- You understand about uTorrent and that at least it is not running for the rest of the cleaning. YES I UNDERSTAND
- The uninstall went how? Any problems? - UNINSTALLED APPS YOU REQUESTED
- The ADOBE software in question is removed? - DONE
- The Fixliog.txt log file text. - Saved fixlog.txt to desktop
- The fresh FRST / Addition log texts. (You can use more than one reply post if needed.)
- How is your system now? - only notice issues sometimes, not as much as before
---------------------------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-07-2016
Ran by User (administrator) on OWNER (26-07-2016 20:50:43)
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\nacl64.exe
(Google Inc.) C:\Users\User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Lifehacker) C:\Program Files (x86)\Belvedere\Belvedere.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Launchy\Launchy.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Mega Limited) C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3164536 2013-06-19] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1654160 2016-07-02] (Bitdefender)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5524336 2013-06-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-07-31] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-09] (Electronic Arts)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [943944 2016-06-23] (Google Inc.)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-25] (Google Inc.)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [MusicManager] => C:\Users\User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {0c7ba6ae-d01c-11e4-be71-c8f7339b1634} - "E:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {0c7babd7-d01c-11e4-be71-c8f7339b1634} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {5abbadae-63f5-11e5-be87-c8f7339b1634} - "G:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {5fb423a3-da68-11e4-be77-c8f7339b1634} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {62e1f16f-73ad-11e5-be87-c8f7339b1634} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {8249c56d-152c-11e6-be97-1867b022fa4e} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MountPoints2: {cb8377ce-52f3-11e5-be84-c8f7339b1634} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-20] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-20] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-20] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-07-20] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-07-20] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-07-20] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belvedere.lnk [2015-08-22]
ShortcutTarget: Belvedere.lnk -> C:\Program Files (x86)\Belvedere\Belvedere.exe (Lifehacker)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-08]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2015-10-03]
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-10-04]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-07-25]
ShortcutTarget: MEGAsync.lnk -> C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2015-04-04]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-04-21]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-05-04]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{634E8892-9C31-4637-9398-50FFE19C6E61}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BD44EB3C-D327-453D-9CFA-F95AD0D73CEE}: [DhcpNameServer] 168.94.0.14 168.94.0.15
Tcpip\..\Interfaces\{E26A98C8-9187-4314-BC64-DC5EFDDCF372}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-07-02] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll => No File
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-07-02] (Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll => No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-04-27] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll No File
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-07-02] (Bitdefender)
Toolbar: HKLM-x32 - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-07-02] (Bitdefender)
Toolbar: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4198864589-2716103951-1576274748-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4198864589-2716103951-1576274748-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2016-05-12]
FF HKLM\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-05-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-29]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (Habitual) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblicfmcdjkhhnafcogoldjiihbnjili [2015-07-25]
CHR Extension: (MindMeister) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2015-08-22]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-02]
CHR Extension: (Amazon Music with Prime Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkfgcfgfpgmkogcnibdjcckkpdiajgp [2015-07-25]
CHR Extension: (OneTab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-06-26]
CHR Extension: (Slacker Radio) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckngegfcpnbbcejpfnakcdcjgigaiole [2015-07-25]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (ShortOrange) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbgedljgicfnmjkpbblhbmkfocceckb [2016-02-18]
CHR Extension: (Fair AdBlock App (by STANDS)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2016-06-27]
CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-06-18]
CHR Extension: (Box for Chrome OS Beta) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dikonaebkejmpbpcnnmfaeopkaenicgf [2016-07-02]
CHR Extension: (Gingko App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgfhngpppagnmfjocmhlioockncfgjn [2015-08-22]
CHR Extension: (TickTick - Todo & Task List) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eempgbpnkjnacmilmobpbhbfpdjdcpgd [2015-08-22]
CHR Extension: (Add to Feedly™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkjjleifeeaccajkekdcckflfpenoen [2015-12-24]
CHR Extension: (Google Play Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-07-23]
CHR Extension: (Stitcher) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcenjghnbkdmdncneijobnbgjcadnbge [2015-07-25]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-29]
CHR Extension: (Fair Ads (by STANDS)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagfkmknmijppikpcikmbbkdkhggcmge [2016-07-02]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (TeamGantt Project Management) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcoffgicdhbbbpdopfhaemdbdglnkcok [2015-08-22]
CHR Extension: (Gantter for Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2015-07-25]
CHR Extension: (feedly) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-07-25]
CHR Extension: (Fitocracy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmigjnmikbkdocofcfpdeemonedpjlpn [2015-07-25]
CHR Extension: (Kindle Cloud Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-08-22]
CHR Extension: (Google Play Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
CHR Extension: (Clearly) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-07-25]
CHR Extension: (Google Play) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-08-22]
CHR Extension: (PaymoApp) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenbfhcjnclnoepkkahpnibbekkekihp [2015-08-22]
CHR Extension: (Fair AdBlock (by STANDS)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2016-07-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-03]
CHR Extension: (LINE) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde [2016-07-08]
CHR Extension: (Pocket) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-07-25]
CHR Extension: (Sunrise Calendar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojepfklcankkmikonjlnidiooanmpbb [2015-08-22]
CHR Extension: (My Cloud Player) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjhlpinelhnncgfpgfekddidnbnaab [2015-07-25]
CHR Extension: (Save to Pocket) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-07-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Trend Micro Password Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg [2016-06-27]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-07-02]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\afgbccjghcnbcdjgogpckamibfkceahd [2016-07-12]
OPR Extension: (Atavi bookmarks) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bihjdnaakmmjplhilkgboobdhpihklib [2015-10-04]
OPR Extension: (Browse++) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopdhnignaicgifmnocnpamikdhdpcne [2015-10-04]
OPR Extension: (TabHamster) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\flaibmngbecjljogddbgojfenfcneanb [2016-06-26]
OPR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjcfmfokccpieoonenflmcacfbdhbdck [2016-05-30]
OPR Extension: (Pocket (formerly Read It Later)) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\hedlhkdmdlcjhiblbmfggdiaeekblnoi [2015-10-04]
OPR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibonkoolioojccgfdgkbicfcfpldoobn [2015-10-04]
OPR Extension: (Clearly) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\mallmmeebeojpflmiolfchfcgbjflklc [2015-10-04]
OPR Extension: (Raindrop.io - Smart Bookmarks) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\nccmjelmbbbhcddoflopnicllmjknnmk [2015-10-04]
OPR Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-07-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-03] (Dropbox, Inc.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593664 2015-06-19] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [950200 2016-05-24] (Bitdefender)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3196768 2015-09-25] (Samsung Electronics CO., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-07-02] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-07-02] (Bitdefender)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-06-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 PwmSvc; "C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe" [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1623536 2016-03-18] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [842152 2016-03-18] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-07-02] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2015-01-13] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 cmnxusbser; C:\Windows\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [299816 2016-07-02] (Bitdefender)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel Corporation)
S3 kbfilter; C:\Windows\system32\DRIVERS\kbfilter.sys [67408 2015-01-29] (Trend Micro Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3351520 2014-07-02] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-30] (Windows ® Win 7 DDK provider)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [788696 2014-12-23] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [376024 2014-12-26] (Realsil Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2015-01-13] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-07-02] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 SBIOSIO; \??\C:\Users\User\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-26 20:47 - 2016-07-26 20:47 - 00071891 _____ C:\Users\User\Downloads\Addition.txt
2016-07-26 20:46 - 2016-07-26 20:50 - 00046589 _____ C:\Users\User\Downloads\FRST.txt
2016-07-26 20:45 - 2016-07-26 20:45 - 02394112 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2016-07-23 15:19 - 2016-07-23 15:22 - 524288000 _____ C:\Users\User\Downloads\Masters of Dating Inner Circle.part02.rar
2016-07-23 15:19 - 2016-07-23 15:22 - 524288000 _____ C:\Users\User\Downloads\Masters of Dating Inner Circle.part01.rar
2016-07-23 15:15 - 2016-07-23 15:18 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part24.rar
2016-07-23 15:15 - 2016-07-23 15:15 - 89508526 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part25.rar
2016-07-23 14:00 - 2016-07-23 14:06 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part22.rar
2016-07-23 14:00 - 2016-07-23 14:05 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part23.rar
2016-07-23 14:00 - 2016-07-23 14:04 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part21.rar
2016-07-23 12:34 - 2016-07-23 12:41 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part20.rar
2016-07-23 12:34 - 2016-07-23 12:40 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part19.rar
2016-07-23 12:34 - 2016-07-23 12:40 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part17.rar
2016-07-23 12:34 - 2016-07-23 12:39 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part18.rar
2016-07-23 12:11 - 2016-07-23 12:19 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part14.rar
2016-07-23 12:11 - 2016-07-23 12:18 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part15.rar
2016-07-23 12:11 - 2016-07-23 12:18 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part13.rar
2016-07-23 12:11 - 2016-07-23 12:15 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part16.rar
2016-07-23 11:57 - 2016-07-23 12:03 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part12.rar
2016-07-23 11:57 - 2016-07-23 12:03 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part10.rar
2016-07-23 11:57 - 2016-07-23 12:01 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part11.rar
2016-07-23 11:56 - 2016-07-23 12:02 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part09.rar
2016-07-23 11:22 - 2016-07-23 11:34 - 37344125 _____ C:\Users\User\Downloads\Carly Parker Puma Swede - 4 Tits 2 Clits Your Dick - BigBoobsPOV.zip
2016-07-23 11:05 - 2016-07-23 11:12 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part05.rar
2016-07-23 11:05 - 2016-07-23 11:11 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part08.rar
2016-07-23 11:05 - 2016-07-23 11:11 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part06.rar
2016-07-23 11:05 - 2016-07-23 11:10 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part07.rar
2016-07-23 10:56 - 2016-07-23 11:03 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part04.rar
2016-07-23 10:56 - 2016-07-23 11:02 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part01.rar
2016-07-23 10:56 - 2016-07-23 11:01 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part02.rar
2016-07-23 10:56 - 2016-07-23 11:00 - 524288000 _____ C:\Users\User\Downloads\David Tian - Limitless 2.0.part03.rar
2016-07-23 10:31 - 2016-07-23 12:15 - 190522445 _____ C:\Users\User\Downloads\Ca.Xu.Pow.So.Sk.part2.rar
2016-07-23 02:57 - 2016-07-23 07:42 - 524288000 _____ C:\Users\User\Downloads\Ca.Xu.Pow.So.Sk.part1.rar
2016-07-23 02:56 - 2016-07-23 02:59 - 524288000 _____ C:\Users\User\Downloads\Ha.Th.Fa.Ap.part2.rar
2016-07-23 02:56 - 2016-07-23 02:59 - 524288000 _____ C:\Users\User\Downloads\Ha.Th.Fa.Ap.part1.rar
2016-07-23 02:56 - 2016-07-23 02:56 - 47943241 _____ C:\Users\User\Downloads\Ha.Th.Fa.Ap.part3.rar
2016-07-23 02:40 - 2016-07-23 02:46 - 524288000 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part6.rar
2016-07-23 02:40 - 2016-07-23 02:46 - 524288000 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part5.rar
2016-07-23 02:40 - 2016-07-23 02:45 - 466788151 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part7.rar
2016-07-23 02:35 - 2016-07-23 02:42 - 524288000 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part3.rar
2016-07-23 02:35 - 2016-07-23 02:42 - 524288000 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part2.rar
2016-07-23 02:35 - 2016-07-23 02:40 - 524288000 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part4.rar
2016-07-23 02:34 - 2016-07-23 02:40 - 524288000 _____ C:\Users\User\Downloads\DD_Conversation Guide For Men.part1.rar
2016-07-23 02:05 - 2016-07-23 02:33 - 00000000 ____D C:\Users\User\Downloads\Tyler - H0tsit At H0me
2016-07-23 02:04 - 2016-07-23 02:05 - 320512174 _____ C:\Users\User\Downloads\Conversational Power 2014.part5.rar
2016-07-23 01:53 - 2016-07-23 02:00 - 524288000 _____ C:\Users\User\Downloads\Conversational Power 2014.part2.rar
2016-07-23 01:53 - 2016-07-23 01:59 - 524288000 _____ C:\Users\User\Downloads\Conversational Power 2014.part4.rar
2016-07-23 01:53 - 2016-07-23 01:59 - 524288000 _____ C:\Users\User\Downloads\Conversational Power 2014.part1.rar
2016-07-23 01:53 - 2016-07-23 01:58 - 524288000 _____ C:\Users\User\Downloads\Conversational Power 2014.part3.rar
2016-07-23 01:48 - 2016-07-23 01:55 - 524288000 _____ C:\Users\User\Downloads\My-Hi.Gu.An.St.part1.rar
2016-07-23 01:48 - 2016-07-23 01:53 - 504583669 _____ C:\Users\User\Downloads\My-Hi.Gu.An.St.part3.rar
2016-07-23 01:48 - 2016-07-23 01:51 - 524288000 _____ C:\Users\User\Downloads\My-Hi.Gu.An.St.part2.rar
2016-07-23 01:44 - 2016-07-23 01:44 - 45655297 _____ C:\Users\User\Downloads\Tinsanity - The Ultimate Tinder Seduction System-G_P.rar
2016-07-22 21:40 - 2016-07-22 21:49 - 524288000 _____ C:\Users\User\Downloads\Nick Savoy Love Systems - Relationship Management-G
[email protected]
2016-07-22 21:40 - 2016-07-22 21:48 - 524288000 _____ C:\Users\User\Downloads\Nick Savoy Love Systems - Relationship Management-G
[email protected]
2016-07-22 21:40 - 2016-07-22 21:47 - 524288000 _____ C:\Users\User\Downloads\Nick Savoy Love Systems - Relationship Management-G
[email protected]
2016-07-22 21:40 - 2016-07-22 21:42 - 374541510 _____ C:\Users\User\Downloads\Nick Savoy Love Systems - Relationship Management-G
[email protected]
2016-07-22 00:28 - 2016-07-23 01:57 - 524288000 _____ C:\Users\User\Downloads\Tyler - H0tsit At H0me.part19.rar
2016-07-21 23:54 - 2016-06-15 13:39 - 00000000 ____D C:\Users\User\Downloads\Spectre (2015) 480p 2ch BRRip AAC x264 - [GeekRG]
2016-07-21 12:32 - 2015-07-22 15:10 - 00000000 ____D C:\Users\User\Downloads\Shift
2016-07-21 12:31 - 2016-07-23 01:51 - 00000000 ____D C:\Users\User\Downloads\P Tr-D Ga-e
2016-07-21 06:03 - 2016-07-21 06:08 - 191007573 _____ C:\Users\User\Downloads\Angela Duckworth - Grit The Power of Passion and Perseverance.rar
2016-07-21 04:36 - 2016-07-21 04:36 - 00000000 ____D C:\WINDOWS\EOONotify
2016-07-20 21:49 - 2016-07-17 03:10 - 00000000 ____D C:\Users\User\Downloads\3GAD - Full
2016-07-20 21:03 - 2015-05-25 07:20 - 00000000 ____D C:\Users\User\Downloads\3GAD
2016-07-20 21:02 - 2016-07-20 21:02 - 00000000 ____D C:\Users\User\Downloads\hy0kj.Jeff.Allen..Execute.The.Program..The.ShyAwkward.Girl
2016-07-20 21:01 - 2015-05-16 13:16 - 00000000 ____D C:\Users\User\Downloads\Foundations-
2016-07-20 17:54 - 2015-04-17 10:10 - 00000000 ____D C:\Users\User\Downloads\Execute The Program - RSD Jeffy
2016-07-20 17:49 - 2016-07-10 07:34 - 00000000 ____D C:\Users\User\Downloads\Da.ga-Ge.Ge.Gi
2016-07-20 06:05 - 2016-07-20 07:16 - 351131417 _____ C:\Users\User\Downloads\215644585ches2565.mp4
2016-07-20 06:04 - 2016-07-20 09:56 - 709943031 _____ C:\Users\User\Downloads\578Eeciahaa.mp4
2016-07-20 06:04 - 2016-07-20 06:23 - 55678750 _____ C:\Users\User\Downloads\Kianna_Dior_Kianna's_xmas_[bleep].mp4
2016-07-20 05:57 - 2016-07-20 06:40 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part10.rar
2016-07-20 01:31 - 2016-07-20 02:17 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part09 (1).rar
2016-07-19 20:34 - 2016-07-19 21:22 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part09.rar
2016-07-19 20:32 - 2016-07-20 00:56 - 474464256 _____ C:\Users\User\Downloads\Unconfirmed 941085.crdownload
2016-07-19 13:14 - 2016-07-19 13:58 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part08.rar
2016-07-19 05:41 - 2016-07-19 06:26 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part07.rar
2016-07-18 17:19 - 2016-07-18 18:04 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part06 (1).rar
2016-07-18 05:59 - 2016-07-18 06:43 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part06.rar
2016-07-18 00:43 - 2016-07-18 01:27 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part05.rar
2016-07-17 20:27 - 2016-07-17 21:13 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part04.rar
2016-07-17 12:18 - 2016-07-17 12:18 - 00001115 _____ C:\Users\User\Downloads\Unconfirmed 604055.crdownload
2016-07-17 12:15 - 2016-07-17 13:05 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part03 (1).rar
2016-07-17 12:11 - 2016-07-17 12:11 - 00000000 ____D C:\Users\User\Downloads\jeff.Allen..Execute.The.Program..The.ShyAwkward.Girl
2016-07-17 12:08 - 2016-07-17 12:08 - 00328045 _____ C:\Users\User\Downloads\Mahou Senshi Louie Rune Soldier 2001 E D (2).torrent
2016-07-17 12:08 - 2016-07-17 12:08 - 00328045 _____ C:\Users\User\Downloads\Mahou Senshi Louie Rune Soldier 2001 E D (1).torrent
2016-07-17 12:08 - 2016-07-17 12:08 - 00021883 _____ C:\Users\User\Downloads\Muv Luv Alternative Total Eclipse 2012 Exiled Destiny Dual Audio (1).torrent
2016-07-17 09:05 - 2016-07-17 09:05 - 00328045 _____ C:\Users\User\Downloads\Mahou Senshi Louie Rune Soldier 2001 E D.torrent
2016-07-17 09:05 - 2016-07-17 09:05 - 00023481 _____ C:\Users\User\Downloads\Mamoru kun ni Megami no Shukufuku wo 2006 GrimRipper 10 bit.torrent
2016-07-17 09:05 - 2016-07-17 09:05 - 00021883 _____ C:\Users\User\Downloads\Muv Luv Alternative Total Eclipse 2012 Exiled Destiny Dual Audio.torrent
2016-07-17 09:04 - 2016-07-17 09:04 - 00028374 _____ C:\Users\User\Downloads\Hikari to Mizu no Daphne 2004 Tipota Dual Audio.torrent
2016-07-17 08:58 - 2016-07-17 08:58 - 00198651 _____ C:\Users\User\Downloads\Bleach 2004 HorribleSubs SD 480p HD 720p (2).torrent
2016-07-17 08:44 - 2016-07-17 08:44 - 00198651 _____ C:\Users\User\Downloads\Bleach 2004 HorribleSubs SD 480p HD 720p (1).torrent
2016-07-17 08:39 - 2016-07-17 09:25 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part03.rar
2016-07-17 08:30 - 2016-07-17 08:30 - 00198651 _____ C:\Users\User\Downloads\Bleach 2004 HorribleSubs SD 480p HD 720p.torrent
2016-07-17 02:14 - 2016-07-17 03:00 - 1073741826 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part02.rar
2016-07-16 21:22 - 2016-07-16 22:08 - 1073741860 _____ C:\Users\User\Downloads\kd0xz.R.S.D.E.T.P.J.A.part01.rar
2016-07-16 21:21 - 2016-07-16 21:22 - 00002575 _____ C:\Users\User\Downloads\Unconfirmed 723572.crdownload
2016-07-16 20:14 - 2016-07-20 21:02 - 00000000 ____D C:\Users\User\Downloads\LS Social Circle Mastery
2016-07-15 21:11 - 2016-07-15 21:21 - 124825802 _____ C:\Users\User\Downloads\kianna578978.rar
2016-07-14 13:17 - 2016-07-14 13:45 - 86857402 _____ C:\Users\User\Downloads\Hitomi sco 27.zip
2016-07-14 13:17 - 2016-07-14 13:37 - 63706225 _____ C:\Users\User\Downloads\sr326.rar
2016-07-14 06:08 - 2016-07-14 06:37 - 260660843 _____ C:\Users\User\Downloads\LAFRN.rar
2016-07-14 06:08 - 2016-07-14 06:30 - 68104693 _____ C:\Users\User\Downloads\Hitomi sco 23.zip
2016-07-14 06:08 - 2016-07-14 06:12 - 13446808 _____ C:\Users\User\Downloads\Sha Rizel - The Brunette in Red.zip
2016-07-13 13:01 - 2016-07-13 13:37 - 332648240 _____ C:\Users\User\Downloads\Msrt_BBTGCOT_sd (1).rar
2016-07-13 12:58 - 2016-07-13 13:12 - 26140565 _____ C:\Users\User\Downloads\Hitomi Knee Socks Nude 66 pix.zip
2016-07-13 06:33 - 2016-05-25 09:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-07-13 06:33 - 2016-05-25 09:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-07-13 06:33 - 2016-05-25 09:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-13 06:33 - 2016-05-25 09:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-13 06:05 - 2016-07-13 06:50 - 406171132 _____ C:\Users\User\Downloads\MWECEEvEhM.rar
2016-07-13 06:05 - 2016-07-13 06:13 - 25044504 _____ C:\Users\User\Downloads\Hitomi sco 11.zip
2016-07-12 23:59 - 2016-07-13 00:36 - 112440452 _____ C:\Users\User\Downloads\Hitomi sco 24.zip
2016-07-12 19:50 - 2016-07-12 20:03 - 23306226 _____ C:\Users\User\Downloads\Sha Rizel - Tight is Right.zip
2016-07-12 19:48 - 2016-07-12 20:52 - 753561008 _____ C:\Users\User\Downloads\diamond_fo.rar
2016-07-12 19:47 - 2016-07-12 20:13 - 234980853 _____ C:\Users\User\Downloads\SSBOAT.rar
2016-07-12 19:47 - 2016-07-12 19:49 - 18421588 _____ C:\Users\User\Downloads\Hitomi sco 14.zip
2016-07-12 18:21 - 2016-06-25 16:05 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-12 18:21 - 2016-06-25 14:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-12 18:21 - 2016-06-25 12:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-12 18:21 - 2016-06-25 12:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-12 18:21 - 2016-06-25 12:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-12 18:21 - 2016-06-25 12:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-12 18:21 - 2016-06-22 09:48 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-07-12 18:21 - 2016-06-21 14:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-07-12 18:21 - 2016-06-21 10:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-07-12 18:21 - 2016-06-21 09:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-12 18:21 - 2016-06-21 09:48 - 01208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-12 18:21 - 2016-06-21 09:48 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-12 18:21 - 2016-06-21 09:48 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-12 18:21 - 2016-06-21 09:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-12 18:21 - 2016-06-21 09:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 18:21 - 2016-06-21 09:48 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-12 18:21 - 2016-06-11 15:45 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-12 18:21 - 2016-06-11 14:14 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-12 18:21 - 2016-06-11 14:11 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-12 18:21 - 2016-06-11 13:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-07-12 18:21 - 2016-06-11 13:22 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-12 18:21 - 2016-06-11 13:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-07-12 18:21 - 2016-06-11 13:13 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-12 18:21 - 2016-06-11 13:12 - 20348928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-12 18:21 - 2016-06-11 13:07 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-07-12 18:21 - 2016-06-11 13:00 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-12 18:21 - 2016-06-11 12:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-12 18:21 - 2016-06-11 12:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-07-12 18:21 - 2016-06-11 12:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-07-12 18:21 - 2016-06-11 12:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-12 18:21 - 2016-06-11 12:31 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-12 18:21 - 2016-06-11 12:31 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-12 18:21 - 2016-06-11 12:30 - 15409664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-12 18:21 - 2016-06-11 12:29 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-12 18:21 - 2016-06-11 12:15 - 13806080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-12 18:21 - 2016-06-11 12:12 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-12 18:21 - 2016-06-11 11:59 - 02392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-12 18:21 - 2016-06-11 11:56 - 01315840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-12 18:21 - 2016-06-11 11:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-12 18:21 - 2016-01-30 15:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-07-12 18:21 - 2016-01-30 15:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-07-12 18:21 - 2016-01-30 14:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-12 18:21 - 2016-01-30 14:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-07-12 18:21 - 2016-01-30 13:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-07-12 18:21 - 2016-01-30 13:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-07-12 18:20 - 2016-06-11 13:56 - 25812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-12 18:20 - 2016-06-11 13:42 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-12 18:20 - 2016-06-11 13:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-07-12 18:20 - 2016-06-11 13:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-07-12 18:20 - 2016-06-11 13:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-12 18:20 - 2016-06-11 13:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-07-12 18:20 - 2016-06-11 13:03 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-12 18:20 - 2016-06-11 13:01 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-07-12 18:20 - 2016-06-11 13:00 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-07-12 18:20 - 2016-06-11 12:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-12 18:20 - 2016-06-11 12:31 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-07-12 18:20 - 2016-06-11 12:26 - 02869248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-12 18:20 - 2016-06-11 12:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-12 18:20 - 2016-06-10 17:35 - 04167680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-07-12 13:30 - 2016-07-12 23:27 - 1100991838 _____ C:\Users\User\Downloads\570PhoenixMarie.rar
2016-07-12 13:27 - 2016-07-12 14:07 - 364173066 _____ C:\Users\User\Downloads\sh.rar
2016-07-12 13:26 - 2016-07-12 13:29 - 22987857 _____ C:\Users\User\Downloads\Hitomi sco 16.zip
2016-07-12 05:56 - 2016-07-12 09:11 - 601259111 _____ C:\Users\User\Downloads\G7QDzvYyS.rar
2016-07-12 00:52 - 2016-07-12 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-12 00:09 - 2016-07-12 00:12 - 23203708 _____ C:\Users\User\Downloads\Hitomi Pinup 24.zip
2016-07-12 00:04 - 2016-07-12 00:45 - 495855605 _____ C:\Users\User\Downloads\Ava-Addams-And-Her-Big-Tits-Suck-3-Cocks-At-Gloryhole.rar
2016-07-09 21:29 - 2016-07-12 00:28 - 314697077 _____ C:\Users\User\Downloads\LAINTER.rar
2016-07-09 21:18 - 2016-07-12 00:55 - 219666582 _____ C:\Users\User\Downloads\ck9sujdye4fdsjngh6-8.rar
2016-07-09 21:14 - 2016-07-09 21:16 - 324350025 _____ C:\Users\User\Downloads\li040516an.rar
2016-07-09 20:58 - 2016-07-12 10:42 - 834007040 _____ C:\Users\User\Downloads\Unconfirmed 26002.crdownload
2016-07-09 20:37 - 2016-07-09 20:41 - 39086257 _____ C:\Users\User\Downloads\Hitomi 50s Style 62 pix.zip
2016-07-09 20:33 - 2016-07-09 20:57 - 295384407 _____ C:\Users\User\Downloads\StReS2.rar
2016-07-08 13:40 - 2016-07-08 13:40 - 00016995 _____ C:\Users\User\Downloads\4190721128.Pdf
2016-07-08 13:38 - 2016-07-08 13:38 - 00634649 _____ C:\Users\User\Downloads\4190721128_1.pdf
2016-07-08 06:04 - 2016-07-08 08:08 - 381240535 _____ C:\Users\User\Downloads\1689La_T-P-L-H.rar
2016-07-08 06:03 - 2016-07-08 06:40 - 112421607 _____ C:\Users\User\Downloads\4035z18_T-P-P-D-3213.rar
2016-07-08 01:58 - 2016-07-08 02:02 - 106040919 _____ C:\Users\User\Downloads\2312TeraSpider.rar
2016-07-08 01:57 - 2016-07-08 03:29 - 283068161 _____ C:\Users\User\Downloads\23309_01_big (1).rar
2016-07-08 01:57 - 2016-07-08 02:24 - 283068161 _____ C:\Users\User\Downloads\23309_01_big.rar
2016-07-08 01:56 - 2016-07-08 04:31 - 646789187 _____ C:\Users\User\Downloads\Msrt_BBTGCOT_hd.rar
2016-07-07 05:42 - 2016-07-07 07:21 - 303727250 _____ C:\Users\User\Downloads\4035z55_T-P-P-A-B-F.rar
2016-07-07 05:41 - 2016-07-07 05:43 - 281678302 _____ C:\Users\User\Downloads\te030616pa.rar
2016-07-07 03:01 - 2016-07-07 05:51 - 521211463 _____ C:\Users\User\Downloads\201_040916_333_598 (1).rar
2016-07-07 02:47 - 2016-07-07 04:03 - 321278766 _____ C:\Users\User\Downloads\Pigtails.rar
2016-07-07 02:43 - 2016-07-07 02:54 - 267098306 _____ C:\Users\User\Downloads\3843a_T-P-V-03.rar
2016-07-07 02:25 - 2016-07-07 06:08 - 2693825049 _____ C:\Users\User\Downloads\Puma Swede - Up Her [bleep] #3.rar
2016-07-07 00:18 - 2016-07-07 03:14 - 540508727 _____ C:\Users\User\Downloads\titsktrhrtlsctrs4 (1).rar
2016-07-06 17:29 - 2016-07-06 17:37 - 13816064 _____ C:\Users\User\Downloads\Abbi_Secraa_-_Natural_Boobs_-_Kisses_On_My_Treasures.rar
2016-07-06 17:03 - 2016-07-06 20:59 - 723952020 _____ C:\Users\User\Downloads\5WuRcNnid.rar
2016-07-06 13:00 - 2016-07-06 14:49 - 332648240 _____ C:\Users\User\Downloads\Msrt_BBTGCOT_sd.rar
2016-07-06 12:59 - 2016-07-06 15:55 - 540508727 _____ C:\Users\User\Downloads\titsktrhrtlsctrs4.rar
2016-07-06 06:34 - 2016-07-06 07:17 - 521211463 _____ C:\Users\User\Downloads\201_040916_333_598.rar
2016-07-02 21:43 - 2016-07-02 21:43 - 00000000 ___RD C:\Sandbox
2016-07-02 21:37 - 2016-07-26 20:19 - 00002062 _____ C:\WINDOWS\Sandboxie.ini
2016-07-02 21:37 - 2016-07-22 01:02 - 00001014 _____ C:\Users\User\Desktop\Sandboxed Web Browser.lnk
2016-07-02 21:36 - 2016-07-02 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-07-02 21:36 - 2016-07-02 21:36 - 00000000 ____D C:\Program Files\Sandboxie
2016-07-02 21:32 - 2016-07-02 21:32 - 08969872 _____ (Sandboxie Holdings, LLC) C:\Users\User\Downloads\SandboxieInstall.exe
2016-07-02 21:22 - 2016-07-02 21:22 - 78234541 _____ C:\Users\User\Downloads\Leanne_Crow_-_Sparkle_Hot_Tub_Bikini_2_-_720p.wmv.crdownload
2016-07-02 21:16 - 2016-07-02 21:16 - 00000385 _____ C:\Users\User\AppData\Roaminguser_gensett.xml
2016-07-02 21:16 - 2016-07-02 21:16 - 00000000 ____D C:\Users\User\Documents\My Games
2016-07-02 21:15 - 2016-07-02 21:15 - 823264064 _____ C:\WINDOWS\MEMORY.DMP
2016-07-02 21:15 - 2016-07-02 21:15 - 00294440 _____ C:\WINDOWS\Minidump\070216-6953-01.dmp
2016-07-02 21:15 - 2016-07-02 21:15 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-02 18:02 - 2016-07-02 18:02 - 00002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2016-07-02 18:02 - 2016-07-02 18:02 - 00002140 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2016-07-02 18:02 - 2016-07-02 18:02 - 00000000 ____D C:\Program Files (x86)\Belarc
2016-07-02 17:57 - 2016-07-02 17:57 - 04401648 _____ C:\Users\User\Downloads\advisorinstaller.exe
2016-07-02 17:44 - 2016-07-02 17:44 - 138645264 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2016-07-02 17:39 - 2016-07-02 17:39 - 50716384 _____ (Microsoft Corporation) C:\Users\User\Downloads\Windows-KB890830-x64-V5.37.exe
2016-07-02 15:31 - 2016-07-23 20:16 - 00112412 _____ C:\WINDOWS\ntbtlog.txt
2016-07-02 15:30 - 2016-07-02 15:30 - 00000000 ____D C:\WINDOWS\pss
2016-07-01 01:07 - 2016-07-01 01:07 - 00001134 _____ C:\Users\User\Desktop\ckfiles.txt
2016-07-01 01:05 - 2016-07-01 01:05 - 00468480 _____ () C:\Users\User\Downloads\CKScanner.exe
2016-07-01 01:05 - 2016-07-01 01:05 - 00468480 _____ () C:\Users\User\Desktop\CKScanner.exe
2016-06-29 01:14 - 2016-07-09 20:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-29 01:14 - 2016-06-29 01:14 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-29 01:14 - 2016-06-29 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-29 01:13 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-29 01:13 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-29 01:13 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-29 01:12 - 2016-06-29 01:12 - 00001095 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2016-06-29 01:12 - 2016-06-29 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-06-29 01:12 - 2012-05-02 12:17 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2016-06-29 01:12 - 2009-03-24 13:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2016-06-27 02:29 - 2016-06-27 02:29 - 00405898 _____ C:\ProgramData\1467008746.bdinstall.bin
2016-06-27 02:27 - 2016-06-27 02:27 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-06-27 02:26 - 2016-07-02 15:47 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-06-27 02:26 - 2016-07-02 15:47 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-06-27 02:26 - 2016-06-27 02:42 - 00000000 ____D C:\ProgramData\Bitdefender
2016-06-27 02:26 - 2016-06-27 02:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Bitdefender
2016-06-27 02:26 - 2016-06-27 02:26 - 00003640 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-06-27 02:26 - 2016-06-27 02:26 - 00002217 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-06-27 02:26 - 2016-06-27 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-06-27 02:26 - 2016-06-27 02:26 - 00000000 ____D C:\Program Files\Bitdefender
2016-06-27 02:26 - 2016-03-18 06:58 - 00842152 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-06-27 02:26 - 2016-03-18 06:56 - 01623536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-06-27 02:26 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-06-27 02:26 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-06-27 02:26 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-06-27 02:26 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-06-27 02:25 - 2016-06-27 02:26 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-06-27 02:24 - 2016-07-23 20:16 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-06-26 22:49 - 2016-06-26 22:49 - 13709368 _____ C:\Users\User\Desktop\Bitdefender_2016_UninstallTool.exe
2016-06-26 22:22 - 2016-06-26 18:37 - 00018432 _____ C:\Users\User\Downloads\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage
2016-06-26 22:22 - 2016-06-26 18:37 - 00018432 _____ C:\Users\User\Desktop\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage
2016-06-26 22:22 - 2016-06-26 18:37 - 00000000 _____ C:\Users\User\Downloads\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal
2016-06-26 22:22 - 2016-06-26 18:37 - 00000000 _____ C:\Users\User\Desktop\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal
2016-06-26 22:11 - 2016-06-26 22:11 - 00001093 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-06-26 22:11 - 2016-06-26 22:11 - 00000000 ____D C:\Users\User\AppData\Local\VS Revo Group
2016-06-26 22:11 - 2016-06-26 22:11 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-06-26 22:11 - 2016-06-26 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-06-26 22:11 - 2016-06-26 22:11 - 00000000 ____D C:\Program Files\VS Revo Group
2016-06-26 22:11 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-06-26 22:10 - 2016-06-26 22:10 - 11374528 _____ (VS Revo Group ) C:\Users\User\Desktop\RevoUninProSetup.exe
2016-06-26 21:01 - 2016-06-26 21:01 - 00251392 _____ C:\Users\User\Desktop\hijackthis_sfx.exe
2016-06-26 20:01 - 2016-06-26 20:02 - 15850936 _____ (Trend Micro Inc. ) C:\Users\User\Desktop\Ti_100_win_en_Tool_UninstallTool_hfb0001.exe
2016-06-26 19:25 - 2016-06-03 13:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-26 19:25 - 2016-05-18 19:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-26 19:25 - 2016-05-18 16:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-26 19:25 - 2016-05-18 01:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-26 19:25 - 2016-05-18 01:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-26 19:25 - 2016-05-16 17:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-26 19:25 - 2016-05-16 17:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-26 19:25 - 2016-05-16 17:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-26 19:25 - 2016-05-16 17:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-26 19:25 - 2016-05-14 16:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-26 19:25 - 2016-05-14 16:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-26 19:25 - 2016-05-13 19:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-26 19:25 - 2016-05-13 19:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-26 19:25 - 2016-05-13 19:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-26 19:25 - 2016-05-13 19:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-26 19:25 - 2016-05-13 19:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-26 19:25 - 2016-05-13 18:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-26 19:25 - 2016-05-13 18:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-26 19:25 - 2016-05-13 17:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-26 19:25 - 2016-05-13 17:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-26 19:25 - 2016-05-13 17:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-26 19:25 - 2016-05-13 17:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-26 19:25 - 2016-05-13 17:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-26 19:25 - 2016-05-12 14:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-26 19:25 - 2016-05-12 13:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-26 19:25 - 2016-05-12 12:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-26 19:25 - 2016-05-12 12:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-26 19:25 - 2016-05-12 12:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-26 19:25 - 2016-05-12 11:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-26 19:25 - 2016-05-12 11:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-26 19:25 - 2016-05-12 11:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-26 19:25 - 2016-05-09 17:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-26 19:25 - 2016-05-09 16:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-26 19:25 - 2016-05-09 16:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-26 19:25 - 2016-05-09 16:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-26 19:25 - 2016-05-06 11:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-26 19:25 - 2016-05-06 11:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-26 19:25 - 2016-04-14 11:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-26 19:25 - 2016-04-14 11:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-26 19:25 - 2016-04-12 11:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-26 19:25 - 2016-04-12 11:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-26 19:25 - 2016-01-31 15:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-26 19:25 - 2016-01-31 14:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-26 19:25 - 2016-01-31 13:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-26 19:25 - 2016-01-31 13:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-26 17:59 - 2016-06-29 01:13 - 00000000 ____D C:\ProgramData\TEMP
2016-06-26 17:58 - 2016-06-29 01:12 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-06-26 16:54 - 2016-06-26 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2016-06-26 16:54 - 2016-06-26 16:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-26 16:54 - 2016-06-26 16:54 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-06-26 16:51 - 2016-06-26 16:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-06-26 16:13 - 2016-06-26 19:13 - 00000000 ____D C:\Program Files\HitmanPro
2016-06-26 16:13 - 2016-06-26 16:45 - 00000000 ____D C:\ProgramData\HitmanPro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-26 20:51 - 2015-10-03 20:46 - 00000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-26 20:51 - 2015-10-03 20:46 - 00000912 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-26 20:50 - 2016-06-25 12:58 - 00000000 ____D C:\FRST
2016-07-26 20:41 - 2015-07-25 22:10 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198864589-2716103951-1576274748-1001UA.job
2016-07-26 20:33 - 2013-08-22 11:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-07-26 20:32 - 2015-03-28 14:57 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-07-26 20:32 - 2015-03-21 18:22 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4198864589-2716103951-1576274748-1001
2016-07-26 20:29 - 2015-03-28 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2016-07-26 20:29 - 2015-03-28 19:47 - 00000000 ____D C:\Program Files\Adobe
2016-07-26 20:29 - 2015-03-21 10:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-26 20:28 - 2015-03-21 10:48 - 00000000 ____D C:\ProgramData\Adobe
2016-07-26 20:27 - 2015-03-28 19:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-07-26 20:26 - 2015-03-28 20:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-07-26 20:25 - 2015-05-02 10:19 - 00000000 ____D C:\ProgramData\Origin
2016-07-26 20:25 - 2015-03-29 18:41 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-26 20:24 - 2014-03-18 06:03 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-26 20:24 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-26 20:23 - 2015-10-04 22:59 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-26 20:19 - 2015-10-03 13:24 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2016-07-26 20:19 - 2015-03-21 10:47 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2016-07-23 20:16 - 2016-04-21 01:37 - 00000000 ____D C:\Users\User\.rainlendar2
2016-07-23 20:16 - 2015-11-15 17:15 - 00000091 _____ C:\HaxLogs.txt
2016-07-23 20:16 - 2015-07-19 09:48 - 00000000 ____D C:\Users\User\OneDrive
2016-07-23 20:16 - 2015-07-18 11:59 - 00000000 ___RD C:\Users\User\Google Drive
2016-07-23 20:16 - 2015-04-03 21:49 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-23 20:16 - 2015-03-29 18:41 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-23 20:16 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-23 20:16 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-23 20:15 - 2016-06-25 01:29 - 00004706 _____ C:\bdlog.txt
2016-07-23 20:15 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-23 20:14 - 2015-08-23 12:54 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-07-23 20:06 - 2016-01-11 06:25 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-23 19:50 - 2015-11-13 23:59 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-23 06:41 - 2015-07-25 22:10 - 00000864 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198864589-2716103951-1576274748-1001Core.job
2016-07-23 02:34 - 2015-03-21 18:16 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2016-07-21 23:55 - 2015-04-14 21:44 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-07-21 04:36 - 2015-04-11 09:32 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-07-21 04:36 - 2015-04-11 09:32 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-07-21 04:36 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-20 19:43 - 2015-07-25 21:31 - 00000000 ____D C:\Users\User\AppData\Local\MEGAsync
2016-07-17 05:08 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2016-07-16 18:25 - 2013-08-22 10:44 - 05102992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-16 18:24 - 2015-04-16 01:01 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-16 18:24 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-13 06:39 - 2015-03-21 10:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 06:34 - 2015-03-21 10:24 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-13 06:33 - 2014-03-18 05:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 01:06 - 2016-01-11 06:25 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-07-13 01:06 - 2015-11-13 23:59 - 00003848 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-13 01:06 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-13 01:06 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-12 19:56 - 2015-07-25 09:58 - 00000000 ____D C:\Users\User\AppData\Roaming\KeePass
2016-07-12 03:30 - 2015-03-21 10:51 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-12 00:52 - 2015-10-03 20:46 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-08 01:49 - 2015-08-22 09:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Stardock
2016-07-02 20:34 - 2015-07-19 11:54 - 00000000 ____D C:\Users\User\Incomplete
2016-07-02 20:23 - 2015-03-29 18:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2016-07-02 20:22 - 2015-07-18 14:10 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
2016-07-02 00:29 - 2013-08-22 11:38 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 00:29 - 2013-08-22 11:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-29 01:14 - 2016-06-25 01:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-29 01:13 - 2015-03-21 10:31 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-06-29 01:12 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-06-28 21:25 - 2015-03-29 18:42 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-28 21:25 - 2015-03-29 18:42 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-27 06:03 - 2015-04-19 20:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-06-26 22:51 - 2016-04-24 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2016-06-26 22:50 - 2016-06-18 11:36 - 00000000 ____D C:\ProgramData\BDLogging
2016-06-26 21:01 - 2015-03-21 18:16 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2016-06-26 20:19 - 2015-03-21 10:30 - 00000000 ____D C:\ProgramData\Trend Micro
2016-06-26 20:12 - 2015-03-21 10:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-26 20:12 - 2015-03-21 10:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-26 20:03 - 2015-12-19 06:41 - 00000000 ____D C:\Users\User\AppData\Local\Trend Micro
2016-06-26 19:44 - 2015-03-21 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-26 19:14 - 2016-06-24 22:14 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-26 19:14 - 2015-08-23 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2016-06-26 19:14 - 2015-08-23 12:37 - 00000000 ____D C:\Program Files\AutoHotkey
2016-06-26 19:14 - 2015-03-21 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager
2016-06-26 19:13 - 2016-06-25 13:19 - 00000000 ____D C:\Users\User\AppData\Temp
2016-06-26 19:13 - 2016-06-25 01:25 - 00000000 ____D C:\AdwCleaner
2016-06-26 19:13 - 2016-04-21 01:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Rainmeter
2016-06-26 19:13 - 2016-04-21 01:30 - 00000000 ____D C:\Program Files\Rainmeter
2016-06-26 19:13 - 2016-01-31 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-26 19:13 - 2016-01-31 15:25 - 00000000 ____D C:\Program Files\iTunes
2016-06-26 19:13 - 2016-01-31 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-26 19:13 - 2016-01-31 15:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-06-26 19:13 - 2016-01-31 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-06-26 19:13 - 2015-10-03 22:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Launchy
2016-06-26 19:13 - 2015-09-13 02:30 - 00000000 ____D C:\Users\User\AppData\Local\JDownloader v2.0
2016-06-26 19:13 - 2015-08-08 18:46 - 00000000 ____D C:\ProgramData\Apple Computer
2016-06-26 19:13 - 2015-08-08 18:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-26 19:13 - 2015-08-04 21:29 - 00000000 ____D C:\ProgramData\FitbitConnect
2016-06-26 19:13 - 2015-07-19 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-06-26 19:13 - 2015-07-19 13:52 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-06-26 19:13 - 2015-04-04 21:09 - 00000000 ____D C:\Program Files (x86)\PdaNet for Android
2016-06-26 19:13 - 2015-01-13 20:00 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-06-26 19:13 - 2014-03-18 05:45 - 00000000 ____D C:\WINDOWS\ShellNew
2016-06-26 19:13 - 2013-08-22 11:36 - 00000000 __RSD C:\WINDOWS\Media
2016-06-26 19:13 - 2013-08-22 11:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-06-26 19:13 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SystemResources
2016-06-26 19:13 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-26 19:13 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\Globalization
2016-06-26 19:13 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-26 19:13 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-26 19:12 - 2013-08-22 11:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-26 19:09 - 2016-01-31 15:25 - 00000000 ____D C:\Program Files\iPod
2016-06-26 19:09 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\registration
==================== Files in the root of some directories =======
2015-10-30 20:47 - 2015-10-30 20:47 - 0000000 _____ () C:\Users\User\AppData\Roaming\Stardockfences_debug_snapshot.dat
2015-03-21 10:30 - 2015-03-21 10:30 - 0000036 _____ () C:\Users\User\AppData\Local\housecall.guid.cache
2015-09-06 05:37 - 2015-09-06 05:37 - 0000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2015-04-22 21:23 - 2016-03-21 11:59 - 0000010 _____ () C:\Users\User\AppData\Local\sponge.last.runtime.cache
2016-06-27 02:29 - 2016-06-27 02:29 - 0405898 _____ () C:\ProgramData\1467008746.bdinstall.bin
2016-03-02 19:35 - 2016-03-02 19:35 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-18 14:14 - 2015-07-18 14:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-08 02:06 - 2015-04-08 02:10 - 0000839 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\User\AppData\Local\Temp\OfficeSetup.exe
C:\Users\User\AppData\Local\Temp\proxy_vole8658733503972905890.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-15 05:00
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2016
Ran by User (2016-07-26 20:51:05)
Running from C:\Users\User\Downloads
Windows 8.1 (Update) (X64) (2015-03-21 22:56:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4198864589-2716103951-1576274748-500 - Administrator - Disabled)
Guest (S-1-5-21-4198864589-2716103951-1576274748-501 - Limited - Disabled)
User (S-1-5-21-4198864589-2716103951-1576274748-1001 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
4K Stogram 1.9 (HKLM-x32\...\4K Stogram_is1) (Version: 1.9.5.964 - Open Media LLC)
5600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\Amazon Kindle) (Version: - Amazon)
AMD Catalyst Install Manager (HKLM\...\{9043E92C-183C-7633-0237-96CE00F5C909}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AutoHotkey 1.1.22.04 (HKLM\...\AutoHotkey) (Version: 1.1.22.04 - Lexikos)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Belvedere 0.7.1 (HKLM-x32\...\Belvedere) (Version: 0.7.1 - Lifehacker)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.28.1503 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Renegade (HKLM-x32\...\{97B5E8B9-D5E6-49C4-8CDA-7E096BE2601A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version: - )
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
Evernote v. 6.0.6 (HKLM-x32\...\{FC4A0E2E-0CD3-11E6-B80E-005056951CAD}) (Version: 6.0.6.1769 - Evernote Corp.)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version: - Bethesda Game Studios)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
Free Video Editor version 1.4.15.913 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.15.913 - DVDVideoSoft Ltd.)
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greyfox (HKLM-x32\...\Steam App 341310) (Version: - Lesley Dodd)
hakuneko (HKLM-x32\...\hakuneko_is1) (Version: 1.3.12 - Ronny Wegener <
[email protected]>)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java SE Development Kit 7 Update 80 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170800}) (Version: 1.7.0.800 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 1.29 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.29 - Dominik Reichl)
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version: - Code Jelly)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
MediaInfo 0.7.77 (HKLM\...\MediaInfo) (Version: 0.7.77 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MindMaple Lite 1.71 (HKLM-x32\...\MindMaple_is1) (Version: v1.71 - MindMaple Inc.)
Mp3tag v2.77 (HKLM-x32\...\Mp3tag) (Version: v2.77 - Florian Heidenreich)
Music Manager (HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\...\MusicManager) (Version: - Google, Inc.)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Opera Stable 38.0.2220.29 (HKLM-x32\...\Opera 38.0.2220.29) (Version: 38.0.2220.29 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
P@H-Protocol (HKLM-x32\...\{14F936AB-5D31-410E-A4E2-70AE504712F2}) (Version: 3.0.8.6 - Valassis)
PdaNet+ for Android 4.17 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3.1 r2602 - )
RAW Image Viewer (HKLM-x32\...\{3C867AA0-22EC-4B27-8C60-A354AA37D68C}_is1) (Version: - IdeaMK)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.71 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7055 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
S Agent (Version: 1.1.54 - Samsung Electronics CO., LTD.) Hidden
Samsung Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Samsung Update (HKLM-x32\...\{A9D16B9C-AA6D-4154-80CA-17099A2C308F}) (Version: 2.2.16 - Samsung Electronics CO., LTD.)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scrivener (HKLM-x32\...\Scrivener 1900) (Version: 1900 - Literature and Latte)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.4700 - DTS, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version: - FireFly Studios)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Timelines: Assault on America (HKLM-x32\...\Steam App 234060) (Version: - 4Flash Interactive)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Trend Micro DirectPass (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
VCRT for DirectPass x64 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (x32 Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
WD Drive Utilities (HKLM-x32\...\{22662b08-91e0-4540-bb98-c96f32e09417}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{429a42d7-4c55-44d4-b38a-5872a0d70495}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Security (x32 Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD SmartWare (HKLM\...\{EC54143B-24CC-47D2-AB39-0F5701988BA4}) (Version: 2.1.0.11 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
yabause 0.9.14 (HKLM-x32\...\ (Win64)) (Version: 0.9.14 - Yabause team)
YouTube Free Downloader (HKLM-x32\...\YouTube Free Downloader) (Version: 5.1.1 - YouTubeFreeDownloader)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4198864589-2716103951-1576274748-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {075DC3FD-7238-4EE4-B215-7ECF89863935} - System32\Tasks\RtHDVBg_SRSSA => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-09-26] (Realtek Semiconductor)
Task: {0FF80CF3-2AF1-4B45-9E45-A125DF65F19D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {25C85F87-9EF5-418C-87EE-AD7E2C91AE8B} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2015-06-19] (Samsung Electronics CO., LTD.)
Task: {2E294BF5-2603-4A3B-AD0E-93829C48E191} - System32\Tasks\Opera scheduled Autoupdate 1444013975 => C:\Program Files (x86)\Opera\launcher.exe [2016-06-07] (Opera Software)
Task: {3BB22E2C-F9DC-4803-B9AB-5613D231FB55} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-07-08] (Microsoft Corporation)
Task: {3F513832-55FE-47DA-9702-572DC96DCED1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {429CF09C-723F-42FC-A45A-2C09F74DB553} - System32\Tasks\HP AR Program Upload - 75cdb0c8122b498e8722a385a83650eb63077291aa7843a0b8ed9de84109eebd => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {535004F3-16FF-4247-BDC3-309BA51CE063} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-03] (Dropbox, Inc.)
Task: {5475AAF9-451A-4821-9C95-D87FCC6D4393} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {5A44E4C5-B24E-4E4B-BA1A-35A8AC41F88B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {62A4E0C1-96E3-40DA-8CE9-881F10395844} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {790D56F9-0CD5-463D-8348-A558CCA94A3F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-30] (Realtek Semiconductor)
Task: {7C07F944-072E-4595-8985-4B977CE939A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {7C1A1085-8BA3-47A7-BF67-5DFB2037A8F0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {8620A148-7B32-4EA0-8039-028D209C7788} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {A2810CA7-D116-4F08-BEED-EB66BC4531D0} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-04-18] (Bitdefender)
Task: {A3CB9429-D737-4C32-A9AA-F57B33D23E4D} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-08-05] (Samsung Electronics CO., LTD.)
Task: {B6B109B1-951D-4ACD-9DE1-DB14219FB374} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4198864589-2716103951-1576274748-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-25] (Google Inc.)
Task: {CCED6FF9-1B2D-40A7-B4FF-B0D6CB436C06} - System32\Tasks\Trend Micro Inspect of Platinum => C:\Program Files\Trend Micro\Titanium\plugin\Pt\win32\Inspect\Inspect.exe
Task: {CE7A0655-6322-49C8-BC86-12191AA6AFC0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {DD468263-DED3-42A2-B08E-EB64699E4A72} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {DD71A3BE-213C-4ADD-9F32-C81D5A5CC7F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {E12B607E-7623-4265-B327-D637D6917828} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4198864589-2716103951-1576274748-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-25] (Google Inc.)
Task: {E96F221F-4BD2-4F57-B348-283CAE846979} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-18] (Microsoft Corporation)
Task: {EF9E8AE5-3AF0-4901-8DAF-D544C8D30716} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-03] (Dropbox, Inc.)
Task: {F276E8E4-1873-4B56-A90F-9201E9D709AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {FF7C8F50-DA6D-47CF-85F2-E2B256A11DC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-18] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198864589-2716103951-1576274748-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198864589-2716103951-1576274748-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ad.Block Pro.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jafeimghomcdjobocjhkolakbihggbak
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Adblock Pro.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jjecmbfimjajmfodkcbomajpjfalkncg
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Box for Chrome OS Beta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dikonaebkejmpbpcnnmfaeopkaenicgf
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Fair AdBlock App (by STANDS).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Habitual.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bblicfmcdjkhhnafcogoldjiihbnjili
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\LINE.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=menkifleemblimdogmoihpfopnplikde
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sunrise Calendar.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mojepfklcankkmikonjlnidiooanmpbb
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TickTick - Todo & Task List.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=eempgbpnkjnacmilmobpbhbfpdjdcpgd
==================== Loaded Modules (Whitelisted) ==============
2016-06-27 02:26 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-06-27 02:26 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-06-27 02:26 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-06-27 02:26 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-06-27 02:26 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-04-22 01:07 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2016-07-26 20:31 - 2016-05-24 12:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-01 10:13 - 2016-07-20 19:42 - 00592384 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll
2014-10-01 22:54 - 2014-10-01 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-13 07:57 - 2015-11-13 07:57 - 02739240 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2015-10-03 22:16 - 2010-11-10 19:38 - 00380928 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
2015-04-04 21:09 - 2015-01-02 10:19 - 01054520 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
2016-03-18 16:10 - 2016-03-18 16:10 - 00037008 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2016-03-18 16:10 - 2016-03-18 16:10 - 01410192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2016-03-18 16:08 - 2016-03-18 16:08 - 00233472 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2016-03-18 16:08 - 2016-03-18 16:08 - 00108544 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2016-03-18 16:08 - 2016-03-18 16:08 - 00612864 _____ () C:\Program Files\Rainmeter\Plugins\NowPlaying.DLL
2016-03-18 16:08 - 2016-03-18 16:08 - 00123392 _____ () C:\Program Files\Rainmeter\Plugins\WifiStatus.DLL
2016-03-18 16:08 - 2016-03-18 16:08 - 00134656 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2016-03-18 16:08 - 2016-03-18 16:08 - 00114176 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.DLL
2015-08-05 16:32 - 2015-08-05 16:32 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-03-29 21:51 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 01272128 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00111936 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsAPI.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2015-04-03 21:59 - 2016-04-29 16:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-03 21:59 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-03 21:59 - 2016-07-08 21:06 - 02317904 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-03 21:59 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-03 21:59 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-03 21:59 - 2016-02-08 19:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-03 21:59 - 2016-02-08 19:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-03 21:59 - 2016-02-08 19:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-03 21:59 - 2016-02-08 19:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-03 21:59 - 2016-02-08 19:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-03 21:59 - 2016-07-08 21:06 - 00829520 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-12 14:18 - 2016-07-06 18:00 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-07-23 20:16 - 2016-07-23 20:16 - 00098816 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32api.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00110080 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\pywintypes27.dll
2016-07-23 20:16 - 2016-07-23 20:16 - 00364544 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\pythoncom27.dll
2016-07-23 20:16 - 2016-07-23 20:16 - 00320512 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32com.shell.shell.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00776704 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_hashlib.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 01176576 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._core_.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00806400 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._gdi_.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00816128 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._windows_.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 01067008 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._controls_.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00733184 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._misc_.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00682496 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\pysqlite2._sqlite.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00088064 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_ctypes.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00119808 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32file.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00108544 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32security.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00007168 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\hashobjs_ext.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00017920 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\thumbnails_ext.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00088064 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\usb_ext.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00012288 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\common.time34.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00018432 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32event.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00167936 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32gui.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00046080 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_socket.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 01208320 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_ssl.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00128512 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_elementtree.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00127488 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\pyexpat.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00038912 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32inet.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00036864 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_psutil_windows.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00525208 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\windows._lib_cacheinvalidation.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00011264 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32crypt.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00077312 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._html2.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00027136 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_multiprocessing.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00020480 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\_yappi.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00035840 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32process.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00686080 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\unicodedata.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00078848 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._animate.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00123392 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\wx._wizard.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00024064 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32pipe.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00010240 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\select.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00025600 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32pdh.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00017408 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32profile.pyd
2016-07-23 20:16 - 2016-07-23 20:16 - 00022528 ____R () C:\Users\User\AppData\Local\Temp\_MEI64602\win32ts.pyd
2016-07-26 20:31 - 2016-05-24 11:21 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-05-01 10:15 - 2016-07-20 19:42 - 00564224 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll
2016-06-28 21:25 - 2016-06-23 11:08 - 01747784 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll
2016-06-28 21:25 - 2016-06-23 11:07 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll
2015-11-17 13:44 - 2015-11-17 13:44 - 00117248 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-11-17 13:45 - 2015-11-17 13:45 - 00234496 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-11-17 13:45 - 2015-11-17 13:45 - 00253440 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-11-17 13:44 - 2015-11-17 13:44 - 00344064 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2015-04-03 21:59 - 2016-06-14 15:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-08-14 02:31 - 2015-08-14 02:31 - 00252928 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-08-14 02:31 - 2015-08-14 02:31 - 00051200 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2014-05-04 06:48 - 2014-05-04 06:48 - 00197632 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 07:57 - 2015-11-13 07:57 - 00068136 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-05-04 06:49 - 2014-05-04 06:49 - 00027648 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2015-10-03 22:16 - 2009-12-16 22:13 - 08314880 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
2015-10-03 22:16 - 2009-12-16 21:56 - 00712704 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
2015-10-03 22:16 - 2009-12-16 21:54 - 02236416 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
2015-10-03 22:16 - 2009-12-17 00:18 - 00233472 _____ () C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2015-10-03 22:16 - 2010-11-10 19:39 - 00081920 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
2015-10-03 22:16 - 2010-11-10 19:39 - 00090112 _____ () C:\Program Files (x86)\Launchy\plugins\controly.dll
2015-10-03 22:16 - 2010-11-10 19:38 - 00024064 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2015-10-03 22:16 - 2010-11-10 19:38 - 00094208 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
2015-10-03 22:16 - 2010-11-10 19:38 - 00057344 _____ () C:\Program Files (x86)\Launchy\plugins\verby.dll
2015-10-03 22:16 - 2010-11-10 19:38 - 00122880 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
2016-04-27 18:48 - 2016-04-27 18:48 - 00439480 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2016-04-27 18:48 - 2016-04-27 18:48 - 00321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2016-07-20 19:35 - 2016-07-20 19:35 - 00482304 _____ () C:\Users\User\AppData\Local\MEGAsync\libsodium.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00111936 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2015-06-19 14:55 - 2015-06-19 14:55 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-07-18 14:13 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-02-26 06:38 - 2016-02-26 06:38 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
AlternateDataStreams: C:\Users\User\Desktop\CKScanner.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\advisorinstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\CKScanner.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\msert.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\SandboxieInstall.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Windows-KB890830-x64-V5.37.exe:BDU [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2016-07-23 20:16 - 00001028 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4198864589-2716103951-1576274748-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CABB33D8-1FCD-42BA-B336-1CE5FFC073F1}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{F6B19AEB-BD9D-425F-8819-27FC29FCAFE6}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{736A78F3-80CD-456B-B925-09539B3655C8}] => (Allow) LPort=7935
FirewallRules: [{982FFABF-FCE5-41AD-835B-EF85A13B9B3B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D5CDD5A1-0605-42B0-823D-3ECFBA641F92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7F53DCFB-7051-4C25-8F82-20F7B199F1B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2A62B2F-D503-4D00-AA0F-383983F444D7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{54402180-1452-4B8F-845E-6467A8E6B364}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E9193CE5-9A17-4391-A1F8-CCA0F7F230BD}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{36D37D79-05E1-46DE-A593-34BAE69801A4}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{179041BC-5FEC-4F90-B3FE-6AC6E24E50D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{130767D1-65B9-4776-86D0-BD81A179F0FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{C8BFFDCA-7B1C-440B-A028-2767A65E8CDE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E717D2B4-3489-4A40-9DB9-F692A6A615B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{03B5A5E3-A064-4A72-8A9F-767958275A9D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{35319969-72F4-417E-9720-02062097D799}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F0B6ACD2-A7B7-462D-87B0-A85853464E21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{694C792C-B077-48F8-852E-BAD10274C153}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5070BDDF-C8A5-4768-BB1A-8A6AECCA5FE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{7597B646-D1A0-4587-8CCA-AC31224BCC01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{67B3A109-8E2B-4263-8175-215FDD5850B0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{47990F7C-46D8-4B94-B6AA-D5B15F3F4C57}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{CF5E8D49-A561-41F8-8A9D-FAAEA6FDB864}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{E3B06554-4DBC-40F2-AE1C-88DB7A28C720}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{C556A13A-8ED4-4EEC-80AD-998BDCC80824}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B6B0A453-2E73-4703-B7FD-D653EC54A661}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{ED96D959-D000-4137-8159-793B0F2F334F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F75C214C-E067-47BC-BAB4-2A104C8775B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{13967C7A-C63A-4E45-9EE3-40FC11CD6AF5}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{92BCFA27-C510-4E21-A9C7-0E42D73C16FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{61BB684B-4E4F-49AA-900F-292A1D56D225}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{3B450AE6-5A3F-4265-A8B8-827573CCABE7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{99235222-8555-4C00-BE29-06432B2819C2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{4B9BA2FF-BE0B-4C27-B070-F4263525E243}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{0E51C795-FE96-43FE-B403-B4914EE0DEE9}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{A0B7B5D1-FE0A-4C61-ADFC-C32379F7AA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{1C5C55B6-3FFB-4CA1-836C-0C9B186E1B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{1652C2C7-19A1-4D82-8B6D-8CAF902515E8}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{8F8E57CB-776A-45BA-86DE-0F4FE6B84B7C}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{22D7558B-16FB-4E2C-AF65-EFBA581476CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{FB806AFA-6919-4CC3-A28C-394302D7A03F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{D6EB9020-B307-4F16-A013-5D229658CDF7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{C17E3488-1CDA-4F38-920E-D957CDF76552}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{9EB16BCC-522A-4F75-BDE3-80C2A145CFD1}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{C17D00A7-C09B-492F-BF14-51902BA94A42}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{8356CCCA-54D3-4493-87BA-7E490C18ECF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{77C76D66-D349-4EA6-9C47-A6C178AFE087}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{F980FF1D-C909-46EB-9FE3-C67183F18803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{BCEED949-A4E5-4564-AF2F-0207A223CD7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{C52C9060-2BF3-4B5C-8EAE-93261470F8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Timelines - Assault on America\bin\rts_game.exe
FirewallRules: [{98D774D3-FAD5-4342-9DA2-8A068E2707A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Timelines - Assault on America\bin\rts_game.exe
FirewallRules: [{08C1B68F-B000-4543-92F1-B97D5FC98015}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Greyfox\Game.exe
FirewallRules: [{AB4081F3-BE5D-41AF-B936-BCE18C9D2FD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Greyfox\Game.exe
FirewallRules: [TCP Query User{7993BBAD-C55F-4EC7-BCD0-90538C1B60DA}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{64BD55ED-BAF6-4793-A6BC-4A42086EF7E8}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{BB512CC1-4717-4070-9353-5C5BB4674F21}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{2FE6D90C-8E4C-42C7-9843-50EF21E425EF}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{E4FE137A-2A77-4107-A353-B345A33655CD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B390D2B0-0B1B-4C24-A622-18C7FDDE70DF}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{D1BB29B6-B404-4338-B46D-2FF46A9E9FD5}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{B51086CB-5654-4AAB-8CD2-D8E6E5268CDE}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{9398795E-E03A-4B2B-846F-811970DC9839}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{8366FF16-9CAC-458F-A4D2-30C73E6A6573}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{C6C1B4C8-D855-4717-AF9B-F23155384FF8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4792FBAD-08EC-4303-BB2D-6DAF147FD2E8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C5AF1F96-A817-46E1-8B6A-06DC31C91268}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{EE7C22B7-9CE4-447C-A076-273CE41F8237}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{0CE07A4B-D64E-4E68-A8E2-910FD086663B}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{1DAFFDB9-3CF1-49F3-A312-D8BD4F3A2FCC}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{3B77540E-47F6-405E-A6DD-02DD2A7FC561}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{5E0081DE-6CFF-464E-AE77-F0A8AF9CF002}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{01D071AE-FA47-41F5-920E-93220C56387A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{69AF852F-3C66-43B7-88C4-BCC79C940A60}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{63727F5A-6279-4803-B0D1-D8DC2A813459}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{893EED2B-17E2-43E9-8736-7F1F69C72C90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B766DA41-2FD7-4C1A-8B1A-66097EF30B4F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4C979610-563D-41A8-9DDC-EA720B78AAF9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{C8CB2046-F30D-43C6-9C57-5E1FCEC9B3BE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{2EB180C7-458E-4DAA-9DEA-F34493EDACC2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{6AB71123-DD39-466F-86AC-CDDFF880ECF0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{4B8A8C4D-AE82-42AE-8A9B-4A83465ECAC7}] => (Allow) LPort=5357
FirewallRules: [{77165EAF-48FC-43DC-866D-57AA5D082AD9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{1204E166-ADBD-43F5-BF52-9EABA61352A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Greyfox\EQLauncher.exe
FirewallRules: [{D8B0FE0D-34EC-43BF-9E88-CC51EF6C6293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Greyfox\EQLauncher.exe
FirewallRules: [TCP Query User{88A6C140-0567-43F0-9063-EC62F3DC56B5}C:\program files\yabause 0.9.14\yabause.exe] => (Allow) C:\program files\yabause 0.9.14\yabause.exe
FirewallRules: [UDP Query User{4327292A-FB73-4A51-81C7-3FEA0477DB72}C:\program files\yabause 0.9.14\yabause.exe] => (Allow) C:\program files\yabause 0.9.14\yabause.exe
FirewallRules: [TCP Query User{63EB4D4F-0025-4A6F-95B3-529FC123074E}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{3DED8A12-04F9-4D50-801A-9D078ABF9239}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{31CECA32-5328-4B77-90D0-32E60E40C648}C:\users\user\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [UDP Query User{DDD4C9EF-0289-4DBF-85E4-7B9BE5DED0A9}C:\users\user\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [TCP Query User{74DE2B4E-EC70-41BF-8868-7D7980657559}C:\users\user\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [UDP Query User{5A5A5ECB-5D14-4204-A698-031AC7E085D5}C:\users\user\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [{64930374-D5C0-45E5-A191-C5D9F1AA35BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2DC73037-0A83-4637-857B-7C799170FEB8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
07-07-2016 04:13:18 Scheduled Checkpoint
13-07-2016 06:32:34 Windows Update
21-07-2016 04:36:14 Windows Update
26-07-2016 20:50:04 Removed Digital Coupon Printer
==================== Faulty Device Manager Devices =============
Name: HP Officejet Pro 8610
Description: HP Officejet Pro 8610
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/26/2016 08:33:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SWMAgent.exe, version: 2.2.2.4, time stamp: 0x56045dfb
Faulting module name: SWMAgent.exe, version: 2.2.2.4, time stamp: 0x56045dfb
Exception code: 0xc0000409
Fault offset: 0x001fffac
Faulting process id: 0xbb4
Faulting application start time: 0xSWMAgent.exe0
Faulting application path: SWMAgent.exe1
Faulting module path: SWMAgent.exe2
Report Id: SWMAgent.exe3
Faulting package full name: SWMAgent.exe4
Faulting package-relative application ID: SWMAgent.exe5
Error: (07/26/2016 08:19:40 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (07/23/2016 08:15:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EasySettingsCmdServer.exe, version: 0.0.0.0, time stamp: 0x5583ba20
Faulting module name: EasySettingsBase.dll, version: 0.0.0.0, time stamp: 0x5583ba08
Exception code: 0xc0000005
Fault offset: 0x0000ce77
Faulting process id: 0x4148
Faulting application start time: 0xEasySettingsCmdServer.exe0
Faulting application path: EasySettingsCmdServer.exe1
Faulting module path: EasySettingsCmdServer.exe2
Report Id: EasySettingsCmdServer.exe3
Faulting package full name: EasySettingsCmdServer.exe4
Faulting package-relative application ID: EasySettingsCmdServer.exe5
Error: (07/23/2016 01:33:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18407, time stamp: 0x578254e8
Faulting module name: RPCRT4.dll, version: 6.3.9600.18292, time stamp: 0x56fca3f6
Exception code: 0xc0000005
Fault offset: 0x0000000000014262
Faulting process id: 0x1fe8
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
Faulting package full name: GWXUX.exe4
Faulting package-relative application ID: GWXUX.exe5
Error: (07/21/2016 12:30:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Camera.exe version 6.3.9600.17418 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 3fcc
Start Time: 01d1e36d26e5f463
Termination Time: 8
Application Path: C:\Windows\Camera\Camera.exe
Report Id: 6fe05de2-4f60-11e6-bea1-1867b022fa4e
Faulting package full name: Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: Microsoft.Camera
Error: (07/21/2016 04:36:25 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (07/20/2016 09:45:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18345, time stamp: 0x573de6e7
Faulting module name: RPCRT4.dll, version: 6.3.9600.18292, time stamp: 0x56fca3f6
Exception code: 0xc0000005
Fault offset: 0x0000000000012006
Faulting process id: 0x3c68
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
Faulting package full name: GWXUX.exe4
Faulting package-relative application ID: GWXUX.exe5
Error: (07/20/2016 04:16:50 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (07/19/2016 09:09:16 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (07/16/2016 07:49:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SWMAgent.exe, version: 2.2.2.4, time stamp: 0x56045dfb
Faulting module name: SWMAgent.exe, version: 2.2.2.4, time stamp: 0x56045dfb
Exception code: 0xc0000409
Fault offset: 0x001fffac
Faulting process id: 0xb54
Faulting application start time: 0xSWMAgent.exe0
Faulting application path: SWMAgent.exe1
Faulting module path: SWMAgent.exe2
Report Id: SWMAgent.exe3
Faulting package full name: SWMAgent.exe4
Faulting package-relative application ID: SWMAgent.exe5
System errors:
=============
Error: (07/26/2016 08:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SW Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/26/2016 08:19:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SWUpdateService service.
Error: (07/26/2016 08:19:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SWUpdateService service.
Error: (07/23/2016 08:16:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SWUpdateService service.
Error: (07/23/2016 08:16:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Trend Micro Password Manager Central Control Service service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (07/23/2016 08:15:44 PM) (Source: DCOM) (EventID: 10010) (User: OWNER)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/23/2016 08:15:44 PM) (Source: DCOM) (EventID: 10010) (User: OWNER)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/18/2016 06:50:24 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: G:\Device\HarddiskVolume72
Error: (07/17/2016 08:42:23 AM) (Source: DCOM) (EventID: 10010) (User: OWNER)
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
Error: (07/17/2016 08:41:32 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume G:.
A corruption was found in a file system index structure. The file reference number is 0x100000001d985. The name of the file is "\New Downloads\[HorribleSubs] Bleach (Batch) [480p] [720p]". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
CodeIntegrity:
===================================
Date: 2016-06-26 22:10:26.326
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:26.125
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:25.923
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:25.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:25.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:25.088
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:24.879
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:24.647
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:03.681
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-26 22:10:03.405
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 8078.8 MB
Available physical RAM: 3870.51 MB
Total Virtual: 17294.8 MB
Available Virtual: 12694 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.25 GB) (Free:50.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================