 2015-12-30 09:30 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-01-12 11:51 - 2015-12-30 09:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 09:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 09:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 11:51 - 2015-12-30 09:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-31 19:37 - 2011-12-17 22:48 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1981047535-1425690070-2209561917-1003UA.job
2016-01-31 19:20 - 2014-07-23 07:06 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-01-31 18:49 - 2010-10-14 20:04 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-31 18:20 - 2014-06-27 19:35 - 00000000 ____D C:\Users\JOHN THE MAN\AppData\Local\ElevatedDiagnostics
2016-01-31 18:20 - 2009-07-13 19:20 - 00000000 ____D C:\windows\rescache
2016-01-31 17:49 - 2009-07-13 20:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-31 17:49 - 2009-07-13 20:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-31 17:23 - 2014-05-05 11:04 - 00000000 ____D C:\Users\JOHN THE MAN\AppData\Roaming\uTorrent
2016-01-31 17:23 - 2010-10-14 20:04 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-31 17:18 - 2009-07-13 21:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-01-31 17:07 - 2012-05-04 13:04 - 00000000 ____D C:\Users\JOHN THE MAN\AppData\Local\CrashDumps
2016-01-31 16:21 - 2014-05-22 14:39 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-01-31 14:31 - 2009-07-13 19:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-01-31 14:30 - 2009-07-13 19:20 - 00000000 ____D C:\windows\inf
2016-01-31 13:37 - 2011-12-17 22:48 - 00000860 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1981047535-1425690070-2209561917-1003Core.job
2016-01-31 13:14 - 2011-10-17 14:43 - 00834548 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-01-31 13:11 - 2011-12-23 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2016-01-31 12:40 - 2011-12-23 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-01-31 10:10 - 2014-05-05 10:58 - 00000000 ____D C:\Users\JOHN THE MAN\Desktop\HotCityCatering
2016-01-31 10:08 - 2015-02-01 10:43 - 00000000 ____D C:\Users\JOHN THE MAN\Desktop\pics n [bleep]
2016-01-28 18:57 - 2014-06-19 11:37 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-28 18:57 - 2010-10-14 20:04 - 00002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-21 16:29 - 2015-02-26 18:32 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-21 16:24 - 2014-07-23 07:06 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-01-21 16:23 - 2014-07-23 07:06 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-01-21 16:23 - 2011-12-13 13:54 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-21 16:04 - 2015-02-26 18:05 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-18 08:54 - 2014-12-23 17:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-14 22:27 - 2009-07-13 21:13 - 00905816 _____ C:\windows\system32\PerfStringBackup.INI
2016-01-14 22:17 - 2009-07-13 20:45 - 00439280 _____ C:\windows\system32\FNTCACHE.DAT
2016-01-14 22:02 - 2014-12-11 03:50 - 00000000 ____D C:\windows\system32\appraiser
2016-01-14 22:02 - 2014-05-18 02:49 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-14 21:49 - 2013-03-28 20:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 21:48 - 2013-03-28 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 21:32 - 2013-03-28 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 21:22 - 2013-08-31 10:42 - 00000000 ____D C:\windows\system32\MRT
2016-01-14 21:00 - 2012-02-06 10:58 - 143671360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-01-14 20:46 - 2009-07-13 18:34 - 00000478 _____ C:\windows\win.ini
2016-01-14 19:09 - 2009-07-13 21:08 - 00032562 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-01-12 12:14 - 2015-02-11 07:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-12 12:00 - 2015-06-24 16:11 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 08:02 - 2014-09-03 18:02 - 00000000 ____D C:\windows\Minidump
2016-01-12 08:01 - 2015-11-22 09:01 - 583827779 _____ C:\windows\MEMORY.DMP
 
