Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer has virus or malware [Closed] [Solved]

infected computer

  • This topic is locked This topic is locked

#16
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 SpywareBlaster 5.4    
 Spybot - Search & Destroy 
 Java version 32-bit out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 21.0.0.182  
 Adobe Reader XI  
 Google Chrome (49.0.2623.87) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 

  • 0

Advertisements


#17
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

You asked how my machine is doing now, well it is still freezing up while I am doing these scans. Thank you for all of your help.


  • 0

#18
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

You asked how my machine is doing now, well it is still freezing up while I am doing these scans. Thank you for all of your help.


That's the only symptom now, the freezing? No more internet disconnects, adware installers, or homepage hijacks? Let's remove an infected file that ESET found, and update a couple of programs, and we'll go from there.


Step 1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
C:\Users\David\Documents\My Filehippo Downloads\ccsetup514.exe
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.



Step 2: Java Information and Flash Player Update


WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java

Please read this article about Java.

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version.

javara_zpshnkbqglv.jpg


Update Adobe flash Player
  • Your current version of Adobe Flash is out of date. Please update it by clicking the link below.
  • Also, make sure you Uncheck the box to install the McAfee Security Scan Plus software.
http://get.adobe.com/flashplayer/



Things I need to see in your next post:

Fixlog.txt Log

  • 0

#19
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-03-11 23:09:14) Run:2
Running from C:\Users\David\Desktop\Geeks to go\Fix
Loaded Profiles: David (Available Profiles: David & User & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
C:\Users\David\Documents\My Filehippo Downloads\ccsetup514.exe
End
 
*****************
 
Restore point was successfully created.
C:\Users\David\Documents\My Filehippo Downloads\ccsetup514.exe => moved successfully
 
==== End of Fixlog 23:09:39 ====

  • 0

#20
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I deleted java and I was wondering is there something else to use in its place? My gmail isn't opening correctly and even on here it says things may not work correctly without Java. The link for updating flash player takes me to a black screen so I went to the update on Adobe and it goes to a black screen also. Yes freezing seems to be the only problem now. The rest has stopped.
  • 0

#21
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello :)

Regarding Java, you can reinstall it for use, but please keep it updated. That's one of the reasons we have the JavaRa program included with the warning. I have Java on my own machine as I need it for websites as well. Please remember to keep it updated to the latest version. :thumbup:

It seems as though the page with the Adobe update requires Java now. We'll reinstall Java to clear up the Gmail and website issues.

Good news to hear that everything else has stopped. We'll run Zoek with the autoclean option to see if that will help with the freezing.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Reinstall Java


Please click here to go to the JavaRa page.
Once there, please click the Stable version 2.6.1 button.
Download the file to your Desktop and then double click it.
When the window opens, click the JavaRa.exe file.
When the menu opens, please click the Update Java Runtime button.
Then click Next



Step 2: Zoek

Please download zoek.exe to your Desktop:
  • On Windows Vista, 7, and 8, right-click Zoek.exe and select: Run as Administrator
  • Give it a few seconds to appear
  • Click the Options button and place a checkmark only on the following options:
  • AutoClean
  • Now...
  • Close any open programs.
  • Click the Run script button, and wait.
  • It takes a few minutes to run.
  • When the tool finishes, the zoek-results.log is opened in Notepad.
  • The log is also found on the systemdrive, normally C:\
  • If a reboot is needed, the log is opened after the reboot.
  • Please post the zoek-results.log in your reply.
Things I need to see in your next post:

zoek-results.log

How is the machine running?

  • 0

#22
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
 
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by David on Tue 03/15/2016 at 16:45:08.25.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\David\Desktop\zoek.exe [Scan all users]  [Checkboxes used]
 
==== System Restore Info ======================
 
3/15/2016 4:46:35 PM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~3\CanonIJScan deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~3\SoftwareDetectionScripts deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\David\AppData\Roaming\Canon deleted successfully
C:\Users\David\AppData\Roaming\HP Support Assistant deleted successfully
C:\Users\David\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\David\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\David\AppData\Roaming\TP deleted successfully
C:\Users\David\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\David\AppData\Roaming\WiseUpdate deleted successfully
C:\Users\David\AppData\Roaming\Yahoo! deleted successfully
C:\Users\David\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\David\AppData\Local\EmieSiteList deleted successfully
C:\Users\David\AppData\Local\EmieUserList deleted successfully
C:\Users\David\AppData\Local\HP MediaSmart Video deleted successfully
C:\Users\David\AppData\Local\MigWiz deleted successfully
C:\Users\David\AppData\Local\PDFC deleted successfully
C:\Users\Guest\AppData\Local\PDFC deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\Users\David\AppData\LocalLow\Windstream_Residential deleted
C:\Prefs.js deleted
C:\install.exe deleted
C:\Users\David\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted
C:\PROGRA~3\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA} deleted
C:\PROGRA~3\{D76294E6-03B8-4971-AF2E-3F846161A690} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Guest\AppData\Local\Unity deleted
C:\Users\Guest\AppData\Local\adawarebp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\Guest\AppData\LocalLow\Unity deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
 
==== Orphaned Tasks deleted from Registry ======================
 
avast Emergency Update deleted
HPCeeScheduleForDAVID-HP$ deleted
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [02/16/2016 07:29 PM]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [01/01/2016 02:57 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [01/01/2016 02:57 PM]
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02/16/2016 07:18 PM]
 
WebDiscover Helper - David\AppData\Local\Chromium\User Data\Default\Extensions\ckpkimghacdmjngcijkahobkblcdkoma
Avast Online Security - David\AppData\Local\Chromium\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
RightCoupon - David\AppData\Local\Chromium\User Data\Default\Extensions\ppfloidffgmiommjibgmbbabccaaajff
 
==== Chromium Fix ======================
 
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adx.openadserve.com_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adx.openadserve.com_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d2m2wsoho8qq12.cloudfront.net_0.localstorage deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d2m2wsoho8qq12.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3l3lkinz3f56t.cloudfront.net_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3l3lkinz3f56t.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediaservices-d.openxenterprise.com_0.localstorage deleted successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediaservices-d.openxenterprise.com_0.localstorage-journal deleted successfully
C:\Users\David\AppData\Local\Chromium\User Data\Default\Extensions\ppfloidffgmiommjibgmbbabccaaajff deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} - http://search.yahoo....psg&type=HPDTDF
HKLM\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - http://en.wikipedia....h={searchTerms}
HKLM\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc} - http://rover.ebay.co...s}&mfe=Desktops
HKLM\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} - http://www.bing.com/...rc=IE-SearchBox
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.co...g}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}"
HKCU\SearchScopes\3B4CB17A98734066A3E2C70724C42744 - https://www.google.c...q={searchTerms}
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.co...q={searchTerms}
HKCU\SearchScopes\{3D585554-3A2C-4BF8-9587-2D99C7A6EBAD} - http://www.google.co...utputEncoding?}
HKCU\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/...=AVASDF&PC=AV01
HKCU\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} - http://www.bing.com/...Box&FORM=IESR02
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131224 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiagnosticTools.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayStartup deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windstream Service Agent.exe deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\David\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=253 folders=105 94844655 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\David\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
HI,
Computer seems to be fine. It is taking a little time for internet to boot up still but it hasn't been freezing.
Could you explain to me what was wrong and is it something I can keep from happening again? I appreciate you taking your time to help us on this website.

Edited by DeborahT, 15 March 2016 - 04:30 PM.

  • 0

#23
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Computer seems to be fine. It is taking a little time for internet to boot up still but it hasn't been freezing.
Could you explain to me what was wrong and is it something I can keep from happening again? I appreciate you taking your time to help us on this website.


Hello :)

That's good that it's not freezing anymore. Let's take a look with Mini Toolbox and see it it shows anything that might be causing the slow internet. Let's get some fresh FRST logs as well. :thumbsup:

You computer was infected mostly with adware, and these come in from a variety of sources. They can be installed on your machine by visiting websites that have been compromised by hackers. One thing that caused a lot of your problems was an infection that changed your Chrome browser to what's called a development build. It basically lowers the security of Chrome and allows the infection to install whatever malware extensions it wants in your browser.

Once we're done, I'll have some tips to help prevent infections in the future. :thumbsup:

And, you're very welcome for the help. It's our pleasure. :)


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Mini Toolbox


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Step 2: Fresh FRST Logs
  • Start Farbar's Recovery Scan Tool, check the Addition.txt box and press the Scan button.
  • FRST will scan your system and produce two logs: FRST.txt and Addition.txt. Please post them in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

MTB.txt Log

FRST.txt Log

Addition.txt Log

  • 0

#24
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by David (administrator) on 16-03-2016 at 21:21:20
Running from "C:\Users\David\Desktop\Mini Toolbox"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: s5703w Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15474 entries.
 
========================= IP Configuration: ================================
 
NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : David-HP
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet 
   Physical Address. . . . . . . . . : 70-71-BC-C9-A7-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::db4:a53d:593b:5aa8%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.254.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, March 15, 2016 6:03:15 PM
   Lease Expires . . . . . . . . . . : Thursday, September 07, 2023 12:08:09 PM
   Default Gateway . . . . . . . . . : 192.168.254.254
   DHCP Server . . . . . . . . . . . : 192.168.254.254
   DHCPv6 IAID . . . . . . . . . . . : 259027388
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-03-25-BC-70-71-BC-C9-A7-28
   DNS Servers . . . . . . . . . . . : 192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.Home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Reusable ISATAP Interface {11B48C93-940F-4117-BBAE-99CB5C9F4FEC}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  MyRouter.Home
Address:  192.168.254.254
 
Name:    google.com
Addresses:  2607:f8b0:400d:c06::66
 74.125.22.101
 74.125.22.139
 74.125.22.113
 74.125.22.138
 74.125.22.100
 74.125.22.102
 
 
Pinging google.com [74.125.22.101] with 32 bytes of data:
Reply from 74.125.22.101: bytes=32 time=47ms TTL=44
Reply from 74.125.22.101: bytes=32 time=46ms TTL=44
 
Ping statistics for 74.125.22.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 46ms, Maximum = 47ms, Average = 46ms
Server:  MyRouter.Home
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 2001:4998:58:c02::a9
 98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=74ms TTL=51
Reply from 98.139.183.24: bytes=32 time=75ms TTL=51
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 74ms, Maximum = 75ms, Average = 74ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...70 71 bc c9 a7 28 ......NVIDIA nForce 10/100 Mbps Ethernet 
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254    192.168.254.3     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.254.0    255.255.255.0         On-link     192.168.254.3    276
    192.168.254.3  255.255.255.255         On-link     192.168.254.3    276
  192.168.254.255  255.255.255.255         On-link     192.168.254.3    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.254.3    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.254.3    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::db4:a53d:593b:5aa8/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/16/2016 09:14:51 PM) (Source: Adobe Reader) (User: )
Description: 
 
Error: (03/16/2016 09:14:34 PM) (Source: Adobe Reader) (User: )
Description: 
 
Error: (03/14/2016 05:25:10 PM) (Source: Adobe Reader) (User: )
Description: 
 
Error: (03/13/2016 09:26:43 PM) (Source: Adobe Reader) (User: )
Description: 
 
Error: (03/12/2016 11:13:04 PM) (Source: Adobe Reader) (User: )
Description: 
 
Error: (03/12/2016 09:32:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/12/2016 12:09:16 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {122903bd-76e3-4530-aa90-270b374f36b3}
 
Error: (03/12/2016 12:08:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/11/2016 04:18:20 PM) (Source: Adobe Reader) (User: )
Description: 
 
Error: (03/11/2016 04:18:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: AcroRd32.exe, version: 15.7.20033.2203, time stamp: 0x5507d7da
Faulting module name: AcroRd32.dll, version: 15.7.20033.2203, time stamp: 0x5507d7bf
Exception code: 0xc0000005
Fault offset: 0x00a085ad
Faulting process id: 0x1438
Faulting application start time: 0xAcroRd32.exe0
Faulting application path: AcroRd32.exe1
Faulting module path: AcroRd32.exe2
Report Id: AcroRd32.exe3
 
 
System errors:
=============
Error: (03/15/2016 06:16:20 PM) (Source: nvstor64) (User: )
Description: Command to device was aborted.
 
 
 
Device: \Device\RaidPort0
 
Model: Hitachi HDS721050CLA362
 
Firmware Version: JP2O
 
Serial Number:       JPB570HF2J79HD
 
Port: 0
 
Error: (03/15/2016 06:04:18 PM) (Source: Service Control Manager) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (03/15/2016 05:23:46 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:45 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:44 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:43 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:43 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/13/2016 05:39:02 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (03/13/2016 04:00:12 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (03/12/2016 01:36:47 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
 
Microsoft Office Sessions:
=========================
Error: (03/16/2016 09:14:51 PM) (Source: Adobe Reader)(User: )
Description: 
 
Error: (03/16/2016 09:14:34 PM) (Source: Adobe Reader)(User: )
Description: 
 
Error: (03/14/2016 05:25:10 PM) (Source: Adobe Reader)(User: )
Description: 
 
Error: (03/13/2016 09:26:43 PM) (Source: Adobe Reader)(User: )
Description: 
 
Error: (03/12/2016 11:13:04 PM) (Source: Adobe Reader)(User: )
Description: 
 
Error: (03/12/2016 09:32:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe
 
Error: (03/12/2016 12:09:16 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {122903bd-76e3-4530-aa90-270b374f36b3}
 
Error: (03/12/2016 12:08:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\David\Desktop\Geeks to go\esetsmartinstaller_enu.exe
 
Error: (03/11/2016 04:18:20 PM) (Source: Adobe Reader)(User: )
Description: 
 
Error: (03/11/2016 04:18:19 PM) (Source: Application Error)(User: )
Description: AcroRd32.exe15.7.20033.22035507d7daAcroRd32.dll15.7.20033.22035507d7bfc000000500a085ad143801d17bd31e4fc050C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeC:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll64c0ccf0-e7c6-11e5-a10a-7071bcc9a728
 
 
=========================== Installed Programs ============================
 
6300 (HKLM-x32\...\{BC39DBA4-D1B7-483C-BA0D-9EB0BB0B6DCF}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (HKLM-x32\...\{BDEDBDD9-C97B-4333-B7BE-6979A34F6F74}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (HKLM-x32\...\{17271AB7-D7EC-4a95-9861-FAFE5A4664AD}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (HKLM-x32\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bejeweled 2 Deluxe (HKLM-x32\...\WT087428) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT087453) (Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
Escape Rosecliff Island (HKLM-x32\...\WT087360) (Version: 2.2.0.95 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (HKLM-x32\...\WT087372) (Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKCU\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Assistant (HKLM\...\{6888C635-E550-4FA4-958E-CE2880B0443B}) (Version: 1.1.1.6 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WT087379) (Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Wal-Mart Digital Photo Center (HKLM-x32\...\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}) (Version: 1.4.0.0 - Fujifilm e-Systems)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7137 - MyHeritage.com)
Mystery P.I. - The London Caper (HKLM-x32\...\WT089299) (Version: 2.2.0.95 - WildTangent) Hidden
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7330.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
Plants vs. Zombies (HKLM-x32\...\WT087501) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.1.1.0 - Reason Software Company Inc.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3219 - CyberLink Corp.) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Should I Remove It (HKCU\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
SierraHome Print Artist 12.0 (HKLM-x32\...\Print Artist 12.0) (Version:  - )
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Virtual Families (HKLM-x32\...\WT087414) (Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
Walmart Photo Manager (HKLM-x32\...\{1D601240-1E3C-11DE-8C30-0800200C9A66}) (Version: 2.4.0.570 - Walmart Stores Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (HKLM-x32\...\WT087415) (Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKCU\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zuma Deluxe (HKLM-x32\...\WT087533) (Version: 2.2.0.95 - WildTangent) Hidden
 
========================= Devices: ================================
 
Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Device ID: ROOT\LEGACY_VBOXASWDRV\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 57%
Total physical RAM: 3839.3 MB
Available physical RAM: 1633.68 MB
Total Virtual: 7676.82 MB
Available Virtual: 5032.07 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:452.34 GB) (Free:271.89 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:13.32 GB) (Free:1.61 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DAVID-HP
 
Administrator            David                    Guest                    
User                     
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****

  • 0

#25
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-HP (16-03-2016 21:25:06)
Running from C:\Users\David\Desktop\Geeks to go\Fix
Loaded Profiles: David (Available Profiles: David & User & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsEngineSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-09] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{44D24BD7-E7B0-4EF5-B7E1-18C511A9D930}: [DhcpNameServer] 192.168.254.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> 3B4CB17A98734066A3E2C70724C42744 URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-03-15] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-03-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-09] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-01] [not signed]
FF HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-15]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 2
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-16]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-03-04] ()
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
S3 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-03-04] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-03-02] (Alcatel-Lucent) [File not signed]
S3 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-03-02] (Alcatel-Lucent) [File not signed]
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [82680 2015-12-24] (Reason Software Company Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-15] (Realtek Semiconductor)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-13] (Radialpoint SafeCare Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Windstream MAHostService; C:\Program Files (x86)\Windstream\8.3.1.7\ma\bin\MAHostService.exe [321024 2014-01-20] (Alcatel-Lucent) [File not signed]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-02-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-16] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-14] (REALiX™)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-16 21:20 - 2016-03-16 21:23 - 00000000 ____D C:\Users\David\Desktop\Mini Toolbox
2016-03-16 13:50 - 2016-03-16 13:50 - 00032901 _____ C:\Users\David\Desktop\VZ CollegeApp_ Liberty_ Confirmation.html
2016-03-16 13:50 - 2016-03-16 13:50 - 00000000 ____D C:\Users\David\Desktop\VZ CollegeApp_ Liberty_ Confirmation_files
2016-03-15 17:31 - 2016-03-15 16:45 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-03-15 17:22 - 2016-03-15 17:31 - 00000000 ____D C:\zoek
2016-03-15 16:43 - 2016-03-15 17:25 - 00000000 ____D C:\zoek_backup
2016-03-12 01:30 - 2016-03-12 01:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-12 01:30 - 2016-03-12 01:29 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-12 01:29 - 2016-03-12 01:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-10 22:02 - 2016-03-10 22:02 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-10 21:24 - 2016-03-10 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-10 21:24 - 2016-03-10 21:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-10 21:24 - 2015-10-05 10:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-10 21:24 - 2015-10-05 10:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-10 19:27 - 2016-03-10 19:31 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-09 15:16 - 2016-02-20 16:01 - 00449907 _____ C:\Windows\system32\Drivers\etc\hosts.20160309-141654.backup
2016-03-09 14:43 - 2016-03-09 14:43 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-09 14:43 - 2016-03-09 14:43 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-09 14:42 - 2016-03-16 21:08 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-09 14:42 - 2016-03-16 13:47 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-09 14:42 - 2016-03-09 14:42 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-09 14:42 - 2016-03-09 14:42 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-09 14:41 - 2016-03-09 14:42 - 00000000 ____D C:\Users\David\AppData\Local\Deployment
2016-03-08 19:38 - 2016-02-12 14:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-08 19:38 - 2016-02-12 14:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-08 19:38 - 2016-02-12 14:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-08 19:38 - 2016-02-12 14:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-08 19:38 - 2016-02-12 14:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-08 19:38 - 2016-02-12 14:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-08 19:38 - 2016-02-12 14:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-08 19:38 - 2016-02-12 14:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-08 19:38 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-08 19:38 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-08 19:38 - 2016-02-12 14:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-08 19:38 - 2016-02-12 14:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-08 19:38 - 2016-02-12 14:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-08 19:38 - 2016-02-12 14:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-08 19:38 - 2016-02-12 14:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-08 19:38 - 2016-02-12 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-08 19:38 - 2016-02-09 02:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-08 19:38 - 2016-02-09 02:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 19:38 - 2016-02-08 17:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-08 19:38 - 2016-02-08 16:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-08 19:38 - 2016-02-08 16:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-08 19:38 - 2016-02-08 16:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-08 19:38 - 2016-02-08 16:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-08 19:38 - 2016-02-08 16:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-08 19:38 - 2016-02-08 16:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-08 19:38 - 2016-02-08 16:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-08 19:38 - 2016-02-08 16:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-08 19:38 - 2016-02-08 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-08 19:38 - 2016-02-08 16:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-08 19:38 - 2016-02-08 16:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-08 19:38 - 2016-02-08 16:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-08 19:38 - 2016-02-08 16:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-08 19:38 - 2016-02-08 16:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-08 19:38 - 2016-02-08 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-08 19:38 - 2016-02-08 16:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-08 19:38 - 2016-02-08 16:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-08 19:38 - 2016-02-08 16:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-08 19:38 - 2016-02-08 16:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-08 19:38 - 2016-02-08 16:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-08 19:38 - 2016-02-08 16:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-08 19:38 - 2016-02-08 16:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-08 19:38 - 2016-02-08 16:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-08 19:38 - 2016-02-08 16:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-08 19:38 - 2016-02-08 16:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-08 19:38 - 2016-02-08 16:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-08 19:38 - 2016-02-08 16:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-08 19:38 - 2016-02-08 15:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-08 19:38 - 2016-02-08 15:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-08 19:38 - 2016-02-08 15:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-08 19:38 - 2016-02-08 14:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-08 19:38 - 2016-02-08 14:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-08 19:38 - 2016-02-08 14:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-08 19:38 - 2016-02-08 14:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-08 19:38 - 2016-02-08 14:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-08 19:38 - 2016-02-08 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-08 19:38 - 2016-02-08 14:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-08 19:38 - 2016-02-08 14:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-08 19:38 - 2016-02-08 14:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-08 19:38 - 2016-02-08 14:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-08 19:38 - 2016-02-08 14:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-08 19:38 - 2016-02-08 14:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-08 19:38 - 2016-02-08 14:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-08 19:38 - 2016-02-08 14:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-08 19:38 - 2016-02-08 14:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-08 19:38 - 2016-02-08 14:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-08 19:38 - 2016-02-08 14:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-08 19:38 - 2016-02-08 14:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-08 19:38 - 2016-02-08 13:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-08 19:38 - 2016-02-08 13:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-08 19:38 - 2016-02-08 13:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-08 19:38 - 2016-02-08 13:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-08 19:38 - 2016-02-08 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-08 19:38 - 2016-02-08 13:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-08 19:38 - 2016-02-08 13:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-08 19:38 - 2016-02-08 13:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-08 19:38 - 2016-02-08 13:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-08 19:38 - 2016-02-08 13:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-08 19:38 - 2016-02-08 13:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-08 19:38 - 2016-02-08 13:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-08 19:38 - 2016-02-08 13:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-08 19:38 - 2016-02-08 13:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-08 19:38 - 2016-02-08 12:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-08 19:38 - 2016-02-04 13:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-08 19:38 - 2016-02-03 14:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-08 19:38 - 2016-02-03 14:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 19:38 - 2016-02-03 14:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-08 19:38 - 2016-02-03 14:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 19:38 - 2016-02-03 14:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 19:38 - 2016-01-11 15:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-08 19:38 - 2015-11-19 10:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-08 19:38 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-08 19:35 - 2016-02-11 14:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-08 19:35 - 2016-02-11 14:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-08 19:35 - 2016-02-11 14:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-08 19:35 - 2016-02-11 14:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-08 19:35 - 2016-02-11 14:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-08 19:35 - 2016-02-11 14:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-08 19:35 - 2016-02-11 14:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-08 19:35 - 2016-02-11 14:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-08 19:35 - 2016-02-11 14:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-08 19:35 - 2016-02-11 14:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-08 19:35 - 2016-02-11 14:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-08 19:35 - 2016-02-11 14:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-08 19:35 - 2016-02-11 14:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-08 19:35 - 2016-02-11 14:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-08 19:35 - 2016-02-11 14:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-08 19:35 - 2016-02-11 14:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-08 19:35 - 2016-02-11 14:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-08 19:35 - 2016-02-11 14:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-08 19:35 - 2016-02-11 14:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-08 19:35 - 2016-02-11 14:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-08 19:35 - 2016-02-11 14:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-08 19:35 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-08 19:35 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-08 19:35 - 2016-02-11 14:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-08 19:35 - 2016-02-11 14:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-08 19:35 - 2016-02-11 14:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-08 19:35 - 2016-02-11 14:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-08 19:35 - 2016-02-11 14:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-08 19:35 - 2016-02-11 14:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-08 19:35 - 2016-02-11 14:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-08 19:35 - 2016-02-11 14:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-08 19:35 - 2016-02-11 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-08 19:35 - 2016-02-11 14:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-08 19:35 - 2016-02-11 14:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 13:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-08 19:35 - 2016-02-11 13:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-08 19:35 - 2016-02-11 13:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-08 19:35 - 2016-02-11 13:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-08 19:35 - 2016-02-11 13:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-08 19:35 - 2016-02-11 13:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-08 19:35 - 2016-02-11 13:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-08 19:35 - 2016-02-11 13:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-08 19:35 - 2016-02-11 13:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-08 19:35 - 2016-02-11 13:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-08 19:35 - 2016-02-11 13:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-08 19:35 - 2016-02-11 13:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-08 19:35 - 2016-02-11 13:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-08 19:35 - 2016-02-11 13:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-08 19:35 - 2016-02-11 13:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 13:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-08 19:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-08 19:35 - 2016-02-09 05:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-08 19:35 - 2016-02-09 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 19:35 - 2016-02-05 14:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-08 19:35 - 2016-02-05 14:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-08 19:35 - 2016-02-05 14:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 19:35 - 2016-02-05 14:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-08 19:35 - 2016-02-05 14:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-08 19:35 - 2016-02-05 14:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-08 19:35 - 2016-02-05 14:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-08 19:35 - 2016-02-05 13:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 19:35 - 2016-02-05 13:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-08 19:35 - 2016-02-05 13:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 19:35 - 2016-02-04 21:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-08 19:35 - 2016-02-04 14:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 19:34 - 2016-02-19 15:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-08 19:34 - 2016-02-19 14:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-08 19:34 - 2016-02-19 10:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-08 19:34 - 2016-02-11 10:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-08 19:34 - 2016-02-09 05:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-08 19:34 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-08 19:34 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-08 19:34 - 2016-02-09 05:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-08 19:34 - 2016-02-09 05:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-08 19:34 - 2016-02-09 05:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-08 19:34 - 2016-02-09 05:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-08 19:34 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-08 19:34 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-08 19:34 - 2016-02-05 10:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-08 19:34 - 2016-02-05 10:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-08 19:34 - 2016-02-05 10:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-02 15:27 - 2016-03-15 19:09 - 00000000 ____D C:\Users\David\Desktop\Geeks to go
2016-03-02 15:16 - 2016-03-02 15:16 - 00000000 ____D C:\Users\David\Documents\ProcAlyzer Dumps
2016-03-02 15:02 - 2016-03-02 15:04 - 00210326 _____ C:\TDSSKiller.3.1.0.9_02.03.2016_14.02.24_log.txt
2016-02-25 19:41 - 2016-03-14 18:04 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDavid
2016-02-25 19:41 - 2016-03-14 18:04 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForDavid.job
2016-02-20 18:02 - 2016-03-16 21:25 - 00000000 ____D C:\FRST
2016-02-20 14:39 - 2016-02-20 14:59 - 00057294 _____ C:\Windows\ntbtlog.txt
2016-02-19 17:32 - 2016-02-19 17:34 - 54329568 _____ (Microsoft Corporation) C:\Users\David\Downloads\Windows-KB890830-x64-V5.33.exe
2016-02-19 17:32 - 2016-02-19 17:34 - 38808920 _____ (Microsoft Corporation) C:\Users\David\Downloads\FileFormatConverters.exe
2016-02-18 22:30 - 2016-02-19 17:34 - 00129808 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-18 22:08 - 2016-03-10 04:24 - 00469504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-18 21:32 - 2016-02-18 21:32 - 00002980 _____ C:\Windows\System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F}
2016-02-18 21:31 - 2016-02-18 21:31 - 00002980 _____ C:\Windows\System32\Tasks\{C66F275F-6A0E-44CD-8F46-24AEDB0C094B}
2016-02-18 21:31 - 2016-02-18 21:31 - 00002980 _____ C:\Windows\System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92}
2016-02-16 19:30 - 2016-02-16 19:19 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-16 19:26 - 2016-02-16 02:06 - 00449674 _____ C:\Windows\system32\Drivers\etc\hosts.20160216-182605.backup
2016-02-16 19:22 - 2016-02-16 19:22 - 00000000 ____D C:\Users\David\AppData\Roaming\AVAST Software
2016-02-16 19:20 - 2016-02-16 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-16 19:16 - 2016-02-16 19:16 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-16 19:15 - 2016-02-16 19:15 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-16 02:06 - 2016-02-16 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-16 02:06 - 2016-02-16 02:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-16 02:06 - 2016-02-16 02:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-16 01:12 - 2016-02-20 16:35 - 00000388 _____ C:\Windows\Tasks\ReasonSecurityScheduledScan.job
2016-02-15 20:19 - 2016-02-15 20:19 - 00000912 _____ C:\Windows\SysWOW64\${LOGFILE}
2016-02-15 20:17 - 2016-02-15 20:17 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-15 20:14 - 2016-02-15 20:14 - 00000000 ____D C:\Users\David\AppData\Local\Chromium
2016-02-15 20:09 - 2016-02-15 20:11 - 00215318 _____ C:\TDSSKiller.3.1.0.9_15.02.2016_19.09.53_log.txt
2016-02-15 20:08 - 2016-03-11 02:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-15 20:08 - 2015-10-05 10:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-15 19:14 - 2016-03-12 00:09 - 00000000 ____D C:\Users\David\Documents\My Filehippo Downloads
2016-02-15 19:11 - 2016-02-15 19:11 - 00003014 _____ C:\Windows\System32\Tasks\{20D0BC52-F629-48A2-BB13-9EFDE917E1B7}
2016-02-15 19:09 - 2016-02-15 21:22 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2016-02-15 19:09 - 2016-02-15 19:09 - 00003274 _____ C:\Windows\System32\Tasks\SuperbGameBoost
2016-02-15 19:09 - 2016-02-15 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\SuperBoost
2016-02-15 19:09 - 2016-02-15 19:09 - 00000000 ____D C:\ProgramData\SuperBoost
2016-02-15 14:38 - 2016-02-15 14:38 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-02-15 14:38 - 2016-02-15 14:38 - 04686592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-02-15 14:38 - 2016-02-15 14:38 - 04307112 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-02-15 14:38 - 2016-02-15 14:38 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 03040488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-02-15 14:38 - 2016-02-15 14:38 - 02130584 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 01328496 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 01020208 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-02-15 14:38 - 2016-02-15 14:38 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-02-15 14:36 - 2016-02-15 14:36 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2016-02-15 14:36 - 2016-02-15 14:36 - 00084480 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-02-15 14:36 - 2016-02-15 14:36 - 00019399 _____ C:\Windows\system32\AmUStor.ini
2016-02-15 14:36 - 2016-02-15 14:36 - 00012800 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-02-15 14:36 - 2016-02-15 14:36 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2016-02-15 14:36 - 2016-02-15 14:36 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2016-02-15 14:36 - 2016-02-15 14:36 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2016-02-15 14:36 - 2016-02-15 14:36 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2016-02-15 14:36 - 2016-02-15 14:36 - 00000008 _____ C:\Windows\system32\CardDetect.bin
2016-02-15 14:31 - 2016-02-15 14:31 - 26341704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 25255568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 19916432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 15373568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 13585736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-15 14:31 - 2016-02-15 14:31 - 09185504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 07755632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 07639952 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 06295288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 02748232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 02576200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 02447000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 02220176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 01868104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 01801544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6430908.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 01510728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6430908.dll
2016-02-15 14:31 - 2016-02-15 14:31 - 00017616 _____ C:\Windows\system32\nvinfo.pb
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-16 21:13 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-16 21:13 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-16 21:08 - 2015-05-12 12:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-15 21:08 - 2013-10-28 19:16 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A0B974DB-CB5C-4689-9CD9-085B2BCAE397}
2016-03-15 18:11 - 2009-07-14 01:13 - 00820796 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-15 18:11 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-03-15 18:03 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-15 18:01 - 2013-10-28 18:38 - 00000000 ____D C:\Users\David\AppData\Roaming\SoftGrid Client
2016-03-15 12:10 - 2015-07-27 16:19 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-15 12:07 - 2015-07-27 16:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-14 17:31 - 2015-01-02 16:37 - 00000000 ____D C:\Users\David\Desktop\DAVID
2016-03-13 19:28 - 2015-02-26 19:14 - 00000000 ____D C:\Users\David\Desktop\David School
2016-03-12 09:28 - 2014-02-27 19:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-12 01:30 - 2015-08-21 14:41 - 00000000 ____D C:\Users\David\.oracle_jre_usage
2016-03-12 01:30 - 2014-03-19 18:26 - 00000000 ____D C:\Users\David\AppData\LocalLow\Sun
2016-03-11 16:18 - 2013-10-31 16:29 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-03-10 19:31 - 2013-11-06 11:22 - 00000000 ____D C:\Users\Guest
2016-03-10 19:30 - 2013-12-03 18:14 - 00000000 ____D C:\Users\David\Desktop\DEB
2016-03-10 16:44 - 2015-05-12 12:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-09 15:09 - 2015-12-10 21:27 - 00000000 ____D C:\Users\David\AppData\LocalLow\Temp
2016-03-09 14:43 - 2013-11-09 16:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-09 14:41 - 2015-03-21 14:55 - 00000000 ____D C:\Users\David\AppData\Local\Apps\2.0
2016-03-09 14:38 - 2014-03-05 10:59 - 00000000 ____D C:\Users\David\Desktop\PC SCANS
2016-03-09 14:24 - 2014-02-27 19:33 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-09 14:23 - 2014-02-27 19:33 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-09 06:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-03-09 04:10 - 2013-10-28 20:38 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 04:01 - 2014-12-10 11:28 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 04:01 - 2013-10-28 20:38 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-26 04:01 - 2015-04-04 16:53 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-26 04:01 - 2015-04-04 16:53 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-23 14:01 - 2014-02-27 19:33 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-23 01:22 - 2016-01-01 15:54 - 00000000 ____D C:\Users\David\Desktop\HP
2016-02-20 23:40 - 2014-03-07 11:32 - 00000000 ____D C:\Users\David\AppData\Local\Microsoft Games
2016-02-19 17:36 - 2010-10-28 16:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-19 17:34 - 2015-03-25 16:49 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-02-18 22:18 - 2015-07-23 14:53 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-02-16 21:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-16 19:20 - 2014-02-27 19:33 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-02-16 19:19 - 2014-05-04 12:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-16 19:19 - 2014-02-27 19:33 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-16 19:19 - 2014-02-27 19:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-16 19:19 - 2014-02-27 19:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-16 19:16 - 2010-10-28 16:45 - 00000000 ____D C:\ProgramData\Temp
2016-02-16 01:38 - 2013-10-28 18:11 - 00000000 ____D C:\Users\David
2016-02-16 01:11 - 2016-02-12 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2016-02-15 21:31 - 2016-01-01 15:45 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-02-15 19:04 - 2014-03-19 13:54 - 00000000 ____D C:\Program Files\Common Files\Motive
2016-02-15 14:44 - 2014-05-29 12:31 - 00000683 _____ C:\ProgramData\EventStore.xml
2016-02-15 14:44 - 2014-05-29 12:31 - 00000545 _____ C:\ProgramData\CampaignStore.xml
2016-02-15 14:44 - 2014-05-29 12:31 - 00000424 _____ C:\ProgramData\SoftwareVersionStore.xml
2016-02-15 14:44 - 2014-05-29 12:31 - 00000150 _____ C:\ProgramData\SubscriberStatusStore.json
2016-02-15 14:44 - 2014-05-29 12:30 - 00000619 _____ C:\ProgramData\SubscriptionStore.xml
2016-02-15 14:44 - 2014-05-29 12:30 - 00000583 _____ C:\ProgramData\UpgradeStore.xml
2016-02-15 14:44 - 2014-05-29 12:30 - 00000412 _____ C:\ProgramData\ConfigurationStore.xml
2016-02-15 14:44 - 2014-05-29 12:30 - 00000408 _____ C:\ProgramData\FulfillmentStateMachineStores.xml
2016-02-15 14:44 - 2014-05-29 12:30 - 00000066 _____ C:\ProgramData\AaaAuthorizationStore.json
2016-02-15 14:39 - 2010-10-28 16:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-15 14:35 - 2010-10-28 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-15 14:33 - 2010-10-28 16:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-15 14:31 - 2010-10-28 17:29 - 18320440 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-15 14:31 - 2010-10-28 17:29 - 02753952 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
 
==================== Files in the root of some directories =======
 
2014-12-30 20:51 - 2014-12-30 22:10 - 0012800 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 18:32 - 2015-01-02 18:32 - 0234679 _____ () C:\Users\David\AppData\Local\dsi1.dat
2015-01-02 18:32 - 2015-01-02 18:32 - 0161916 _____ () C:\Users\David\AppData\Local\dsi2.dat
2014-05-29 12:30 - 2016-02-15 14:44 - 0000066 _____ () C:\ProgramData\AaaAuthorizationStore.json
2014-05-29 12:31 - 2016-02-15 14:44 - 0000545 _____ () C:\ProgramData\CampaignStore.xml
2014-05-29 12:30 - 2016-02-15 14:44 - 0000412 _____ () C:\ProgramData\ConfigurationStore.xml
2014-05-29 12:31 - 2016-02-15 14:44 - 0000683 _____ () C:\ProgramData\EventStore.xml
2014-05-29 12:30 - 2016-02-15 14:44 - 0000408 _____ () C:\ProgramData\FulfillmentStateMachineStores.xml
2015-12-31 19:31 - 2016-02-12 11:22 - 0004771 _____ () C:\ProgramData\hpzinstall.log
2014-02-27 20:04 - 2014-02-27 20:28 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-05-29 12:30 - 2016-02-14 17:40 - 0000466 _____ () C:\ProgramData\SharedProperties.xml
2014-05-29 12:31 - 2016-02-15 14:44 - 0000424 _____ () C:\ProgramData\SoftwareVersionStore.xml
2014-05-29 12:31 - 2016-02-15 14:44 - 0000150 _____ () C:\ProgramData\SubscriberStatusStore.json
2014-05-29 12:30 - 2016-02-15 14:44 - 0000619 _____ () C:\ProgramData\SubscriptionStore.xml
2014-05-29 12:30 - 2016-02-15 14:44 - 0000583 _____ () C:\ProgramData\UpgradeStore.xml
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-09 01:33
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#26
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-03-16 21:26:05)
Running from C:\Users\David\Desktop\Geeks to go\Fix
Windows 7 Home Premium Service Pack 1 (X64) (2013-10-28 22:11:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-585021316-1980500837-2966188906-500 - Administrator - Disabled)
David (S-1-5-21-585021316-1980500837-2966188906-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-585021316-1980500837-2966188906-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-585021316-1980500837-2966188906-1002 - Limited - Enabled)
User (S-1-5-21-585021316-1980500837-2966188906-1003 - Limited - Enabled) => C:\Users\User
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
6300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Assistant (HKLM\...\{6888C635-E550-4FA4-958E-CE2880B0443B}) (Version: 1.1.1.6 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Wal-Mart Digital Photo Center (HKLM-x32\...\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}) (Version: 1.4.0.0 - Fujifilm e-Systems)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7137 - MyHeritage.com)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7330.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4527 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.1.1.0 - Reason Software Company Inc.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SierraHome Print Artist 12.0 (HKLM-x32\...\Print Artist 12.0) (Version:  - )
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Walmart Photo Manager (HKLM-x32\...\{1D601240-1E3C-11DE-8C30-0800200C9A66}) (Version: 2.4.0.570 - Walmart Stores Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02A0DF7D-DE76-47F4-A241-695307066BB1} - System32\Tasks\{20D0BC52-F629-48A2-BB13-9EFDE917E1B7} => C:\Users\David\Desktop\PC SCANS\Set up for PC scans\asc-ultimate-setup.exe
Task: {0C9D7BDE-BE09-4507-86D5-C058E7F97800} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {21FF8D8B-C79A-4F68-82E6-7587AE86501C} - System32\Tasks\{7DDDFD20-0034-47F0-9EF2-C11CC6B1A1FE} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\TweakUiPowertoySetup.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {259BD190-4D37-40AE-B129-36C676B06628} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {2D79C023-D8AA-4E86-A2D1-C1601102CF05} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-15] (Microsoft Corporation)
Task: {2E9D0A66-76BE-493A-9FAD-8514AFBD77D6} - System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {3558D48F-6FB1-4713-B2E3-33D224C80F37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {43A58F2A-B171-4CE4-98E8-1CCC62358EE2} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4EE22EC3-1037-4769-87FD-6E60EFD6A1F8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-585021316-1980500837-2966188906-1000
Task: {4F1D03C4-C329-4FE9-9275-88DAEE0193E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {5BBCDC62-40AC-4BA8-914B-91F64461E4F6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {6879F143-481E-4140-9209-BB7B667CF8B5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {6EC5B208-C9F1-4D46-B7D5-AE6FB49A8AC9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-16] (AVAST Software)
Task: {712E61E3-1B00-4026-87EB-9EF39461D152} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-03-15] (Microsoft Corporation)
Task: {78AFFDED-C3B0-4E13-9485-F384CE008DDF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-03-15] (Microsoft Corporation)
Task: {79B899D5-3F7A-44AB-8534-1E6ADF90D584} - System32\Tasks\{5C3E0562-F14F-46A4-8D0B-79520B28FA94} => pcalua.exe -a "C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUN2QOF4\startuplite-setup-1.07.exe" -d C:\Users\David\Desktop
Task: {804E739C-A348-4CAF-A337-E7584E90247C} - System32\Tasks\{C66F275F-6A0E-44CD-8F46-24AEDB0C094B} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {8C1CC126-857D-423E-A660-66D28434B875} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {948E580D-3BE9-43AB-9763-48856EF242D4} - System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {9F7EDF11-7951-49FB-A404-84523BA684C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {ACF54955-1154-4C54-914A-1C1A06972E4C} - System32\Tasks\{66AED39D-C8F9-4D71-9FE3-48533CE8B638} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\Adaware_Installer.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {C2605A1E-388D-4193-9C3B-8AA341C3B20D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {C603EC81-625C-492D-B720-262722EAB4D9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)
Task: {D21C02DA-D847-4887-B831-4FF772540262} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {DCBB10B7-5043-4630-8CE9-2FBD93274B39} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {DF009C87-4404-4649-9C31-4E0A17A90B4C} - System32\Tasks\SuperbGameBoost => C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
Task: {E14F2BA7-3885-45B9-9C65-64780D74BEF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {E6118FDA-F60A-4008-A18F-81468A425F66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {E61B2C39-265A-4474-BBB1-C158EED29AB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {EE9B78B3-2DCE-459F-9C19-59953A6635F0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {F12B30C3-E47F-4998-90D4-D95F0183083A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {F8B6555C-7394-4FB4-9BC0-47BC076A7F48} - System32\Tasks\{11BC1C56-1256-4DDE-B93D-817E5D31CBFC} => pcalua.exe -a "C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTQASXD5\TweakUiPowertoySetup.exe" -d C:\Users\David\Desktop
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReasonSecurityScheduledScan.job => C:\Program Files\Reason\Security\rsUI.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-27 16:11 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-12-05 04:05 - 2015-01-30 20:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-15 09:32 - 2016-03-15 09:32 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-02-28 01:33 - 2010-02-28 01:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2016-02-16 19:19 - 2016-02-16 19:19 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-16 19:19 - 2016-02-16 19:19 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-15 13:45 - 2016-03-15 13:45 - 02840576 _____ () C:\Program Files\AVAST Software\Avast\defs\16031501\algo.dll
2016-02-16 19:19 - 2016-02-16 19:19 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-16 19:19 - 2016-02-16 19:19 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-03-16 19:02 - 2016-03-16 19:02 - 02841600 _____ () C:\Program Files\AVAST Software\Avast\defs\16031601\algo.dll
2015-12-03 16:17 - 2015-11-12 14:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-16 19:19 - 2016-02-16 19:19 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-27 20:57 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-27 20:57 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-27 20:57 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-15 09:45 - 2016-03-15 09:45 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2016-03-09 14:43 - 2016-03-07 22:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-09 14:43 - 2016-03-07 22:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7872 more sites.
 
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12689 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2016-03-09 15:16 - 00451251 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15474 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zoom => 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{03338DE3-F263-4125-A053-DBF825BBBD91}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{82E42567-5215-450A-B755-E7BEF6992339}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{24CE072C-7696-4058-B90D-BE81B01CBCBB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D23541F6-8676-4744-827F-E4CA55C8336C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{42BF84FD-0716-41D9-ADCA-4C44ED04F036}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
15-02-2016 04:00:11 Windows Update
15-02-2016 14:29:08 Driver Booster : BlackBerry Smartphone
15-02-2016 19:23:23 Restore Point before AdAwareInstaller was removed using Program Install and Uninstall troubleshooter
15-02-2016 19:24:07  AdAwareInstaller 
16-02-2016 19:15:38 Windows Update
17-02-2016 04:00:25 Windows Update
18-02-2016 04:00:24 Windows Update
18-02-2016 22:01:37 Windows Update
19-02-2016 17:28:07 Windows Update
19-02-2016 17:34:27 Installed Compatibility Pack for the 2007 Office system
19-02-2016 23:00:11 Windows Update
21-02-2016 04:00:30 Windows Update
21-02-2016 22:47:05 Windows Backup
22-02-2016 11:58:24 Windows Update
23-02-2016 03:19:02 Windows Update
24-02-2016 04:00:28 Windows Update
25-02-2016 04:00:36 Windows Update
25-02-2016 05:05:55 Windows Update
26-02-2016 04:00:26 Windows Update
27-02-2016 04:00:20 Windows Update
28-02-2016 04:00:10 Windows Update
29-02-2016 04:00:22 Windows Update
29-02-2016 04:00:44 Windows Backup
01-03-2016 04:00:10 Windows Update
02-03-2016 04:00:10 Windows Update
03-03-2016 04:00:26 Windows Update
04-03-2016 04:00:20 Windows Update
05-03-2016 04:00:20 Windows Update
06-03-2016 04:00:10 Windows Update
06-03-2016 20:00:09 Windows Backup
07-03-2016 04:00:10 Windows Update
08-03-2016 04:00:10 Windows Update
09-03-2016 04:00:13 Windows Update
09-03-2016 15:08:25 Restore Point Created by FRST
10-03-2016 04:00:26 Windows Update
10-03-2016 19:19:48 JRT Pre-Junkware Removal
11-03-2016 03:08:03 Windows Update
11-03-2016 17:35:55 Windows Update
12-03-2016 00:09:17 Restore Point Created by FRST
12-03-2016 00:14:07 Removed Java 8 Update 72 (64-bit)
12-03-2016 00:14:30 Removed Java 8 Update 74 (64-bit)
12-03-2016 00:38:24 Removed Java 8 Update 72 (64-bit)
12-03-2016 00:39:41 Removed Java 8 Update 74 (64-bit)
12-03-2016 02:53:30 Windows Update
13-03-2016 04:00:20 Windows Update
13-03-2016 19:00:11 Windows Backup
14-03-2016 03:00:10 Windows Update
15-03-2016 03:00:10 Windows Update
15-03-2016 16:46:17 zoek.exe restore point
16-03-2016 03:00:21 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/16/2016 09:14:51 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/16/2016 09:14:34 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/14/2016 05:25:10 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/13/2016 09:26:43 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/12/2016 11:13:04 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/12/2016 09:32:17 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/12/2016 12:09:16 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {122903bd-76e3-4530-aa90-270b374f36b3}
 
Error: (03/12/2016 12:08:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/11/2016 04:18:20 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/11/2016 04:18:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 15.7.20033.2203, time stamp: 0x5507d7da
Faulting module name: AcroRd32.dll, version: 15.7.20033.2203, time stamp: 0x5507d7bf
Exception code: 0xc0000005
Fault offset: 0x00a085ad
Faulting process id: 0x1438
Faulting application start time: 0xAcroRd32.exe0
Faulting application path: AcroRd32.exe1
Faulting module path: AcroRd32.exe2
Report Id: AcroRd32.exe3
 
 
System errors:
=============
Error: (03/15/2016 06:16:20 PM) (Source: nvstor64) (EventID: 4) (User: )
Description: Command to device was aborted.
 
 
 
Device: \Device\RaidPort0
 
Model: Hitachi HDS721050CLA362
 
Firmware Version: JP2O
 
Serial Number:       JPB570HF2J79HD
 
Port: 0
 
Error: (03/15/2016 06:04:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (03/15/2016 05:23:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/15/2016 05:23:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/13/2016 05:39:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (03/13/2016 04:00:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (03/12/2016 01:36:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 220 Processor
Percentage of memory in use: 41%
Total physical RAM: 3839.3 MB
Available physical RAM: 2228.35 MB
Total Virtual: 7676.82 MB
Available Virtual: 5232.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.34 GB) (Free:271.91 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.32 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CDDC5E9D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#27
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

I was looking at  {Additional-- host content} {Mini Toolbar-- host content} and I see a bunch of websites that are porn sites and others I don't recognize. How do I get that off of my computer or does it matter? My grandson had been on these sites several times before I found out and I wondered if that was some of my problem. 

Thanks


  • 0

#28
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

I was looking at  {Additional-- host content} {Mini Toolbar-- host content} and I see a bunch of websites that are porn sites and others I don't recognize. How do I get that off of my computer or does it matter? My grandson had been on these sites several times before I found out and I wondered if that was some of my problem. 
Thanks


Hello :)

Those are actually sites that your computer is blocked from going to. When Spybot immunizes the system, it adds those sites as being restricted from your computer. Any attempt to go to those sites listed will fail. The sites he's been going to are not listed in the hosts file, and most definitely are part of the problem. Adult sites and the like are very good at infecting machines.

I see a couple little minor things in your logs I'd like to remove, nothing malware related, just a couple of entries missing files. :thumbsup:

The machine is still running smoothly with no freezes?


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post:

Fixlog.txt Log

  • 0

#29
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

:yeah: My computer is great. No more freezes and no more changes on my homepage. No more random sites popping up. Thank you so much for all the time that you guys give to help us with our computer problems.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-03-17 09:38:04) Run:3
Running from C:\Users\David\Desktop\Geeks to go\Fix
Loaded Profiles: David (Available Profiles: David & User & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
End
Start
 
*****************
 
Restore point was successfully created.
AdobeFlashPlayerUpdateSvc => service removed successfully
VBoxAswDrv => service could not remove
 
==== End of Fixlog 09:38:21 ====

  • 0

#30
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

:yeah: My computer is great. No more freezes and no more changes on my homepage. No more random sites popping up.


Hello :)

Excellent! Let's clean up my tools and create a new, clean restore point on the machine. I also have some information for you to help prevent infections in the future.
 

Thank you so much for all the time that you guys give to help us with our computer problems.


You're quite welcome, it's our pleasure. :thumbsup:


Step 1: Tool Removal with Delfix and Creation of a clean restore point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
  • You can uninstall ESET Online Scanner at this time.
  • I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Step 2: Tips, Information, and Optional Installation of Unchecky
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take your time and read each screen as you go. :)
To help protect yourself while on the web, I recommend you read How did I get infected in the first place?


Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.
  • Click here to be taken to Unchecky.com
  • Click the very large Download button.
  • Click Save
  • Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)
  • Once open, click the Install button.
unchecky1_zps667e512d.jpg


Then click Finish

unchecky2_zpsca4e7d0d.jpg


Unchecky is now installed and will help you keep unwanted check boxes unchecked. :thumbsup:


Things I need to see in your next post

Delfix Log

  • 0






Similar Topics


Also tagged with one or more of these keywords: infected computer

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP