Thanks for the reply. The followings are the scan.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by Owner (administrator) on HP (07-02-2016 09:09:08)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner & UpdatusUser & Administrator)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Telenor SE) C:\Program Files (x86)\Emotum\Stay Connected\TelenorSEMobile.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [453448 2014-08-14] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-06-03] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Telenor Stay Connected] => C:\Program Files (x86)\Emotum\Stay Connected\TelenorSEMobile.exe [339456 2010-08-03] (Telenor SE)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-13] (AVAST Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
Winlogon\Notify\GoToAssist Express Customer: C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\758\g2ax_winlogonx64.dll (Citrix Online, LLC)
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [291968 2015-11-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\MountPoints2: {4ff2c339-237e-11e5-becd-240a64dea16d} - "E:\AutoRun.exe"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\MountPoints2: {4ff2c35c-237e-11e5-becd-240a64dea16d} - "D:\AutoRun.exe"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\MountPoints2: {6a5ceecc-4af9-11e4-be82-240a64dea16d} - "D:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\MountPoints2: {768ddde3-8b4a-11e4-be95-240a64dea16d} - "D:\DSL-2750B.exe"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\MountPoints2: {c3e2e152-3940-11e4-be65-806e6f6e6963} - "F:\setup.EXE" /AUTORUN
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\MountPoints2: {f8f20a56-58ad-11e4-be88-a01d486f8ad3} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-13] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-12-24]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Fast Start.lnk [2015-12-24]
ShortcutTarget: SOLIDWORKS 2015 Fast Start.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk [2015-12-24]
ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{3BB2ACE9-DB68-4D53-94A6-6F4E135ED1E0}: [DhcpNameServer] 199.203.131.151
Tcpip\..\Interfaces\{3D154E2D-CABD-454F-8BDC-16B3D78AEDAC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3D154E2D-CABD-454F-8BDC-16B3D78AEDAC}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66DC2291-A53D-4729-99CD-311045E208FC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{66DC2291-A53D-4729-99CD-311045E208FC}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130862720068145420&GUID=5D0854C2-FC5E-4008-B3C8-A377B28767C7
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130895977753687525&GUID=5D0854C2-FC5E-4008-B3C8-A377B28767C7
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1952045502-1362136182-510965784-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1952045502-1362136182-510965784-1001 -> {9F09F33C-419B-475C-8476-403EAD19E78C} URL = hxxps://se.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1952045502-1362136182-510965784-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-13] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-13] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1952045502-1362136182-510965784-1001 -> No Name - {7FCDA7E5-1475-4658-B845-53536A238E80} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mstehi7u.default
FF Homepage: hxxps://www.google.com.au/
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-19] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1952045502-1362136182-510965784-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Owner\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-29] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-03-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-24]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-24]
Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-24]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-24]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-03]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-24]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-24]
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-24]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-13]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-13] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S4 ESCSvc; C:\Program Files (x86)\Emotum\Stay Connected\Service.exe [659752 2010-08-25] ()
S4 ESUSClient_B2; C:\Program Files (x86)\Telenor Sweden\ESUS_TNS\ESUS_TNS.exe [358808 2011-03-07] (Telenor Sweden)
S4 GoToAssist Remote Support Customer; C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\758\g2ax_service.exe [610888 2014-09-29] (Citrix Online, LLC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-23] ()
S4 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2745344 2015-06-02] (Lavasoft Limited) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-09-29] (SolidWorks) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-06-03] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-13] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [9525936 2013-06-10] (Broadcom Corporation)
S3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2016-01-31] ()
S3 iaStorS; C:\Windows\System32\drivers\iaStorS.sys [651736 2012-11-03] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-01-19] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-24] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\System32\drivers\megasas2.sys [53552 2012-10-02] (LSI Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-01] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 massfilter; \SystemRoot\System32\drivers\massfilter.sys [X]
S3 RSP2STOR; system32\DRIVERS\RtsP2Stor.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnet; \SystemRoot\system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-07 09:09 - 2016-02-07 09:09 - 00022325 _____ C:\Users\Owner\Downloads\FRST.txt
2016-02-07 09:08 - 2016-02-07 09:09 - 00000000 ____D C:\FRST
2016-02-07 09:07 - 2016-02-07 09:07 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-02-05 22:22 - 2016-02-05 22:22 - 00002886 _____ C:\Users\Owner\Downloads\8_Wellington_Road_ofi.ics
2016-02-05 22:22 - 2016-02-05 22:22 - 00002886 _____ C:\Users\Owner\Downloads\8_Wellington_Road_ofi (1).ics
2016-02-05 21:31 - 2016-02-05 21:31 - 00646166 _____ C:\Users\Owner\Downloads\Boat Trailer (1).pdf
2016-02-05 21:17 - 2016-02-05 21:17 - 00646166 _____ C:\Users\Owner\Downloads\Boat Trailer.pdf
2016-02-05 21:16 - 2016-02-05 21:16 - 01782449 _____ C:\Users\Owner\Downloads\FARR6000.pdf
2016-02-05 21:16 - 2016-02-05 21:16 - 01782449 _____ C:\Users\Owner\Downloads\FARR6000 (1).pdf
2016-02-05 21:15 - 2016-02-05 21:15 - 00646166 _____ C:\Users\Owner\Desktop\Boat Trailer.pdf
2016-02-05 20:23 - 2016-02-05 20:23 - 00045844 _____ C:\Users\Owner\Downloads\Q16-031.01 28 Lamette Street, Chatswood.pdf
2016-02-05 20:23 - 2016-02-05 20:23 - 00045844 _____ C:\Users\Owner\Downloads\Q16-031.01 28 Lamette Street, Chatswood (1).pdf
2016-02-04 23:08 - 2016-02-04 23:08 - 00222517 _____ C:\Users\Owner\Downloads\CCE04016_0003 (2).pdf
2016-02-04 23:08 - 2016-02-04 23:08 - 00222517 _____ C:\Users\Owner\Downloads\CCE04016_0003 (1).pdf
2016-02-04 23:06 - 2016-02-04 23:06 - 00222517 _____ C:\Users\Owner\Downloads\CCE04016_0003.pdf
2016-02-04 20:04 - 2016-02-04 20:04 - 00106188 _____ C:\Users\Owner\Downloads\Est_1669_from_Arrow_Roofing_Pty_Ltd.pdf
2016-02-04 16:53 - 2016-02-04 16:53 - 00412193 _____ C:\Users\Owner\Downloads\99185_TexasP_Weis.pdf
2016-02-04 16:49 - 2016-02-04 16:49 - 00015842 _____ C:\Users\Owner\Downloads\Spareparts list Wies 2016-02-03 (1).xlsx
2016-02-03 07:26 - 2016-02-03 07:26 - 00234836 _____ C:\Users\Owner\Downloads\80883 (1).pdf
2016-02-03 07:24 - 2016-02-03 07:24 - 00233822 _____ C:\Users\Owner\Downloads\80883.pdf
2016-02-02 21:21 - 2016-02-02 21:21 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-02 21:21 - 2016-02-02 21:21 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Google
2016-02-02 21:20 - 2016-02-02 21:20 - 00987728 _____ (Google Inc.) C:\Users\Owner\Downloads\GoogleEarthSetup.exe
2016-02-01 20:30 - 2016-02-01 20:30 - 01840277 _____ C:\Users\Owner\Documents\PC issue 1-02-2016.pdf
2016-02-01 19:04 - 2016-02-01 19:04 - 00000000 ___DC C:\Users\Owner\AppData\Local\MigWiz
2016-02-01 16:51 - 2016-02-01 16:51 - 00000675 _____ C:\Users\Owner\Documents\Desktop - Shortcut (4).lnk
2016-01-31 18:17 - 2016-01-31 18:17 - 02085168 _____ C:\Users\Owner\Downloads\Adaware_Installer.exe
2016-01-31 18:16 - 2016-01-31 18:18 - 48831832 _____ C:\Users\Owner\Downloads\BDPUARLauncher.exe
2016-01-31 18:10 - 2016-01-31 18:13 - 00000000 ____D C:\AdwCleaner
2016-01-31 18:08 - 2016-01-31 18:08 - 01507840 _____ C:\Users\Owner\Downloads\adwcleaner_5.031.exe
2016-01-31 18:07 - 2016-01-31 18:07 - 01507840 _____ C:\Users\Owner\Downloads\AdwCleaner.exe
2016-01-31 17:37 - 2016-01-31 17:37 - 00041080 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-01-31 17:35 - 2016-01-31 17:35 - 00027750 _____ C:\WINDOWS\system32\.crusader
2016-01-31 17:03 - 2016-01-31 17:35 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-31 16:32 - 2016-01-31 16:51 - 11323704 _____ (SurfRight B.V.) C:\Users\Owner\Downloads\HitmanPro_x64.exe
2016-01-31 15:32 - 2016-01-31 15:32 - 00000000 ____D C:\Users\peter\Desktop\temp
2016-01-31 15:32 - 2016-01-31 15:32 - 00000000 ____D C:\Users\peter\Desktop\mbar
2016-01-31 15:30 - 2016-01-31 15:32 - 00000000 ____D C:\Users\peter\Desktop\DISKTOP TEMP 2
2016-01-31 15:30 - 2016-01-25 12:56 - 00000165 ____H C:\Users\peter\Desktop\~$SAKERHETSKODER.xlsx
2016-01-31 15:30 - 2016-01-25 09:53 - 00027669 _____ C:\Users\peter\Desktop\SAKERHETSKODER.xlsx
2016-01-31 15:30 - 2016-01-22 20:57 - 00000555 _____ C:\Users\peter\Desktop\JRT.txt
2016-01-31 15:30 - 2016-01-22 19:57 - 519004214 _____ C:\Users\peter\Desktop\MEMORY.DMP
2016-01-31 15:30 - 2016-01-19 13:30 - 00303485 _____ C:\Users\peter\Desktop\HUS PLAN.pdf
2016-01-31 15:30 - 2016-01-19 13:29 - 00303029 _____ C:\Users\peter\Desktop\HUS View.pdf
2016-01-31 15:30 - 2016-01-01 01:41 - 01455974 _____ C:\Users\peter\Desktop\163398_DNC-63-200-P-A.stp
2016-01-31 15:30 - 2015-12-24 15:47 - 00002403 _____ C:\Users\peter\Desktop\Word 2013.lnk
2016-01-31 15:30 - 2015-12-24 15:47 - 00002402 _____ C:\Users\peter\Desktop\PowerPoint 2013.lnk
2016-01-31 15:30 - 2015-12-24 15:47 - 00002359 _____ C:\Users\peter\Desktop\Outlook 2013.lnk
2016-01-31 15:30 - 2015-12-24 15:47 - 00001418 _____ C:\Users\peter\Desktop\GoToAssist Customer.lnk
2016-01-31 15:30 - 2015-12-24 15:47 - 00000870 _____ C:\Users\peter\Desktop\Documents - Shortcut.lnk
2016-01-31 15:30 - 2015-12-24 15:47 - 00000146 _____ C:\Users\peter\Desktop\Windows Defender - Shortcut.lnk
2016-01-31 15:30 - 2015-12-21 14:17 - 00000165 ____H C:\Users\peter\Desktop\~$Leeds AUS 2015.xlsx
2016-01-31 15:30 - 2015-12-09 14:55 - 02748635 _____ C:\Users\peter\Desktop\WC203905.pdf
2016-01-31 15:30 - 2015-11-13 19:02 - 00010165 ____H C:\Users\peter\Desktop\~WRL0005.tmp
2016-01-31 15:30 - 2015-10-01 14:45 - 00023415 _____ C:\Users\peter\Desktop\Leeds AUS 2015.xlsx
2016-01-31 15:30 - 2015-09-29 12:50 - 00464002 _____ C:\Users\peter\Desktop\Jury Medical Sept 2015.pdf
2016-01-31 15:30 - 2015-08-16 18:55 - 00000061 _____ C:\Users\peter\Desktop\GMail.url
2016-01-31 15:30 - 2015-06-11 11:43 - 00818697 _____ C:\Users\peter\Desktop\ESRF supporting documents .pdf
2016-01-31 01:31 - 2016-01-31 19:24 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1952045502-1362136182-510965784-1004
2016-01-31 01:26 - 2016-01-31 01:26 - 00000000 ____D C:\Users\peter\AppData\Local\GWX
2016-01-30 17:05 - 2016-01-31 17:24 - 00000000 ____D C:\Users\peter\AppData\Local\Google
2016-01-30 17:05 - 2016-01-30 17:05 - 00001442 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-30 17:05 - 2016-01-30 17:05 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-30 17:05 - 2016-01-30 17:05 - 00000020 ___SH C:\Users\peter\ntuser.ini
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 _SHDL C:\Users\peter\My Documents
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 _SHDL C:\Users\peter\Documents\My Videos
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 _SHDL C:\Users\peter\Documents\My Pictures
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 _SHDL C:\Users\peter\Documents\My Music
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 __SHD C:\Users\peter\IntelGraphicsProfiles
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter\AppData\Roaming\Synaptics
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter\AppData\Roaming\Macromedia
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter\AppData\Roaming\AVAST Software
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter\AppData\Roaming\Adobe
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter\AppData\Local\VirtualStore
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter\AppData\Local\Packages
2016-01-30 17:05 - 2016-01-30 17:05 - 00000000 ____D C:\Users\peter
2016-01-30 17:05 - 2014-09-24 15:50 - 00002112 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2016-01-30 17:05 - 2014-09-22 08:42 - 00000000 ____D C:\Users\peter\AppData\Local\Microsoft Help
2016-01-30 17:05 - 2014-03-18 21:15 - 00000369 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-01-30 17:05 - 2014-03-18 21:15 - 00000369 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-01-30 17:00 - 2016-01-30 17:00 - 00000000 ____D C:\Users\Administrator\AppData\Local\GWX
2016-01-30 10:19 - 2016-01-30 10:19 - 00966728 _____ C:\Users\Owner\Downloads\filmora_setup_full846.exe
2016-01-30 10:13 - 2016-01-30 10:13 - 00001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-01-30 10:13 - 2016-01-30 10:13 - 00001281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-01-30 10:13 - 2016-01-30 10:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-01-30 10:13 - 2016-01-30 10:13 - 00000000 ____D C:\WINDOWS\en
2016-01-30 10:12 - 2016-01-30 10:12 - 00002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-30 10:12 - 2016-01-30 10:12 - 00001434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-30 10:12 - 2016-01-30 10:12 - 00000000 ____D C:\Program Files\Windows Live
2016-01-30 10:12 - 2016-01-30 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-01-30 10:12 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-01-30 10:12 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-01-30 10:12 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-01-30 10:12 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-01-30 10:11 - 2016-02-05 21:33 - 00000000 ____D C:\Users\Owner\AppData\Local\Windows Live
2016-01-30 10:11 - 2016-01-30 10:11 - 01239752 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\wlsetup-web.exe
2016-01-29 15:47 - 2016-01-29 15:47 - 00776641 _____ C:\Users\Owner\Downloads\Furring Channel Autopacker (4).pdf
2016-01-29 15:47 - 2016-01-29 15:47 - 00776641 _____ C:\Users\Owner\Downloads\Furring Channel Autopacker (3).pdf
2016-01-29 13:54 - 2016-01-29 13:54 - 00000000 ____D C:\Users\Owner\Downloads\PARTserver02016012903522456509679192d056f
2016-01-29 13:51 - 2016-01-29 13:51 - 00005034 _____ C:\Users\Owner\Downloads\PARTserver02016012903522456509679192d056f.zip
2016-01-28 10:01 - 2016-01-28 10:01 - 00776641 _____ C:\Users\Owner\Downloads\Furring Channel Autopacker (2).pdf
2016-01-28 07:14 - 2016-01-28 07:14 - 00032637 _____ C:\Users\Owner\Downloads\ANZ Receipt - Ref 1157179914.pdf
2016-01-28 07:07 - 2016-01-28 07:07 - 00232765 _____ C:\Users\Owner\Downloads\Invoice_126937.PDF
2016-01-27 23:14 - 2016-01-27 23:15 - 05826048 _____ C:\Users\Owner\Downloads\sample-marketing1-deutschland-20000.xls
2016-01-27 18:37 - 2016-01-27 18:37 - 00776641 _____ C:\Users\Owner\Downloads\Furring Channel Autopacker (1).pdf
2016-01-27 18:36 - 2016-01-27 18:36 - 00776641 _____ C:\Users\Owner\Downloads\Furring Channel Autopacker.pdf
2016-01-27 16:22 - 2016-01-27 16:22 - 00490984 _____ C:\Users\Owner\Downloads\Machine 26.pdf
2016-01-27 14:17 - 2016-01-27 14:17 - 00018033 _____ C:\Users\Owner\Downloads\in-sydney (2).gz
2016-01-27 14:17 - 2016-01-27 14:17 - 00018026 _____ C:\Users\Owner\Downloads\in-sydney (1).gz
2016-01-27 14:16 - 2016-01-27 14:16 - 00018022 _____ C:\Users\Owner\Downloads\in-sydney.gz
2016-01-27 11:58 - 2016-01-27 11:58 - 00116048 _____ C:\Users\Owner\Downloads\Siemens Quotation IQRY160125004 - Packovation .pdf
2016-01-26 22:02 - 2016-01-26 22:02 - 00025150 _____ C:\Users\Owner\Downloads\INV-000037.pdf
2016-01-25 23:14 - 2016-01-25 23:14 - 01565585 _____ C:\Users\Owner\Downloads\OLD T-Bar - Cross runner.pdf
2016-01-25 23:14 - 2016-01-25 23:14 - 00339874 _____ C:\Users\Owner\Downloads\Mark 2 mainrunner machine for T-Bar-packer.pdf
2016-01-25 23:13 - 2016-01-25 23:13 - 00267196 _____ C:\Users\Owner\Downloads\New WA 200Cross runner 1.PDF
2016-01-25 23:13 - 2016-01-25 23:13 - 00267196 _____ C:\Users\Owner\Downloads\New WA 200Cross runner 1 (1).PDF
2016-01-25 12:56 - 2016-01-25 12:56 - 00000165 ____H C:\Users\Owner\Desktop\~$SAKERHETSKODER.xlsx
2016-01-25 11:32 - 2016-01-25 12:38 - 00002243 _____ C:\Users\Owner\Documents\starburn.txt
2016-01-25 11:31 - 2016-01-25 12:05 - 00000000 ____D C:\Users\Owner\Documents\Wondershare Filmora
2016-01-25 11:31 - 2016-01-25 11:31 - 00001119 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2016-01-25 11:31 - 2016-01-25 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-01-25 11:30 - 2016-01-25 11:30 - 00966728 _____ C:\Users\Owner\Downloads\filmora_setup_full1901.exe
2016-01-25 09:53 - 2016-01-25 09:53 - 00027669 _____ C:\Users\Owner\Desktop\SAKERHETSKODER.xlsx
2016-01-24 20:48 - 2016-01-30 17:03 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1952045502-1362136182-510965784-500
2016-01-24 20:45 - 2016-01-24 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Razer_Inc
2016-01-24 20:44 - 2016-01-25 07:38 - 00000000 ____D C:\Program Files (x86)\Razer
2016-01-24 20:44 - 2016-01-24 20:44 - 00000000 ____D C:\ProgramData\Razer
2016-01-24 20:43 - 2016-01-24 20:44 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-01-24 20:43 - 2016-01-24 20:43 - 00001442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-24 20:43 - 2016-01-24 20:43 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2016-01-24 20:43 - 2016-01-24 20:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Synaptics
2016-01-24 20:43 - 2016-01-24 20:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2016-01-24 20:43 - 2016-01-24 20:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2016-01-24 20:43 - 2016-01-24 20:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-01-24 20:43 - 2016-01-24 20:43 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2016-01-24 18:19 - 2016-01-25 17:04 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-01-24 18:05 - 2016-01-24 18:05 - 00000046 _____ C:\WINDOWS\wininit.ini
2016-01-24 16:11 - 2016-01-24 16:11 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2016-01-24 16:10 - 2016-01-24 20:43 - 00000000 ____D C:\Users\Administrator
2016-01-24 16:10 - 2016-01-24 16:10 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 _SHDL C:\Users\Administrator\My Documents
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
2016-01-24 16:10 - 2014-09-24 15:50 - 00002112 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2016-01-24 16:10 - 2014-09-22 08:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2016-01-24 16:10 - 2014-03-18 21:15 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-01-24 16:10 - 2014-03-18 21:15 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-01-24 15:43 - 2016-01-24 15:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-01-24 15:42 - 2016-01-24 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2016-01-24 15:42 - 2016-01-24 15:42 - 00000000 ____D C:\Users\Owner\AppData\Local\Comodo
2016-01-24 15:31 - 2016-02-05 08:41 - 00002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-24 15:31 - 2016-02-05 08:41 - 00002163 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-24 15:30 - 2016-02-07 09:06 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-24 15:30 - 2016-02-07 08:40 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-24 15:30 - 2016-02-02 13:35 - 00003884 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-24 15:30 - 2016-02-02 13:35 - 00003648 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-24 15:26 - 2016-01-24 15:26 - 00000000 ____D C:\ProgramData\Synaptics
2016-01-24 15:16 - 2016-01-24 15:16 - 00002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2016-01-24 15:16 - 2016-01-24 15:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-01-24 15:16 - 2016-01-24 15:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-01-24 15:16 - 2016-01-24 15:16 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-24 15:10 - 2016-01-24 15:10 - 00000000 ____D C:\Users\Owner\AppData\Local\Hewlett-Packard
2016-01-24 15:09 - 2016-01-24 15:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-01-24 14:49 - 2016-01-22 19:57 - 519004214 _____ C:\Users\Owner\Desktop\MEMORY.DMP
2016-01-24 13:46 - 2016-01-24 13:46 - 00000000 ____D C:\Users\Owner\Documents\Add-in Express
2016-01-24 13:40 - 2016-01-24 13:40 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-24 13:40 - 2015-12-13 11:13 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-01-24 13:17 - 2016-01-24 13:17 - 00000000 ____D C:\Users\terry\AppData\Roaming\Macromedia
2016-01-24 13:17 - 2016-01-24 13:17 - 00000000 ____D C:\Users\terry\AppData\Roaming\AVAST Software
2016-01-24 13:17 - 2016-01-24 13:17 - 00000000 ____D C:\Users\terry\AppData\Local\PDFConverter.com
2016-01-24 13:16 - 2016-01-24 13:39 - 00000000 ____D C:\Users\terry
2016-01-24 13:16 - 2016-01-24 13:17 - 00000000 ____D C:\Users\terry\AppData\Local\Packages
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 _SHDL C:\Users\terry\My Documents
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 _SHDL C:\Users\terry\Documents\My Videos
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 _SHDL C:\Users\terry\Documents\My Pictures
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 _SHDL C:\Users\terry\Documents\My Music
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 __SHD C:\Users\terry\IntelGraphicsProfiles
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 ____D C:\Users\terry\AppData\Roaming\Adobe
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 ____D C:\Users\terry\AppData\Local\VirtualStore
2016-01-24 13:16 - 2016-01-24 13:16 - 00000000 ____D C:\Users\terry\AppData\Local\Google
2016-01-24 13:16 - 2014-09-22 08:42 - 00000000 ____D C:\Users\terry\AppData\Local\Microsoft Help
2016-01-22 20:58 - 2016-01-22 21:14 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-22 20:57 - 2016-01-22 20:57 - 00000555 _____ C:\Users\Owner\Desktop\JRT.txt
2016-01-22 20:54 - 2016-01-24 13:38 - 00000000 ____D C:\Users\Owner\Desktop\mbar
2016-01-22 20:21 - 2016-01-24 15:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-22 20:21 - 2016-01-24 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-22 20:21 - 2016-01-22 20:21 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-22 20:21 - 2016-01-22 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-22 20:21 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-22 20:21 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-22 20:21 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-22 19:57 - 2016-01-22 19:57 - 00293904 _____ C:\WINDOWS\Minidump\012216-7609-02.dmp
2016-01-22 19:36 - 2016-01-22 19:36 - 00297232 _____ C:\WINDOWS\Minidump\012216-7828-01.dmp
2016-01-22 16:06 - 2016-01-22 16:06 - 00000863 _____ C:\Users\Owner\Documents\Pictures - Shortcut.lnk
2016-01-22 15:47 - 2016-01-22 15:47 - 00295944 _____ C:\WINDOWS\Minidump\012216-8109-01.dmp
2016-01-22 11:28 - 2016-01-22 11:28 - 00295272 _____ C:\WINDOWS\Minidump\012216-8000-01.dmp
2016-01-22 11:26 - 2016-01-22 11:26 - 00294016 _____ C:\WINDOWS\Minidump\012216-7609-01.dmp
2016-01-22 11:06 - 2016-01-22 11:06 - 00294592 _____ C:\WINDOWS\Minidump\012216-7625-01.dmp
2016-01-22 10:58 - 2016-01-22 10:58 - 00300488 _____ C:\WINDOWS\Minidump\012216-7718-01.dmp
2016-01-22 07:49 - 2016-01-22 07:49 - 00300376 _____ C:\WINDOWS\Minidump\012216-8718-01.dmp
2016-01-21 21:12 - 2016-01-21 21:12 - 00302240 _____ C:\WINDOWS\Minidump\012116-7734-01.dmp
2016-01-21 10:01 - 2016-01-21 10:01 - 00296232 _____ C:\WINDOWS\Minidump\012116-8156-01.dmp
2016-01-21 08:16 - 2016-01-21 08:16 - 00294352 _____ C:\WINDOWS\Minidump\012116-7546-01.dmp
2016-01-20 23:05 - 2016-01-20 23:05 - 00299264 _____ C:\WINDOWS\Minidump\012016-8593-01.dmp
2016-01-20 22:21 - 2016-01-20 22:21 - 00296232 _____ C:\WINDOWS\Minidump\012016-7656-01.dmp
2016-01-20 21:42 - 2016-01-20 21:42 - 00299832 _____ C:\WINDOWS\Minidump\012016-8437-01.dmp
2016-01-20 16:38 - 2016-01-20 16:38 - 00295880 _____ C:\WINDOWS\Minidump\012016-7578-01.dmp
2016-01-20 12:48 - 2016-01-20 12:48 - 00299840 _____ C:\WINDOWS\Minidump\012016-7546-01.dmp
2016-01-20 11:30 - 2016-01-20 11:30 - 00300512 _____ C:\WINDOWS\Minidump\012016-7718-01.dmp
2016-01-20 08:55 - 2016-01-20 08:55 - 00296360 _____ C:\WINDOWS\Minidump\012016-7671-01.dmp
2016-01-19 20:55 - 2016-01-19 20:55 - 00299072 _____ C:\WINDOWS\Minidump\011916-7609-01.dmp
2016-01-19 19:21 - 2016-01-19 19:21 - 00299360 _____ C:\WINDOWS\Minidump\011916-7515-01.dmp
2016-01-19 18:19 - 2016-01-19 18:19 - 00300736 _____ C:\WINDOWS\Minidump\011916-7578-01.dmp
2016-01-19 13:40 - 2016-01-19 13:40 - 00299936 _____ C:\WINDOWS\Minidump\011916-7640-01.dmp
2016-01-19 13:30 - 2016-01-19 13:30 - 00303485 _____ C:\Users\Owner\Desktop\HUS PLAN.pdf
2016-01-19 13:29 - 2016-01-19 13:29 - 00303029 _____ C:\Users\Owner\Desktop\HUS View.pdf
2016-01-19 13:27 - 2016-01-19 13:27 - 00297672 _____ C:\WINDOWS\Minidump\011916-7703-01.dmp
2016-01-19 08:39 - 2016-01-19 08:39 - 00296040 _____ C:\WINDOWS\Minidump\011916-8484-01.dmp
2016-01-18 22:15 - 2016-01-18 22:15 - 00296704 _____ C:\WINDOWS\Minidump\011816-7656-01.dmp
2016-01-18 16:43 - 2016-01-18 16:43 - 00301320 _____ C:\WINDOWS\Minidump\011816-7625-01.dmp
2016-01-18 10:12 - 2016-01-18 10:12 - 00295984 _____ C:\WINDOWS\Minidump\011816-7593-01.dmp
2016-01-18 08:01 - 2016-01-18 08:01 - 00295400 _____ C:\WINDOWS\Minidump\011816-7796-01.dmp
2016-01-17 21:36 - 2016-01-17 21:36 - 00299400 _____ C:\WINDOWS\Minidump\011716-8234-01.dmp
2016-01-16 22:26 - 2016-01-16 22:26 - 00299304 _____ C:\WINDOWS\Minidump\011616-7750-01.dmp
2016-01-16 13:26 - 2016-01-16 13:26 - 00295784 _____ C:\WINDOWS\Minidump\011616-8375-01.dmp
2016-01-16 10:25 - 2016-01-16 10:25 - 00000675 _____ C:\Users\Owner\Documents\Desktop - Shortcut (3).lnk
2016-01-16 10:08 - 2016-01-16 10:08 - 00294920 _____ C:\WINDOWS\Minidump\011616-7500-01.dmp
2016-01-16 06:54 - 2016-01-16 06:54 - 00296272 _____ C:\WINDOWS\Minidump\011616-7625-01.dmp
2016-01-15 17:35 - 2016-01-15 17:35 - 00000000 ____D C:\Users\Owner\AppData\Local\CEF
2016-01-15 17:23 - 2016-01-15 17:23 - 00295696 _____ C:\WINDOWS\Minidump\011516-7609-01.dmp
2016-01-15 15:47 - 2016-01-15 15:47 - 00296792 _____ C:\WINDOWS\Minidump\011516-8781-01.dmp
2016-01-15 11:06 - 2016-01-15 11:06 - 00294736 _____ C:\WINDOWS\Minidump\011516-8406-01.dmp
2016-01-15 11:04 - 2016-01-15 11:04 - 00299776 _____ C:\WINDOWS\Minidump\011516-7781-01.dmp
2016-01-15 08:29 - 2016-01-15 08:29 - 00295656 _____ C:\WINDOWS\Minidump\011516-7593-01.dmp
2016-01-14 11:32 - 2016-01-14 11:32 - 00296520 _____ C:\WINDOWS\Minidump\011416-7703-01.dmp
2016-01-14 09:23 - 2016-01-14 09:23 - 00295936 _____ C:\WINDOWS\Minidump\011416-7765-01.dmp
2016-01-14 08:09 - 2016-01-14 08:09 - 00296808 _____ C:\WINDOWS\Minidump\011416-7953-01.dmp
2016-01-13 21:25 - 2016-01-16 22:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-13 21:25 - 2016-01-13 21:25 - 00002027 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-01-13 21:25 - 2016-01-13 21:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-13 21:15 - 2016-01-24 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-13 21:15 - 2016-01-13 21:15 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-13 21:15 - 2016-01-13 21:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-13 21:10 - 2016-01-13 21:10 - 00299680 _____ C:\WINDOWS\Minidump\011316-8390-01.dmp
2016-01-13 15:28 - 2016-01-13 15:28 - 00296928 _____ C:\WINDOWS\Minidump\011316-7625-01.dmp
2016-01-13 11:07 - 2016-01-13 11:07 - 00296136 _____ C:\WINDOWS\Minidump\011316-8031-01.dmp
2016-01-13 11:03 - 2016-01-13 11:03 - 00631808 _____ C:\WINDOWS\mta.dat
2016-01-13 10:59 - 2016-01-13 11:03 - 00000000 _____ C:\WINDOWS\mmta.exe
2016-01-13 10:53 - 2016-01-13 10:58 - 00000000 _____ C:\WINDOWS\mta.exe
2016-01-13 10:53 - 2016-01-13 10:53 - 00000000 ____D C:\ProgramData\323486fe-5825-1
2016-01-13 10:53 - 2016-01-13 10:53 - 00000000 ____D C:\ProgramData\323486fe-1343-0
2016-01-13 10:52 - 2016-01-24 13:39 - 00000000 ____D C:\Users\Owner\AppData\Local\Setup Wizard
2016-01-13 10:39 - 2016-01-13 10:39 - 00300032 _____ C:\WINDOWS\Minidump\011316-7562-01.dmp
2016-01-13 08:25 - 2016-01-13 08:25 - 00295128 _____ C:\WINDOWS\Minidump\011316-11203-01.dmp
2016-01-13 06:56 - 2016-01-13 06:56 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-13 06:56 - 2016-01-13 06:56 - 00001003 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-13 06:54 - 2015-12-31 06:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 06:54 - 2015-12-31 06:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 06:54 - 2015-12-31 06:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 06:54 - 2015-12-11 15:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 06:54 - 2015-12-11 15:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 06:54 - 2015-12-11 14:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 06:54 - 2015-12-11 14:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 06:54 - 2015-12-11 14:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 06:54 - 2015-12-11 14:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 06:54 - 2015-12-11 14:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 06:54 - 2015-12-11 14:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 06:54 - 2015-12-11 14:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 06:54 - 2015-12-11 14:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 06:54 - 2015-12-11 13:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 06:54 - 2015-12-11 13:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 06:54 - 2015-12-11 13:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 06:54 - 2015-12-11 13:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 06:54 - 2015-12-11 13:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(98).dll
2016-01-13 06:54 - 2015-12-11 13:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 06:54 - 2015-12-11 13:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 06:54 - 2015-12-11 13:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 06:54 - 2015-12-11 13:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(94).dll
2016-01-13 06:54 - 2015-12-11 13:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 06:54 - 2015-12-11 13:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 06:54 - 2015-12-11 13:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 06:54 - 2015-12-11 13:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 06:54 - 2015-12-10 11:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 06:54 - 2015-12-09 06:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 06:54 - 2015-12-09 06:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32(38).dll
2016-01-13 06:54 - 2015-12-09 06:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 06:54 - 2015-12-09 06:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32(109).dll
2016-01-13 06:54 - 2015-12-07 21:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 06:54 - 2015-12-07 21:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32(57).dll
2016-01-13 06:54 - 2015-12-05 16:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 06:54 - 2015-12-05 16:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 06:54 - 2015-12-05 16:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 06:54 - 2015-12-05 02:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 06:54 - 2015-12-05 02:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32(118).dll
2016-01-13 06:54 - 2015-12-04 06:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 06:54 - 2015-12-04 06:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 06:54 - 2015-12-04 06:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 06:54 - 2015-12-04 06:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 06:54 - 2015-12-04 06:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 06:54 - 2015-12-04 05:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 06:54 - 2015-12-04 05:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 06:54 - 2015-12-04 05:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 06:54 - 2015-12-04 05:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 06:54 - 2015-12-04 05:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 06:54 - 2015-12-04 05:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 06:54 - 2015-12-04 05:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 06:54 - 2015-12-04 05:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 06:54 - 2015-12-04 05:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 06:54 - 2015-12-04 05:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 06:54 - 2015-12-04 04:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 06:54 - 2015-12-04 04:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 06:54 - 2015-12-04 04:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 06:54 - 2015-12-04 04:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 06:54 - 2015-12-04 04:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 06:54 - 2015-12-04 04:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 06:54 - 2015-12-04 04:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 06:54 - 2015-12-04 04:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 06:54 - 2015-12-04 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 06:54 - 2015-12-04 04:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-13 06:54 - 2015-12-04 04:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 06:54 - 2015-12-04 04:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 06:54 - 2015-12-04 04:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 06:54 - 2015-12-04 04:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 06:54 - 2015-12-04 03:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 06:54 - 2015-12-04 03:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 06:54 - 2015-12-04 03:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 06:54 - 2015-12-03 02:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 06:54 - 2015-12-03 02:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 06:54 - 2015-11-18 08:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-13 06:51 - 2016-01-13 06:51 - 00294248 _____ C:\WINDOWS\Minidump\011316-7437-01.dmp
2016-01-13 00:33 - 2016-01-13 00:33 - 00295304 _____ C:\WINDOWS\Minidump\011316-7828-01.dmp
2016-01-13 00:25 - 2016-01-13 00:25 - 00294344 _____ C:\WINDOWS\Minidump\011316-7531-01.dmp
2016-01-12 22:10 - 2016-01-12 22:10 - 00293928 _____ C:\WINDOWS\Minidump\011216-7578-01.dmp
2016-01-12 20:58 - 2016-01-12 22:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-12 20:08 - 2016-01-12 20:08 - 00226118 _____ C:\WINDOWS\ntbtlog.txt
2016-01-11 22:08 - 2016-01-11 22:08 - 00000000 ____D C:\Users\Owner\AppData\Local\PDFConverter.com
2016-01-11 22:06 - 2016-01-24 18:05 - 00000000 ____D C:\ProgramData\COMODO
2016-01-11 22:06 - 2016-01-24 18:05 - 00000000 ____D C:\Program Files\COMODO
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-07 09:06 - 2014-09-30 20:04 - 00000000 __RDO C:\Users\Owner\OneDrive
2016-02-07 08:39 - 2014-09-11 11:36 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1952045502-1362136182-510965784-1001
2016-02-07 08:36 - 2015-07-20 19:10 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7536DEC7-60B9-4FC1-9054-C98CBA6F09FD}
2016-02-06 23:27 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\tracing
2016-02-06 21:43 - 2015-10-18 21:58 - 00000000 ____D C:\Users\Owner\Desktop\temp
2016-02-05 15:06 - 2015-09-03 03:39 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-02-05 13:28 - 2014-09-11 11:30 - 00000000 ____D C:\Users\Owner\AppData\Local\Packages
2016-02-05 10:11 - 2013-08-23 00:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-05 08:50 - 2015-08-18 05:32 - 00000000 ____D C:\Users\Owner\Documents\15-16
2016-02-04 16:55 - 2014-09-16 23:24 - 00169312 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-04 07:59 - 2014-09-29 17:39 - 00000000 ____D C:\Users\Owner\AppData\Local\TempSWBackupDirectory
2016-02-02 21:21 - 2014-09-13 00:42 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-01 18:24 - 2015-04-19 22:38 - 00000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2016-02-01 16:07 - 2014-09-12 04:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-02-01 11:35 - 2014-03-18 21:04 - 01167230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-01 11:34 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-01 11:30 - 2015-09-21 13:50 - 00065536 _____ C:\WINDOWS\system32\Ikeext.etl
2016-02-01 11:30 - 2013-08-23 01:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-31 19:16 - 2015-06-02 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-01-31 19:16 - 2015-06-02 14:48 - 00000000 ____D C:\ProgramData\Lavasoft
2016-01-31 18:14 - 2013-08-23 00:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-31 18:13 - 2015-05-07 11:18 - 00000000 ____D C:\WINDOWS\system32\log
2016-01-31 17:38 - 2015-12-13 11:13 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-31 01:34 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-30 10:51 - 2015-07-17 19:55 - 00000000 ____D C:\Users\Owner\Tracing
2016-01-30 10:12 - 2015-01-22 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-01-25 17:18 - 2014-09-13 15:53 - 00000000 ____D C:\Users\Owner
2016-01-25 16:56 - 2014-09-29 17:38 - 00000000 ____D C:\Users\Owner\AppData\Local\SolidWorks
2016-01-25 11:31 - 2014-09-13 15:54 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-25 11:28 - 2015-11-24 14:44 - 00000000 ____D C:\Users\Owner\Downloads\SM C113_11056eng (1)
2016-01-25 11:12 - 2015-05-28 17:20 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-01-25 11:12 - 2015-05-28 16:56 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-01-25 10:24 - 2013-08-23 02:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-24 20:44 - 2015-07-27 09:21 - 00089104 _____ (Razer Inc) C:\WINDOWS\system32\RazerCoinstaller.dll
2016-01-24 15:31 - 2014-09-13 00:42 - 00000000 ____D C:\Users\Owner\AppData\Local\Google
2016-01-24 15:13 - 2014-09-12 05:01 - 00000000 ____D C:\swsetup
2016-01-24 15:09 - 2014-09-12 04:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-01-24 13:46 - 2015-05-29 16:20 - 00000000 ____D C:\ProgramData\WinZip
2016-01-24 13:39 - 2015-12-13 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-24 13:39 - 2015-12-08 15:15 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-24 13:39 - 2015-12-06 19:52 - 00000000 ____D C:\Users\Public\Desktop\Microsoft IntelliPoint
2016-01-24 13:39 - 2015-12-05 11:45 - 00000000 ____D C:\Users\Owner\Documents\Wondershare Video Editor
2016-01-24 13:39 - 2015-12-03 23:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-01-24 13:39 - 2015-10-07 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delcam
2016-01-24 13:39 - 2015-09-13 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-24 13:39 - 2015-09-13 19:48 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Oracle
2016-01-24 13:39 - 2015-09-03 03:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
2016-01-24 13:39 - 2015-07-16 00:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telenor
2016-01-24 13:39 - 2015-06-09 23:12 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2016-01-24 13:39 - 2015-06-02 14:54 - 00000000 ____D C:\Users\Owner\AppData\Local\Lavasoft
2016-01-24 13:39 - 2015-06-02 14:54 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-01-24 13:39 - 2015-05-29 15:01 - 00000000 ____D C:\Users\Owner\Downloads\29-5-15
2016-01-24 13:39 - 2015-05-28 20:08 - 00000000 ____D C:\Users\Owner\Documents\TEST
2016-01-24 13:39 - 2015-05-21 17:43 - 00000000 ____D C:\ProgramData\PC Drivers HeadQuarters
2016-01-24 13:39 - 2015-05-03 18:11 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-01-24 13:39 - 2015-04-30 00:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\dvdcss
2016-01-24 13:39 - 2015-04-19 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-01-24 13:39 - 2015-03-16 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-01-24 13:39 - 2015-03-16 19:35 - 00000000 ____D C:\Users\Owner\XP700_WW_WIN_3795_42
2016-01-24 13:39 - 2015-03-16 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-01-24 13:39 - 2015-03-16 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2016-01-24 13:39 - 2015-01-24 16:35 - 00000000 ____D C:\Users\Owner\AppData\Local\Downloaded Installers
2016-01-24 13:39 - 2015-01-24 16:34 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-01-24 13:39 - 2015-01-22 12:53 - 00000000 ____D C:\Users\Owner\AppData\Local\FlexLink
2016-01-24 13:39 - 2014-12-26 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2015
2016-01-24 13:39 - 2014-12-26 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015
2016-01-24 13:39 - 2014-12-25 23:24 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Support
2016-01-24 13:39 - 2014-12-13 12:40 - 00000000 ____D C:\Users\Owner\AppData\Roaming\help_images_otherUI
2016-01-24 13:39 - 2014-12-12 11:45 - 00000000 ____D C:\Users\Owner\Desktop\DISKTOP TEMP 2
2016-01-24 13:39 - 2014-11-14 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - English
2016-01-24 13:39 - 2014-11-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-01-24 13:39 - 2014-09-29 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2016-01-24 13:39 - 2014-09-29 14:46 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2016-01-24 13:39 - 2014-09-29 14:46 - 00000000 ____D C:\Users\Owner\AppData\Local\Citrix
2016-01-24 13:39 - 2014-09-27 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks Installation Manager
2016-01-24 13:39 - 2014-09-25 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-01-24 13:39 - 2014-09-25 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 110
2016-01-24 13:39 - 2014-09-24 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-24 13:39 - 2014-09-13 15:53 - 00000000 ____D C:\Users\UpdatusUser
2016-01-24 13:39 - 2014-09-13 12:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-24 13:39 - 2014-09-13 01:46 - 00000000 ____D C:\Users\Owner\Documents\ALLA FOTO
2016-01-24 13:39 - 2014-09-13 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-01-24 13:39 - 2014-09-13 00:42 - 00000000 ____D C:\Users\Owner\AppData\Local\Apps\2.0
2016-01-24 13:39 - 2014-09-12 04:49 - 00000000 ____D C:\Users\Public\Thunder Network
2016-01-24 13:39 - 2014-09-12 04:48 - 00000000 ____D C:\Users\Owner\AppData\Roaming\dg
2016-01-24 13:39 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-01-24 13:39 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\FileManager
2016-01-24 13:39 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\Camera
2016-01-24 13:38 - 2015-12-12 11:57 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Mozilla
2016-01-24 13:38 - 2015-05-28 17:34 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Wondershare
2016-01-24 13:38 - 2015-01-06 11:13 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Sun
2016-01-24 13:38 - 2014-12-25 23:24 - 00000000 ____D C:\Users\Owner\AppData\Local\PC_Drivers_Headquarters
2016-01-24 13:38 - 2014-11-14 17:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Autodesk
2016-01-24 13:38 - 2014-09-27 13:32 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SolidWorks
2016-01-24 13:38 - 2014-09-26 12:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Canon
2016-01-24 13:38 - 2014-09-19 13:55 - 00000000 ___RD C:\Users\Owner\AppData\Roaming\Brother
2016-01-24 13:38 - 2014-09-13 01:54 - 00000000 ____D C:\Users\Owner\Documents\TomTom
2016-01-24 13:38 - 2014-09-13 01:54 - 00000000 ____D C:\Users\Owner\Documents\SolidWorks Downloads
2016-01-24 13:38 - 2014-09-13 01:51 - 00000000 ____D C:\Users\Owner\Documents\BUSSINESS
2016-01-24 13:38 - 2014-09-13 01:51 - 00000000 ____D C:\Users\Owner\Documents\2 Machines
2016-01-24 13:38 - 2014-09-13 01:46 - 00000000 ____D C:\Users\Owner\Documents\14-15
2016-01-24 13:38 - 2014-09-11 11:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Adobe
2016-01-24 13:38 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\registration
2016-01-24 13:37 - 2015-12-12 11:57 - 00000000 ____D C:\Users\Owner\AppData\Local\Mozilla
2016-01-24 13:37 - 2014-11-14 17:28 - 00000000 ____D C:\Users\Owner\AppData\Local\Autodesk
2016-01-24 13:37 - 2014-09-15 20:40 - 00000000 ____D C:\Users\Owner\AppData\Local\LogMeIn Rescue Applet
2016-01-22 20:36 - 2014-03-18 20:46 - 00000000 ____D C:\WINDOWS\SKB
2016-01-22 20:10 - 2015-01-25 11:19 - 00000364 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Owner).job
2016-01-22 20:08 - 2015-08-07 20:06 - 00003084 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1952045502-1362136182-510965784-1001
2016-01-22 20:08 - 2015-01-25 11:19 - 00003010 _____ C:\WINDOWS\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Owner)
2016-01-22 20:08 - 2015-01-06 12:11 - 00003042 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2016-01-22 20:07 - 2014-12-25 23:24 - 00004314 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMScan
2016-01-22 20:07 - 2014-12-25 23:24 - 00003740 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMUpdater
2016-01-22 20:07 - 2014-12-25 23:24 - 00003734 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMRules
2016-01-22 20:07 - 2014-12-25 23:24 - 00003532 _____ C:\WINDOWS\System32\Tasks\Driver Support
2016-01-22 19:57 - 2015-12-08 15:15 - 519004214 _____ C:\WINDOWS\MEMORY.DMP
2016-01-21 08:34 - 2014-09-24 15:47 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-21 08:34 - 2013-08-23 02:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-21 08:20 - 2015-12-13 11:13 - 01065208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-01-21 08:20 - 2015-12-13 11:13 - 00464256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-01-20 21:57 - 2015-05-03 14:50 - 00000000 ____D C:\Users\Owner\Documents\1 SALES
2016-01-19 13:30 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-16 22:46 - 2014-12-26 11:29 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 17:35 - 2014-09-13 14:01 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe
2016-01-15 17:07 - 2013-08-23 00:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(48)
2016-01-13 21:25 - 2014-09-13 14:03 - 00000000 ____D C:\ProgramData\Adobe
2016-01-13 21:15 - 2015-06-09 22:37 - 00000000 ____D C:\ProgramData\Skype
2016-01-13 16:20 - 2015-01-06 11:16 - 00000000 ____D C:\ProgramData\Oracle
2016-01-13 16:18 - 2015-09-13 20:11 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-13 16:01 - 2015-04-15 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-13 16:01 - 2015-03-16 21:16 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-13 16:00 - 2012-07-26 18:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 15:58 - 2014-09-11 15:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 15:55 - 2014-09-11 15:29 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 08:25 - 2013-08-23 01:44 - 00592776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-13 06:56 - 2015-04-08 20:40 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TeamViewer
2016-01-13 06:56 - 2014-09-25 12:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-12 22:27 - 2015-12-12 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-12 22:07 - 2014-09-12 09:14 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-01-12 22:07 - 2014-09-12 09:14 - 00000000 ____D C:\WINDOWS\system32\NV
2016-01-11 22:11 - 2015-12-12 12:50 - 00000000 ____D C:\Program Files\PeerBlock
2016-01-09 21:46 - 2014-11-17 13:03 - 00000000 ____D C:\Users\Owner\AppData\Local\cache
2016-01-08 10:02 - 2015-06-02 10:06 - 00000000 ____D C:\Users\Owner\Documents\COPY QUOTATIONS
2016-01-08 08:41 - 2014-09-13 01:32 - 00000000 ____D C:\QUOTATIONS
==================== Files in the root of some directories =======
2014-09-13 01:23 - 2014-09-13 01:23 - 0000030 _____ () C:\Users\Owner\AppData\Roaming\fixcfg.ini
2014-11-14 17:29 - 2014-11-14 17:29 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\jmc.exe
C:\Windows\mmta.exe
C:\Windows\mta.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-16 10:04
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Owner (2016-02-07 09:09:31)
Running from C:\Users\Owner\Downloads
Windows 8.1 Pro (X64) (2014-09-13 04:57:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1952045502-1362136182-510965784-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1952045502-1362136182-510965784-501 - Limited - Disabled)
Owner (S-1-5-21-1952045502-1362136182-510965784-1001 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-1952045502-1362136182-510965784-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Broadcom Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6950 - Broadcom Corporation)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delcam for SolidWorks (x64) (HKLM\...\Delcam for SolidWorks) (Version: 21.7.0.20 - Delcam)
Download Navigator (HKLM-x32\...\{04A86A16-2082-46EE-8AD2-9A6FDC96DD27}) (Version: 3.3.0 - SEIKO EPSON CORPORATION)
Driver Support Active Optimization (x32 Version: 1.0.4.7977 - PC Drivers HeadQuarters LP) Hidden
Epson E-Web Print (HKLM-x32\...\{E904F572-D7DB-43C1-929F-043F267FC77D}) (Version: 1.22.0000 - SEIKO EPSON CORPORATION)
Epson Network Guide XP-700 Series (HKLM-x32\...\XP-700 Series Netg) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-700 Series Printer Uninstall (HKLM\...\EPSON XP-700 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToAssist Customer 2.2.0.758 (HKLM-x32\...\GoToAssist Express Customer) (Version: 2.2.0.758 - Citrix Online)
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.0.30.473 - HP)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.)
SOLIDWORKS 2015 x64 Edition SP01.1 (HKLM-x32\...\SolidWorks Installation Manager 20150-40101-1100-100) (Version: 23.1.1.2 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP01.1 (Version: 23.111.2 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP01.1 x64 Edition (Version: 23.11.2 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP01.1 (Version: 15.1.0044 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2015 SP01.1 x64 Edition (Version: 23.11.2 - Dassault Systemes SolidWorks Corp) Hidden
Stay Connected (HKLM-x32\...\StayConnected) (Version: 2.1.1.324 - Telenor)
Stay Connected (x32 Version: 2.1.1.324 - Emotum Pty. Ltd.) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Telenor Sweden Software Update Service (x32 Version: 1.0.3.123 - Telenor Sweden) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Hewlett-Packard Development Company, L.P. HP Mobile Data Protection Sensor (02/26/2013 6.0.5.1) (HKLM\...\0CBD0BD267F8698191082DC9246612D35DB83232) (Version: 02/26/2013 6.0.5.1 - Hewlett-Packard Development Company, L.P.)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD (12/20/2013 6.3.9600.21245) (HKLM\...\211F31EEA7D7C573DBEB0DA809E8938B169D26F8) (Version: 12/20/2013 6.3.9600.21245 - Realtek Semiconduct Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wondershare Filmora(Build 6.8.2) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1952045502-1362136182-510965784-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1952045502-1362136182-510965784-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1952045502-1362136182-510965784-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1952045502-1362136182-510965784-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1952045502-1362136182-510965784-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C6E1620-B4DE-43CD-9C02-415671381780} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {194232E7-D88D-4CFA-BFD0-D71D8C99E76A} - \MixVideoPlayer Update -> No File <==== ATTENTION
Task: {1DE2B273-841A-4331-B2A1-78BCE19B1635} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {238908BE-4C55-43FD-94AF-04BCF7AD0389} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-25] (Hewlett-Packard Company)
Task: {2F972427-523B-41B1-8FE2-CE101F7B0737} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {31E4F653-DEB2-48B7-99E4-418FE6D35FFF} - System32\Tasks\Driver Support => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2015-01-06] (PC Drivers Headquarters)
Task: {34A5814F-52A0-4DAF-AA6E-9FAD4C9CDE81} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {3AE73733-3EB9-464F-A1B0-74B5A9EA2A7F} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2015-01-06] (PC Drivers Headquarters)
Task: {4135FC49-BDAF-424D-89BE-AF1A753A94CC} - \One System Care Task -> No File <==== ATTENTION
Task: {4D816FB0-1CB5-4543-B34F-5B5244AD06C3} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {5C1571F3-0D0D-4ABF-B7AC-5CB1DA1135A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-24] (Google Inc.)
Task: {62C94D6F-7147-415A-9387-7C6A87649AFF} - \ReimageUpdater -> No File <==== ATTENTION
Task: {638C7376-1F77-44CF-A05E-290AAD57FC54} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2015-01-06] (PC Drivers Headquarters)
Task: {6A9EA775-4081-41BD-BB64-C359BB7CA7DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-24] (Google Inc.)
Task: {76858884-5641-45B1-BB5D-2217AFF450BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {7D24329C-158A-4F79-835E-ED8B9E86DE18} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {8A120D88-5F33-48AE-87BA-598263E112B7} - \One System Care Monitor -> No File <==== ATTENTION
Task: {90F149F8-27DC-46E1-94DD-C7B49C8EBFDE} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-01] (Synaptics Incorporated)
Task: {9600102C-3AF9-4F72-A8EC-33803D4D1AE4} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2015-01-06] (PC Drivers Headquarters)
Task: {AD220E3C-24C8-4C95-97DD-EC019221396C} - \One System Care Run Delay -> No File <==== ATTENTION
Task: {B46D710D-AEF0-4954-9E76-C2D5F8B84E55} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C165A186-1F6D-4A53-B92A-793048C690D2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {CFB346C8-343E-4707-9400-ED4F7498AC04} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {D27B9465-09CB-4A5D-A837-066887D77C16} - \{0F040547-080F-0A7E-0B11-7E0F0B08110C} -> No File <==== ATTENTION
Task: {D78F1B19-B1D1-4371-94BE-7916C4BE52CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {D9AAEE63-CF77-4B64-95DD-98F49688B11E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {E106FB3C-2CC5-44CF-928A-A7AE976C0D61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-13] (AVAST Software)
Task: {EFE0DA00-DCB5-4AD4-BBA8-27A71706A356} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1952045502-1362136182-510965784-1001 => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-15] (Microsoft Corporation)
Task: {F0C70684-0FEE-41D9-B4AC-2B03EE2DF0A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F88B749C-CB95-4250-9068-5C4A2A855440} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F9BB948D-49E6-4280-B711-836B22AFE21D} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Owner) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {FAB4E219-C1B7-4E21-922B-F77AAF5B165A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {FCB0372C-3A32-4C91-934F-5D29E1AD813B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-20] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Owner).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-01 10:45 - 2015-07-01 10:45 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2014-09-24 18:20 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-27 10:03 - 2013-10-27 10:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-13 15:50 - 2013-10-23 19:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-27 14:40 - 2015-09-02 03:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-12-15 07:11 - 2014-12-15 07:11 - 00268280 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2015-12-13 11:13 - 2015-12-13 11:13 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-13 11:13 - 2015-12-13 11:13 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-01 09:05 - 2016-02-01 09:05 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16013101\algo.dll
2015-12-13 11:13 - 2015-12-13 11:13 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-07 08:51 - 2016-02-07 08:51 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020601\algo.dll
2014-11-20 09:40 - 2014-11-20 09:40 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-20 09:31 - 2014-11-20 09:31 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2011-06-02 17:43 - 2011-06-02 17:43 - 04302200 _____ () C:\Program Files (x86)\Emotum\Stay Connected\modules\core.dll
2011-06-02 17:43 - 2011-06-02 17:43 - 01842080 _____ () C:\Program Files (x86)\Emotum\Stay Connected\modules\custom.dll
2011-05-27 11:41 - 2011-05-27 11:41 - 00779152 _____ () C:\Program Files (x86)\Emotum\Stay Connected\modules\mobile.dll
2011-04-13 14:33 - 2011-04-13 14:33 - 01097728 _____ () C:\Program Files (x86)\Emotum\Stay Connected\NDISAPI.dll
2015-12-13 11:13 - 2015-12-13 11:13 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-27 10:03 - 2013-10-27 10:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\RazerCoinstaller.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Utilman.exe:$CmdTcID
AlternateDataStreams: C:\Users\Owner\Downloads\filmora_setup_full1901.exe:$CmdTcID
AlternateDataStreams: C:\Users\Owner\Downloads\filmora_setup_full1901.exe:$CmdZnID
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-23 00:25 - 2013-08-23 00:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: becldr3Service => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: ESCSvc => 2
MSCONFIG\Services: ESUSClient_B2 => 2
MSCONFIG\Services: GoToAssist Remote Support Customer => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WsAppService => 3
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1952045502-1362136182-510965784-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{C244AB0A-F12C-4AEB-A436-48335980BDC3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{63DFE80C-578D-47D9-BB0D-860BCC9E03B2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{19F04507-D3F9-41D2-91A8-AEEA3E126D3E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A94CC178-BB98-48B5-9AB8-3D9A4E124C98}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{FB45E8F3-E19F-4CA7-88EA-2E10F366F00F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8333C35-7228-4164-AF62-F4CA24FCB1A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7EBDE2A1-B644-408D-826C-F989CE3442D9}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [UDP Query User{6C8D3B42-E140-46CC-99D8-F43BDFECF5D0}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [{B1659F75-98C4-4C13-9326-26231C65F658}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{F64962D0-51A6-4D02-A652-859CF8900544}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9B37123E-209C-46F2-9F6E-D0D24031862E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ECFCB69B-B73C-435C-8B96-897A23C55E68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{72969A91-9807-4063-A769-99D791C58519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3A04985D-D2A7-44F0-BC9F-A9675682DC55}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FCFDFD20-5A4E-4521-9095-4A0EEA4229D7}] => (Allow) LPort=2869
FirewallRules: [{DD3E877D-20C6-4E2E-A464-72C3985ADB3A}] => (Allow) LPort=1900
FirewallRules: [{5111B4FC-21C4-4C90-A811-1970AE4F0A0D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C20D69E8-AACE-4499-A0E9-2477FC859CF4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
24-01-2016 13:36:45 Restore Operation
28-01-2016 10:05:53 Windows Update
30-01-2016 10:11:59 Windows Live Essentials
30-01-2016 10:12:09 Installed DirectX
30-01-2016 10:12:17 Installed DirectX
30-01-2016 10:12:26 Installed DirectX
31-01-2016 17:33:02 Checkpoint by HitmanPro
05-02-2016 10:11:46 Windows Update
==================== Faulty Device Manager Devices =============
Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/07/2016 09:06:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 09:06:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 08:44:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 08:44:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (02/03/2016 10:10:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Microsoft Visual C++ 2012 Update 4 Redistributable Package (KB3119142).
Error: (02/01/2016 11:32:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Error: (02/01/2016 11:32:49 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (01/31/2016 07:17:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (01/31/2016 06:16:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Error: (01/31/2016 06:16:44 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (01/31/2016 06:14:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (01/31/2016 06:14:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (01/31/2016 06:14:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (01/31/2016 06:14:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
CodeIntegrity:
===================================
Date: 2016-01-24 17:57:04.302
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-24 17:49:47.455
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-24 16:13:28.799
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-21 18:31:17.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
Date: 2015-12-21 18:31:17.057
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
Date: 2015-12-21 18:31:16.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
Date: 2015-12-21 18:31:16.822
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
Date: 2015-12-21 18:31:16.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
Date: 2015-12-21 18:31:15.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
Date: 2015-11-19 17:45:43.429
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\SolidWorks Corp\SolidWorks\sldShellExtServer.exe that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8124.02 MB
Available physical RAM: 6132.3 MB
Total Virtual: 16316.02 MB
Available Virtual: 14149.01 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.62 GB) (Free:42.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 02AA02AA)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: B8AAE178)
Partition: GPT.
==================== End of Addition.txt ============================