==================== Files in the root of some directories =======
 
2015-09-23 17:59 - 2015-09-23 18:08 - 6420480 _____ () C:\Program Files (x86)\GUT37E3.tmp
2015-09-23 18:12 - 2015-09-23 18:36 - 6420480 _____ () C:\Program Files (x86)\GUT4E70.tmp
2014-05-22 14:30 - 2014-05-19 06:19 - 1705063 _____ (AnyProtect.com) C:\Users\JOHN THE MAN\AppData\Local\AnyProtectScannerSetup.exe
2016-01-14 19:15 - 2016-01-14 19:15 - 0000000 ____H () C:\Users\JOHN THE MAN\AppData\Local\BIT67B7.tmp
2014-07-10 21:18 - 2014-07-10 21:18 - 0003584 _____ () C:\Users\JOHN THE MAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-15 16:06 - 2014-09-15 16:06 - 0007605 _____ () C:\Users\JOHN THE MAN\AppData\Local\Resmon.ResmonCfg
2016-01-14 19:14 - 2016-01-14 19:14 - 0000000 _____ () C:\Users\JOHN THE MAN\AppData\Local\{7736DF6D-1B59-4871-AE9A-CE299CEAFE22}
2015-02-19 13:53 - 2015-02-19 13:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-10-19 11:24 - 2012-04-09 19:39 - 0004250 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\JOHN THE MAN\AppData\Local\Temp\3C7D.exe
C:\Users\JOHN THE MAN\AppData\Local\Temp\sp3cwpep.dll
C:\Users\JOHN THE MAN\AppData\Local\Temp\_is280.exe
C:\Users\JOHN THE MAN\AppData\Local\Temp\_is3F50.exe
C:\Users\JOHN THE MAN\AppData\Local\Temp\_isCD5C.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-29 18:50
 
==================== End of FRST.txt ============================

  • 0

Advertisements

#11
BrianDrab
Posted 01 February 2016 - 10:12 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

It doesn't appear that you posted the contents of the Addition.txt file so I still need that. In the mean time please do the following.

 

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   6.57KB   403 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#2 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[C1].txt as well.

 

Items for your next post

1. Fixlog.txt

2. Adwcleaner log

3. Still need that Addition.txt file.


  • 0

#12
Chef April
Posted 01 February 2016 - 05:22 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts

addition file 

 

 

Windows 7 Home Premium Service Pack 1 (X64) (2011-10-16 08:00:06)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1981047535-1425690070-2209561917-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1981047535-1425690070-2209561917-1009 - Limited - Enabled)
Guest (S-1-5-21-1981047535-1425690070-2209561917-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1981047535-1425690070-2209561917-1002 - Limited - Enabled)
JOHN THE MAN (S-1-5-21-1981047535-1425690070-2209561917-1001 - Administrator - Enabled) => C:\Users\JOHN THE MAN
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Babylon toolbar on IE (HKLM-x32\...\BabylonToolbar) (Version:  - ) <==== ATTENTION
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BFlix (HKLM-x32\...\BFlix) (Version: 0.0.0.1 - BFlix) <==== ATTENTION
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.17.4138 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.4138 - BlueStack Systems, Inc.)
Browse For Change (HKLM-x32\...\iBryte_browseforchange) (Version:  - iBryte)
Business Contact Manager for Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Cake Mania - Lights, Camera, Action!™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 11.200.0.0 - Power Technology)
DISH Anywhere Video Player (HKLM-x32\...\{80940219-E895-4311-B541-3FB8E7AFD392}) (Version: 2.18.0 - DISH Anywhere)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Easy Media Player 1.1.12 (HKLM-x32\...\Easy Media Player) (Version: 1.1.12 - Easy Media Player)
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Every Landlord's Legal Guide (HKLM-x32\...\Every Landlord's Legal Guide) (Version:  - )
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free IP Switcher (HKLM-x32\...\Free IP Switcher) (Version: http://www.eusing.co...ip_switcher.htm- Eusing Software)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
G-Force (HKLM-x32\...\G-Force) (Version: 4.3.2 - SoundSpectrum)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HP Officejet 5740 series Basic Device Software (HKLM\...\{7FAA9D15-FF0B-4593-8D4A-0B941FD1977A}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
HP Photosmart Prem C310 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I Want This (HKLM-x32\...\I Want This) (Version: 1.7.146.147 - 215 Apps)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IHA_MessageCenter (HKLM-x32\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.1.1001 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
join.me (HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\JoinMe) (Version: 1.20.0.116 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Lync 2010 (HKLM\...\{81BE0B17-563B-45D4-B198-5721E6C665CD}) (Version: 4.0.7577.4486 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Morphyre (HKLM-x32\...\Morphyre) (Version:  - )
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
MyTools (HKLM-x32\...\MyTools) (Version: 0.0.0.1 - MyTools) <==== ATTENTION
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{308C7555-5D43-4D9A-BDC0-14B2948EF438}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Redist (HKLM-x32\...\{0F052922-4BCE-4763-A540-00857554336D}) (Version: 3.00.0000 - Verizon)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
SurfEasy VPN 3.0.400 (HKLM-x32\...\SurfEasy VPN) (Version: 3.0.400 - SurfEasy Inc)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{39187A4B-7538-4BE7-8BAD-9E83303793AA}) (Version: 2.0.5271 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.7.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.03.02.00 - )
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.5.60 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.05.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.03.02.00 - )
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Unity Web Player (HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Verizon Download Manager (HKLM-x32\...\{F5DAFD10-6E61-49BF-B3C5-5AA9AF3A0863}) (Version: 16 - SupportSoft)
Verizon Media Manager (HKLM-x32\...\Verizon Media Manager) (Version: 9.5.67 - Verizon)
vGrabber (HKLM-x32\...\vGrabber) (Version: 1.14 - hxxp://vgrabber.org)
Vgrabber Toolbar (HKLM-x32\...\Vgrabber Toolbar) (Version: 6.8.5.1 - Vgrabber) <==== ATTENTION
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {098A479D-178B-4BEA-BB13-41A844659E56} - System32\Tasks\{46BCF3A6-62CF-4E47-943D-D3E5649B4FD3} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {33B8300F-E32C-41CB-9489-F1D00DB47C95} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1981047535-1425690070-2209561917-1003UA => C:\Users\Llynne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {3746629F-9431-4D6F-A5D0-DF50DCA3B5D7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1981047535-1425690070-2209561917-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {3C382BD9-411C-4FF6-8E4C-E4067CFD4F15} - System32\Tasks\HP AR Program Upload - 8b6856558e694090a3a3391e221106f9a7323a0e179845189e97d4eb778d7d30 => C:\Program Files\HP\HP Officejet 5740 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {42E927B6-F580-47AA-850D-6F04C811A7C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1981047535-1425690070-2209561917-1003Core => C:\Users\Llynne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4523BEC8-7B44-4888-838A-05E9A37DBBDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4561A871-B441-4256-B791-B2388502124C} - System32\Tasks\{E557C175-297F-4251-904A-C04F3A97A829} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {4653C79A-500C-4F96-83B9-72DE1DA4B699} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {505946D4-D01A-4782-A6A6-90EA6C757D99} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-01-21] (Microsoft Corporation)
Task: {53EC65BD-B4E5-4D59-B3C1-A3DD68B08558} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1981047535-1425690070-2209561917-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {58BBC6A1-BB62-4BEF-AE2A-E250B65178DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5F0B1D0C-D6FF-4520-8A69-610024FE8BDF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1981047535-1425690070-2209561917-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {63A0A737-2696-4055-83EA-16C5BDD27BAF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {728B5319-84E0-4525-92D3-E09FC066EEDC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {72BCC344-2C23-4B16-A81B-2970A3FD818B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {73D6DD6E-A781-4F37-9C57-82379B94EFC4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1981047535-1425690070-2209561917-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {80EBAA98-5D81-4100-B479-F67460284503} - System32\Tasks\{209DF523-D278-4113-8D7F-5C956AA5D65A} => pcalua.exe -a "C:\Users\JOHN THE MAN\Downloads\FISSetup.exe" -d "C:\Users\JOHN THE MAN\Downloads"
Task: {8C3E160E-5D98-4473-8BAE-ADC06782115C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1981047535-1425690070-2209561917-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {90832B12-3433-4CB6-A11C-45145C694081} - System32\Tasks\HPCustPartic.exe_{3C678EDE-7D33-4BBB-B2C4-F9C1872C1830} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {923D3C26-503F-436A-A097-BAF6DDB7D8AF} - System32\Tasks\{510A93B9-6AB3-4896-A692-1AA6A584AB19} => Chrome.exe hxxp://ui.skype.com/ui/0/7.4.0.102/en/abandoninstall?page=tsProgressBar
Task: {9556F731-5E45-4156-A4FB-E1835DE63A12} - System32\Tasks\HP AR Program Upload - 171af37deac94f34ba72ba4ac60b0ea5ed68cbe4425747598f5b6aa64b292ced => C:\Program Files\HP\HP Officejet 5740 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {A0493078-3213-47C7-A2EF-90C73B09E2D2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1981047535-1425690070-2209561917-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A672475A-2A68-4D50-A78D-4AA28FF0BD3A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1981047535-1425690070-2209561917-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {AC7AE714-EAF6-4B49-90DB-09B06800A954} - System32\Tasks\{27181674-7506-4283-A76D-7E0FBFBA9192} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {ADAE3308-25E4-47A4-9179-7F0DE2FCA4C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AF55EF5B-7F95-4384-A687-3353ECB2B70C} - System32\Tasks\{F016E4D3-17AA-4992-A410-6C18F941FC73} => pcalua.exe -a "C:\Users\JOHN THE MAN\Downloads\FISSetup.exe" -d "C:\Users\JOHN THE MAN\Downloads"
Task: {CBDFB5A2-08FD-43A1-9B37-4411A5C3E8BF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated)
Task: {D78F7551-941A-4CAA-B658-AAF22018141C} - System32\Tasks\{B9B1D84B-1DA5-4D5E-A1C7-3459B6AF95F7} => Chrome.exe hxxp://ui.skype.com/ui/0/7.4.0.102/en/abandoninstall?page=tsProgressBar
Task: {D7C0CCEF-3A81-4397-8FB4-DEAC6F7615F3} - System32\Tasks\HP AR Program Upload - 34e506c758b642f5879a5cb8a65a7ee84bcdf5b94e704338a658e4f9e9f3a23a => C:\Program Files\HP\HP Officejet 5740 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {DB80A90E-270A-4487-9E15-6DB2FC8DC69F} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FE938568-3FA4-4765-B5B4-6B2186CC6132} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1981047535-1425690070-2209561917-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1981047535-1425690070-2209561917-1003Core.job => C:\Users\Llynne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1981047535-1425690070-2209561917-1003UA.job => C:\Users\Llynne\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 02:38 - 2015-09-01 08:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-05-05 11:09 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-04-07 15:07 - 2010-04-07 15:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 12:26 - 2009-11-03 12:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 13:15 - 2010-03-03 13:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 13:15 - 2010-03-03 13:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-10-14 19:53 - 2009-06-22 14:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 18:08 - 2009-03-12 18:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2013-04-16 02:07 - 2013-04-16 02:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-01-16 15:18 - 2015-01-16 15:18 - 03272048 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2010-02-05 16:44 - 2010-02-05 16:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-09-24 17:38 - 2015-09-24 17:38 - 00022312 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-09-24 17:38 - 2015-09-24 17:38 - 01520936 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2015-09-24 17:38 - 2015-09-24 17:38 - 04274984 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2015-09-24 17:38 - 2015-09-24 17:38 - 00322856 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MZA => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\sharepoint.com -> hxxps://netorg402108.sharepoint.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JOHN THE MAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{8E9E864D-DB5A-4835-B29A-4AD1E723A7BD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0BA9CF43-267F-4DA6-8B7B-9E7CB10981F6}] => (Allow) LPort=2869
FirewallRules: [{6A1F2482-A969-444B-BAC4-D40AC9D2DD68}] => (Allow) LPort=1900
FirewallRules: [{210C2287-7277-4032-9D84-EBEE9835DECF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DC5C4C5C-F17A-4336-A26C-570AA9C8A5DD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{05E96D40-8AED-4AEF-8347-E2D6E9A144F3}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{40D7B59C-74A6-4F7C-B1C5-165F64F16352}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{C770FE38-04AA-4ED5-BBC0-49F679496900}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{115B4420-67FA-46DC-B03B-8C31C8AE9F97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{105F6245-A2D1-4876-A602-53010E404590}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1AFF27E1-12F4-4AAB-B2E6-3E38EE4D7785}] => (Allow) C:\Users\Llynne\AppData\Local\Temp\7zS5430\setup\hpznui40.exe
FirewallRules: [{F03F2350-9616-4FBD-AF75-F3EEB24ECEB3}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{48116BA2-64BC-42A6-B463-A342C9EEB4BE}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{F8DCE619-ACB9-4542-AAF8-EC71016C6AB8}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{78B92E3E-082D-495B-8070-B8043F104A83}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{FD039AEB-E11D-4F0C-8E65-E96C0DFCBFA2}C:\program files (x86)\world of warcraft\backgrounddownloader.exe] => (Allow) C:\program files (x86)\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{879F3542-9D9F-49E5-9C27-7B34E0D7E7F3}C:\program files (x86)\world of warcraft\backgrounddownloader.exe] => (Allow) C:\program files (x86)\world of warcraft\backgrounddownloader.exe
FirewallRules: [{C4772620-563C-4FF1-9095-389218C29B64}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{A8380BE4-EA88-4BAA-A005-1096D58D885D}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{E9F88790-6DDE-4466-95DB-DFB9BF14DCEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{E13E703B-B0CB-4BF5-9876-52D426BBC706}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{49C648A9-F5DC-4E40-8FBC-DED03FEC8E5F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{18F50816-906F-49DF-ACC5-C097225D47B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{5988956D-F600-43E0-B2EF-4A96B4E23F0A}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{22945D32-2A9B-4C34-8998-9D04C20CA0BE}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{0A7BCA58-CCC9-4B33-86C1-05CEEC6F9E0E}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [TCP Query User{F5961F01-212E-41C5-BE58-87AC9D4DBB49}C:\program files (x86)\world of warcraft\launcher.patch.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.patch.exe
FirewallRules: [UDP Query User{3D72C2B2-5764-4E31-B17F-8E1E764CF326}C:\program files (x86)\world of warcraft\launcher.patch.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.patch.exe
FirewallRules: [TCP Query User{2CF45091-766C-45F6-9871-7518BA8B4685}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe
FirewallRules: [UDP Query User{AAB2A904-0C7E-44EF-BB58-D2465CF4F59B}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe
FirewallRules: [TCP Query User{B86CDAE7-2FC3-4147-997F-FEE416125013}C:\program files (x86)\world of warcraft\launcher.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.exe
FirewallRules: [UDP Query User{D594E6A7-047C-402F-90F1-A4FD3A220EAE}C:\program files (x86)\world of warcraft\launcher.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.exe
FirewallRules: [TCP Query User{19D76B2C-BBD1-4A9C-9636-872F4D823FA8}E:\techwizard.exe] => (Allow) E:\techwizard.exe
FirewallRules: [UDP Query User{75E8EFF0-205B-47F3-8D54-268BC5818900}E:\techwizard.exe] => (Allow) E:\techwizard.exe
FirewallRules: [{FDE57DAC-5BAB-40CD-8289-13912FAFE52E}] => (Allow) LPort=50000
FirewallRules: [{090D797C-D7F4-4B03-B48B-96822FA042BD}] => (Allow) LPort=50000
FirewallRules: [{D4799F62-1761-4AFC-AB4C-B6D6E52B78F7}] => (Allow) C:\Users\JOHN THE MAN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50AB65D2-0DD1-4C00-BECD-0C4BE69CC354}] => (Allow) C:\Users\JOHN THE MAN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{0D88727A-9E8D-4E91-9114-B4BA1E0900AD}C:\users\john the man\appdata\local\temp\gw2.exe] => (Allow) C:\users\john the man\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{12DFD39F-BCCE-4F80-9168-8B2D5956C415}C:\users\john the man\appdata\local\temp\gw2.exe] => (Allow) C:\users\john the man\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{BD3C24E8-BE05-44B2-92E1-497A271DCC6A}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{50FB03AF-CEB4-40DD-B5DC-F382C6756A75}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{3405FEBC-1F85-412D-A060-6156B0DF84C4}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{FBCB93B5-CBD7-4CF7-B778-08667795E523}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0F126B84-74A4-47E3-918F-2CC8DE1AAF3B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F509CF3-F769-4459-873A-0CE4828D56C8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{2FF97A06-5F78-4141-888F-DF04848E62FB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{C3AE6E84-A3C2-4093-9CC5-59ADEF50642C}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{7D0E64C2-7CB0-4499-8DA6-6ABCDD2A4DA5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{3DCE9FF0-08DF-42FB-8013-4BE68B564604}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{3E8B1C5E-9D83-44DE-83B3-6F02CAB622CB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{43938FDC-3A8E-44C5-9763-0A7DA102242E}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{611445B1-A65B-4149-AA82-02B2103A8E19}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{61FDC3DE-6629-48DF-BFA9-92C878BD1135}] => (Allow) LPort=5357
FirewallRules: [{F5AEE7B2-5BEC-4E85-8C93-485C402C19B9}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E99DDF85-1194-4AB4-9DD5-D6A32FC46B8E}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS24B8\HPDiagnosticCoreUI.exe
FirewallRules: [{CFB79A99-760C-4170-B908-8C4485D003E6}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS24B8\HPDiagnosticCoreUI.exe
FirewallRules: [{D2B8156F-41AD-4DFA-BC25-D8DBDB6078C3}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS34AA\HPDiagnosticCoreUI.exe
FirewallRules: [{B371DD3F-ABA3-4E23-ADC4-D0528C87823E}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS34AA\HPDiagnosticCoreUI.exe
FirewallRules: [{C7818D48-E29F-4BD4-BE49-95ACE63A5790}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B02B5178-4703-4E5F-8FBD-253DAA62F355}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS190E\HPDiagnosticCoreUI.exe
FirewallRules: [{608B79B8-F0AC-44A2-952F-2122CA91C4CF}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS190E\HPDiagnosticCoreUI.exe
FirewallRules: [{1CFBC6C0-B78E-40D5-AFEA-5DF6115F2422}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS2200\HPDiagnosticCoreUI.exe
FirewallRules: [{028A898C-78A0-48BB-90A6-FD266B0FC71C}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS2200\HPDiagnosticCoreUI.exe
FirewallRules: [{5EC87518-2D1E-4A69-90A7-FB3252219357}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS5C7D\HPDiagnosticCoreUI.exe
FirewallRules: [{15D3C1CD-B73A-41C6-A556-5DBADA25FB26}] => (Allow) C:\Users\JOHN THE MAN\AppData\Local\Temp\7zS5C7D\HPDiagnosticCoreUI.exe
FirewallRules: [{6CB34FD9-F2A5-4974-BDE4-022B3A259E91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97A05711-48FC-4183-8350-A661D598B996}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09F6AEA6-3984-4A3A-9D3A-33AE74EB9B57}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{143DED9F-3640-490F-9075-DF47E6542312}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7190569F-7ACE-4D48-9513-B129D04C752E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{1BDBD723-5FAF-419F-91BE-7EC933CBF632}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1F1101A2-7A51-4196-ABC6-3C00A7C152B3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{65C51285-E522-4855-A417-057AB878609F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
21-01-2016 15:43:39 Windows Update
25-01-2016 15:26:07 Windows Update
28-01-2016 18:33:19 Windows Update
31-01-2016 13:18:19 Windows Modules Installer
31-01-2016 13:35:05 Windows Modules Installer
 
==================== Faulty Device Manager Devices =============
 
Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart Prem C310 series
Description: Photosmart Prem C310 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: HP Officejet Pro 8620
Description: HP Officejet Pro 8620
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/31/2016 05:40:19 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/31/2016 05:34:00 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (01/31/2016 05:27:13 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program TOSHIBA Web Camera Application because of this error.
 
Program: TOSHIBA Web Camera Application
File: C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (01/31/2016 05:27:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TWebCamera.exe, version: 1.1.1.15, time stamp: 0x4b841370
Faulting module name: COMCTL32.dll, version: 6.10.7601.18837, time stamp: 0x553a8345
Exception code: 0xc0000006
Fault offset: 0x00085c67
Faulting process id: 0x524
Faulting application start time: 0xTWebCamera.exe0
Faulting application path: TWebCamera.exe1
Faulting module path: TWebCamera.exe2
Report Id: TWebCamera.exe3
 
Error: (01/31/2016 05:26:58 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (01/31/2016 05:23:40 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Run Once Wrapper because of this error.
 
Program: Run Once Wrapper
File: C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (01/31/2016 05:23:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: runonce.exe, version: 6.1.7601.17514, time stamp: 0x4ce797ce
Faulting module name: COMCTL32.dll, version: 6.10.7601.18837, time stamp: 0x553a8345
Exception code: 0xc0000006
Fault offset: 0x00085c67
Faulting process id: 0x9ac
Faulting application start time: 0xrunonce.exe0
Faulting application path: runonce.exe1
Faulting module path: runonce.exe2
Report Id: runonce.exe3
 
Error: (01/31/2016 05:09:07 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Internet Explorer because of this error.
 
Program: Internet Explorer
File: C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
Error: (01/31/2016 05:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18163, time stamp: 0x566c4c47
Faulting module name: comctl32.dll, version: 6.10.7601.18837, time stamp: 0x553a8345
Exception code: 0xc0000006
Fault offset: 0x0008c876
Faulting process id: 0x13e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (01/31/2016 05:06:02 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Problem Reporting because of this error.
 
Program: Windows Problem Reporting
File: C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000185
Disk type: 3
 
 
System errors:
=============
Error: (01/31/2016 07:40:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 07:30:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 07:20:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 07:10:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 07:00:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 06:50:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 06:40:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 06:30:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 06:20:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/31/2016 06:10:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU P6200 @ 2.13GHz
Percentage of memory in use: 36%
Total physical RAM: 3893.86 MB
Available physical RAM: 2464.4 MB
Total Virtual: 7785.93 MB
Available Virtual: 5802.41 MB
 
==================== Drives ================================
 
Drive c: (TI106033W0C) (Fixed) (Total:452.58 GB) (Free:222.85 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 38A39E6A)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=452.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=17)
 
==================== End of Addition.txt ============================

  • 0

#13
BrianDrab
Posted 01 February 2016 - 05:41 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thanks. Don't forget to run Step#1 & Step#2 above.


  • 0

#14
Chef April
Posted 01 February 2016 - 07:11 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Did #1 but issues with the adwear cleaner, it downloads, but won't start. Task manager says its running in processes but it doesn't start
  • 0

#15
Chef April
Posted 01 February 2016 - 07:14 PM

Chef April

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
This is the pop up I get

Attached Thumbnails

  • IMG_20160201_181220239_HDR.jpg

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: wont download, upload, installers, malware, virous

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP