Good Morning Zep516 / Joe,
Thanks for taking the time to help me with this.
Here are the requested logs:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 7/21/2016
Scan Time: 7:36 AM
Logfile: Malewarebytes.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.07.21.02
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Audio User
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 404518
Time Elapsed: 47 min, 26 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Disabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 3
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\cf627cc21998a6aea76d89ac9ad27c5d, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\08efbe9474e1fe7b601e25a480263b34, , [d6d069bde8b2e551a76eae471ce7aa56],
Files: 18
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\cf627cc21998a6aea76d89ac9ad27c5d\2B37EAB0C6B5B44D6336C15C64CF213D.ICO, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\cf627cc21998a6aea76d89ac9ad27c5d\7d7780326e915509eaa5c84d9199e445.ico, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\cf627cc21998a6aea76d89ac9ad27c5d\8cca5707a9dd2e6953d8b7ef274768fd.ico, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\05e396e333c81db8fe38b598aa9d6081.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\1df1eede81be06ca9901ffb227bedd72.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\2b37eab0c6b5b44d6336c15c64cf213d.ico, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\37d522958db3fa39ec3bea694cf516b0.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\3d2b93ccaf9037d89dd1e2de4c250b91.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\4f8c888a28369b10018fca3f3d082720.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\584b00d422fa250792ba936705a15048, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\8f4fa13039de76c61a80976393094d9a.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\9df7daeacee27f702cced5c33ff4014b.exe, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\ac94164273b49c58c0bad3fc6feb773b, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\dc23c7a24c6f29a668d251d65fd47b3f.cfg, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\dc23c7a24c6f29a668d251d65fd47b3f.inf, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\dc23c7a24c6f29a668d251d65fd47b3f.sys, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\08efbe9474e1fe7b601e25a480263b34\nkjiyk.dll, , [d6d069bde8b2e551a76eae471ce7aa56],
PUP.Optional.Wajam.Gen, C:\Program Files\5d9d84290ff2d5103c42bfd35c28f35d\08efbe9474e1fe7b601e25a480263b34\ryvrlh.dll, , [d6d069bde8b2e551a76eae471ce7aa56],
Physical Sectors: 0
(No malicious items detected)
(end)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by Audio User (administrator) on AUDIOUSER-PC (21-07-2016 08:33:47)
Running from C:\FRST
Loaded Profiles: Audio User (Available Profiles: Audio User & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cucusoft, Inc.) C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys
() C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
() C:\Program Files (x86)\HughesNet Status Meter\HughesNet Status Meter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Users\Audio User\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlsInterface.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\SysWOW64\PSIService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Corel, Inc.) C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Corel, Inc.) C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\MediaCataloger.exe
() C:\Users\Audio User\Downloads\Incredimail\IncrediMailSetup.exe
(IncrediMail ) C:\Users\Audio User\AppData\Local\Temp\IM_B8B5.tmp\IncrediMailSetup_en.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\System32\Spool\drivers\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\Run: [HughesNetStatusMeter] => C:\Program Files (x86)\HughesNet Status Meter\HughesNet Status Meter.exe [233472 2015-01-28] ()
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ADVENT~1.SCR
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 67.142.172.20 8.8.8.8 8.8.4.4
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{1151463B-E31E-4485-BA27-2DBA8FB7D88C}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{38909CD8-DB01-4FA6-9635-A91098A84D91}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{38909CD8-DB01-4FA6-9635-A91098A84D91}: [DhcpNameServer] 67.142.172.20 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{D9A51A99-C084-470B-BBD0-F93A951A34FB}: [DhcpNameServer] 67.142.172.20 8.8.8.8 8.8.4.4
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.0.1/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
IE Session Restore: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000 -> is enabled.
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Audio User\AppData\Roaming\Mozilla\Firefox\Profiles\0qa8by4n.default
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-09-20] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: Speed Dial - C:\Users\Audio User\AppData\Roaming\Mozilla\Firefox\Profiles\0qa8by4n.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-07-19]
FF Extension: All Aboard - C:\Users\Audio User\AppData\Roaming\Mozilla\Firefox\Profiles\0qa8by4n.default\Extensions\@all-aboard-v1 [2016-07-19]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
Chrome:
=======
CHR Profile: C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ColorZilla) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-12-24]
CHR Extension: (Kindle Cloud Launcher) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabgeinondjemaplkkcifnplhcbeeiob [2015-01-07]
CHR Extension: (FVDtab speed dial) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cklafljchoobldkimicddpobdpfkckfp [2016-07-19]
CHR Extension: (AdBlock) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-17]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2016-07-19]
CHR Extension: (Ghostify Hide Geo FREE) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaocmnfllndpbbmjmniielgaanaifehp [2016-07-19]
CHR Extension: (Typing Tutor) - C:\Users\Audio User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppodolbmofkadjlohmiofjladlpfked [2015-01-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [oaocmnfllndpbbmjmniielgaanaifehp] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://Google.com/h?eq=U0EeCFZVBB8SRggbdQhcUgtJRxgUcQAITA0SQwAOeQ8MUhQQGAcbdA0BBAxFGA0FIk0FA1oDB0VXfV5bFElXTwhuL0tdM1wCVFlXM3FNAw=="
OPR Session Restore: -> is enabled.
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 ASTSRV; C:\Windows\SysWOW64\ASTSRV.EXE [57344 2008-05-19] (Nalpeiron Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [255136 2013-06-21] (Cucusoft, Inc.)
R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 Media Center 21 Service; C:\Program Files (x86)\J River\Media Center 21\JRService.exe [399096 2016-03-14] (JRiver, Inc.)
R2 MF NTFS Monitor; C:\Users\Audio User\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456176 2015-04-23] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 nlsInterface; C:\Windows\system32\nlsInterface.exe [72192 2009-04-03] (Nalpeiron Ltd.) [File not signed]
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
S3 MAFW; C:\Windows\System32\DRIVERS\mafw.sys [231944 2009-07-29] (Avid Technology, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] ()
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-04-23] (Windows ® Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S4 NVHDA; no ImagePath
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
U0 tbgaid; C:\Windows\System32\drivers\nlrujllr.sys [79064 2016-07-21] (Malwarebytes)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 08:29 - 2016-07-21 08:30 - 00000000 ____D C:\Users\Audio User\Downloads\GEEKSTOGO LOGS
2016-07-21 08:26 - 2016-07-21 08:26 - 00079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\nlrujllr.sys
2016-07-20 20:36 - 2016-07-21 07:29 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-20 20:36 - 2016-07-20 20:36 - 00001170 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-20 20:36 - 2016-07-20 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-20 20:36 - 2016-07-20 20:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-20 20:36 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-20 20:36 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-20 20:36 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-20 12:07 - 2016-07-21 08:33 - 00000000 ____D C:\FRST
2016-07-20 11:36 - 2016-07-20 11:36 - 00003815 _____ C:\Users\Audio User\Desktop\JRT.txt
2016-07-20 11:31 - 2016-07-20 11:31 - 01610560 _____ (Malwarebytes) C:\Users\Audio User\Downloads\JRT.exe
2016-07-19 11:42 - 2016-07-19 11:42 - 03143496 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Audio User\Downloads\AVG_Protection_Free_1599.exe.part
2016-07-19 11:40 - 2016-07-19 11:40 - 02135856 _____ C:\Users\Audio User\Downloads\Adaware_Installer.exe.part
2016-07-19 10:33 - 2016-07-19 10:40 - 00000000 ____D C:\Users\Audio User\AppData\Local\Mozilla
2016-07-19 10:33 - 2016-07-19 10:34 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Mozilla
2016-07-19 10:33 - 2016-07-19 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-19 10:21 - 2016-07-19 10:23 - 48521840 _____ C:\Users\Audio User\Downloads\Firefox Setup 47.0.1.exe
2016-07-19 10:21 - 2016-07-19 10:21 - 00000000 ____D C:\ProgramData\Lavasoft
2016-07-18 09:06 - 2016-07-19 10:33 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-18 04:02 - 2016-07-18 04:02 - 00149544 _____ C:\Users\Audio User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-18 03:49 - 2016-07-18 03:49 - 00008192 ___SH C:\Users\Audio User\AppData\Roaming\Thumbs.db
2016-07-17 11:22 - 2016-07-17 11:22 - 00000000 ____D C:\Windows\system32\sypd
2016-07-17 11:22 - 2016-07-17 11:22 - 00000000 ____D C:\Windows\system32\jise
2016-07-17 11:16 - 2016-07-17 11:16 - 00002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-17 07:49 - 2016-07-17 07:50 - 00002090 _____ C:\Users\Audio\Local State
2016-07-17 07:42 - 2016-07-17 07:50 - 00000000 ____D C:\Users\Audio\Default
2016-07-17 07:42 - 2016-07-17 07:50 - 00000000 ____D C:\Users\Audio
2016-07-17 07:42 - 2016-07-17 07:49 - 00000000 ____D C:\Users\Audio\ShaderCache
2016-07-16 11:46 - 2016-07-16 11:46 - 00000000 ____D C:\Camouflage
2016-07-14 01:27 - 2016-07-14 01:27 - 20466368 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-13 02:24 - 2016-07-13 02:58 - 00000746 _____ C:\LoadLogTextFormat.txt
2016-07-13 02:22 - 2016-07-13 02:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlphaPlugins
2016-07-13 02:22 - 2004-10-03 17:41 - 00167936 _____ (Panopticum,LLC. Maxim Chernousov, [email protected], [email protected].) C:\Windows\SysWOW64\Engine3D.dll
2016-07-12 05:44 - 2016-07-12 05:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-07-11 16:48 - 2016-07-11 16:48 - 00102559 _____ C:\Windows\4f8c888a28369b10018fca3f3d082720.exe
2016-07-11 16:48 - 2016-07-11 16:48 - 00079952 _____ C:\Windows\system32\Drivers\dc23c7a24c6f29a668d251d65fd47b3f.sys
2016-07-09 21:41 - 2016-05-12 13:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-09 21:41 - 2016-05-12 13:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-09 21:41 - 2016-05-12 13:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-09 21:41 - 2016-05-12 13:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-09 21:41 - 2016-05-12 13:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-09 21:41 - 2016-05-12 13:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-09 21:41 - 2016-05-12 13:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-09 21:41 - 2016-05-12 13:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-09 21:41 - 2016-05-12 11:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-07-09 21:41 - 2016-05-12 11:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-09 21:41 - 2016-05-12 10:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-09 21:41 - 2016-05-12 10:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-09 21:41 - 2016-05-12 10:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-09 21:41 - 2016-05-12 10:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-09 21:41 - 2016-05-12 10:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-09 21:41 - 2016-05-12 10:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-09 21:41 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-09 21:41 - 2016-05-12 10:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-09 21:41 - 2016-05-12 10:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-09 21:41 - 2016-05-12 09:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-09 21:41 - 2016-05-12 09:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-09 21:41 - 2016-05-12 09:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-09 21:38 - 2016-05-18 12:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-09 21:38 - 2016-05-18 12:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-09 21:38 - 2016-05-13 18:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-09 21:38 - 2016-05-13 18:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-09 21:38 - 2016-05-13 18:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-09 21:38 - 2016-05-13 18:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-09 21:38 - 2016-05-13 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-09 21:38 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-09 21:38 - 2016-05-13 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-09 21:38 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-09 21:38 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-09 21:38 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-09 21:38 - 2016-05-12 13:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-09 21:38 - 2016-05-12 13:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-09 21:38 - 2016-05-12 13:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-09 21:38 - 2016-05-12 13:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-09 21:38 - 2016-05-12 13:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-09 21:38 - 2016-05-12 13:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-09 21:38 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-09 21:38 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-09 21:38 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-09 21:38 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-09 21:38 - 2016-05-12 11:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-09 21:38 - 2016-05-11 13:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-09 21:38 - 2016-05-11 13:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-09 21:38 - 2016-05-11 13:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-09 21:38 - 2016-05-11 13:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-09 21:38 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-07-09 21:38 - 2016-05-11 11:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-09 21:38 - 2016-05-11 11:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-09 21:38 - 2016-05-11 11:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-09 21:38 - 2016-05-11 11:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-09 21:38 - 2016-05-11 11:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-09 21:38 - 2016-05-11 10:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-09 21:37 - 2016-05-23 19:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-09 21:37 - 2016-05-23 18:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-09 21:37 - 2016-05-21 13:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-09 21:37 - 2016-05-21 12:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-09 21:37 - 2016-05-20 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-09 21:37 - 2016-05-20 18:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-09 21:37 - 2016-05-20 18:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-09 21:37 - 2016-05-20 18:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-09 21:37 - 2016-05-20 18:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-09 21:37 - 2016-05-20 18:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-09 21:37 - 2016-05-20 18:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-09 21:37 - 2016-05-20 18:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-09 21:37 - 2016-05-20 18:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-09 21:37 - 2016-05-20 18:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-09 21:37 - 2016-05-20 18:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-09 21:37 - 2016-05-20 17:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-09 21:37 - 2016-05-20 17:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-09 21:37 - 2016-05-20 17:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-09 21:37 - 2016-05-20 17:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-09 21:37 - 2016-05-20 17:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-09 21:37 - 2016-05-20 17:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-09 21:37 - 2016-05-20 17:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-09 21:37 - 2016-05-20 17:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-09 21:37 - 2016-05-20 17:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-09 21:37 - 2016-05-20 17:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-09 21:37 - 2016-05-20 17:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-09 21:37 - 2016-05-20 17:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-09 21:37 - 2016-05-20 17:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-09 21:37 - 2016-05-20 17:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-09 21:37 - 2016-05-20 17:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-09 21:37 - 2016-05-20 17:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-09 21:37 - 2016-05-20 17:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-09 21:37 - 2016-05-20 17:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-09 21:37 - 2016-05-20 17:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-09 21:37 - 2016-05-20 17:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-09 21:37 - 2016-05-20 17:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-09 21:37 - 2016-05-20 17:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-09 21:37 - 2016-05-20 17:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-09 21:37 - 2016-05-20 17:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-09 21:37 - 2016-05-20 17:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-09 21:37 - 2016-05-20 17:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-09 21:37 - 2016-05-20 17:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-09 21:37 - 2016-05-20 17:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-09 21:37 - 2016-05-20 17:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-09 21:37 - 2016-05-20 17:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-09 21:37 - 2016-05-20 17:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-09 21:37 - 2016-05-20 17:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-09 21:37 - 2016-05-20 17:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-09 21:37 - 2016-05-20 17:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-09 21:37 - 2016-05-20 17:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-09 21:37 - 2016-05-20 17:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-09 21:37 - 2016-05-20 17:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-09 21:37 - 2016-05-20 17:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-09 21:37 - 2016-05-20 17:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-09 21:37 - 2016-05-20 17:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-09 21:37 - 2016-05-20 17:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-09 21:37 - 2016-05-20 17:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-09 21:37 - 2016-05-20 17:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-09 21:37 - 2016-05-20 17:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-09 21:37 - 2016-05-20 17:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-09 21:37 - 2016-05-20 16:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-09 21:37 - 2016-05-20 16:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-09 21:37 - 2016-05-20 16:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-09 21:37 - 2016-05-20 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-09 21:37 - 2016-05-20 16:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-09 21:37 - 2016-05-20 16:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-09 21:35 - 2016-03-06 14:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-09 21:35 - 2016-03-06 14:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-07-09 21:35 - 2016-03-06 14:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-09 21:35 - 2016-03-06 14:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-07-09 21:35 - 2016-01-06 15:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-07-09 21:35 - 2016-01-06 14:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-07-09 21:35 - 2015-11-13 19:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-07-09 21:35 - 2015-11-13 19:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-07-09 21:35 - 2015-11-13 19:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-07-09 21:35 - 2015-11-13 18:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-07-09 21:35 - 2015-11-13 18:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-07-09 21:35 - 2015-11-13 18:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-07-09 21:34 - 2016-03-17 18:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-09 21:34 - 2016-03-17 18:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-09 21:34 - 2016-02-12 14:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-09 21:34 - 2016-02-12 14:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-09 21:34 - 2016-02-12 14:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-07-09 21:34 - 2016-02-12 14:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-07-09 21:34 - 2016-02-12 14:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-07-09 21:34 - 2016-02-12 14:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-09 21:34 - 2016-02-12 14:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-07-09 21:34 - 2016-02-12 14:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-09 21:34 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-09 21:34 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-09 21:34 - 2016-02-12 14:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-07-09 21:34 - 2016-02-12 14:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-07-09 21:34 - 2016-02-12 14:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-07-09 21:34 - 2016-02-12 14:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-07-09 21:34 - 2016-02-12 14:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-07-09 21:34 - 2016-02-12 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-07-09 21:34 - 2015-11-03 15:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-07-09 21:34 - 2015-11-03 14:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-07-09 21:33 - 2016-04-09 03:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-07-09 21:33 - 2016-04-09 03:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-07-09 21:33 - 2016-04-09 02:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-07-09 21:33 - 2016-03-15 20:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-07-09 21:33 - 2016-03-15 20:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-07-09 21:33 - 2016-03-15 19:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-07-09 21:33 - 2016-02-04 21:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-07-09 21:33 - 2016-02-04 14:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-07-09 21:33 - 2016-02-03 14:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-07-09 21:33 - 2016-02-03 14:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-07-09 21:33 - 2016-02-03 14:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-07-09 21:33 - 2016-02-03 14:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-07-09 21:33 - 2016-02-03 14:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-07-09 21:33 - 2016-01-07 13:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-07-09 21:33 - 2015-12-20 14:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-07-09 21:33 - 2015-12-20 14:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-07-09 21:33 - 2015-12-20 10:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-07-09 21:33 - 2015-11-11 14:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-07-09 21:33 - 2015-11-11 14:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-07-09 21:33 - 2015-11-11 14:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-07-09 21:33 - 2015-11-11 14:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-07-09 21:33 - 2015-11-10 14:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-09 21:33 - 2015-11-10 14:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-09 21:33 - 2015-11-10 14:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-07-09 21:33 - 2015-11-10 14:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-07-09 21:33 - 2015-11-10 14:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-07-09 21:33 - 2015-11-05 15:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-07-09 21:33 - 2015-11-05 15:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-07-09 21:33 - 2015-11-05 05:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-07-09 21:33 - 2015-10-13 12:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-07-09 21:33 - 2015-10-13 12:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-07-09 21:32 - 2016-04-14 09:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-07-09 21:32 - 2016-04-14 09:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-07-09 21:32 - 2016-02-09 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-07-09 21:32 - 2016-01-22 02:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-07-09 21:32 - 2016-01-22 02:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-07-09 21:32 - 2016-01-22 02:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-07-09 21:32 - 2016-01-22 02:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-07-09 21:32 - 2016-01-22 02:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-07-09 21:32 - 2016-01-22 02:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-07-09 21:32 - 2016-01-22 02:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-07-09 21:32 - 2015-12-08 17:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-07-09 21:32 - 2015-12-08 17:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-07-09 21:32 - 2015-12-08 17:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-07-09 21:32 - 2015-12-08 17:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-07-09 21:32 - 2015-12-08 17:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-07-09 21:32 - 2015-12-08 17:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-07-09 21:32 - 2015-12-08 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-07-09 21:32 - 2015-12-08 17:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-07-09 21:32 - 2015-12-08 17:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-07-09 21:32 - 2015-12-08 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-07-09 21:32 - 2015-12-08 15:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-07-09 21:32 - 2015-12-08 15:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-07-09 21:32 - 2015-12-08 15:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-07-09 21:32 - 2015-12-08 15:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-07-09 21:32 - 2015-12-08 15:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-07-09 21:32 - 2015-12-08 15:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-07-09 21:32 - 2015-12-08 14:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-07-09 21:32 - 2015-12-08 14:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-07-09 21:32 - 2015-12-08 14:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-07-09 21:31 - 2016-04-06 11:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-07-09 21:31 - 2016-02-09 05:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-07-09 21:31 - 2016-02-09 05:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-07-09 21:31 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-07-09 21:31 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-07-09 21:31 - 2016-02-09 05:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-07-09 21:31 - 2016-02-09 05:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-07-09 21:31 - 2016-02-09 05:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-07-09 21:31 - 2016-02-09 05:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-07-09 21:31 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-07-09 21:31 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-07-09 21:31 - 2015-11-03 15:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-07-09 21:31 - 2015-11-03 14:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-07-09 21:31 - 2015-10-13 00:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-07-09 21:28 - 2016-04-09 03:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-07-09 21:28 - 2016-04-09 03:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-09 21:28 - 2016-04-09 03:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-07-09 21:28 - 2016-04-09 02:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-07-09 21:28 - 2016-04-09 02:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-07-09 21:28 - 2016-04-09 02:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-07-09 21:28 - 2016-04-09 02:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 02:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 01:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-07-09 21:28 - 2016-04-09 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-07-09 21:28 - 2016-04-09 01:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-07-09 21:28 - 2016-04-09 01:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-07-09 21:28 - 2016-04-09 01:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-07-09 21:28 - 2016-04-09 01:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-07-09 21:28 - 2016-04-09 01:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-07-09 21:28 - 2016-04-09 01:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-07-09 21:28 - 2016-04-09 01:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-07-09 21:28 - 2016-04-09 01:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-07-09 21:28 - 2016-04-09 01:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 01:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-09 21:28 - 2016-04-09 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-09 21:27 - 2016-04-09 00:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-09 21:27 - 2016-04-08 23:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-09 02:51 - 2016-07-09 02:51 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-09 02:27 - 2016-06-29 18:55 - 00000853 _____ C:\Windows\system32\Drivers\etc\hosts.20160709-022745.backup
2016-07-09 02:12 - 2016-07-09 02:12 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-07-09 02:11 - 2016-07-18 09:06 - 00001443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-07-09 02:11 - 2016-07-18 09:05 - 00001431 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-07-09 02:11 - 2016-07-09 02:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-09 02:11 - 2016-07-09 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-07-09 02:11 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-07-08 21:54 - 2016-07-08 21:55 - 00000000 ____D C:\Splat
2016-07-07 23:02 - 2016-07-07 23:02 - 13076440 _____ C:\Users\Audio User\Downloads\IncrediMailSetup.exe
2016-07-05 22:08 - 2016-07-05 22:08 - 00000011 _____ C:\Windows\3DShadow.INI
2016-07-05 21:59 - 2016-07-05 21:59 - 00000000 ____D C:\Program Files (x86)\Lokas
2016-07-05 01:37 - 2016-07-07 20:09 - 00000000 ____D C:\Users\Audio User\AppData\Local\ba75
2016-07-05 01:37 - 2016-07-05 01:37 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\e609
2016-06-30 21:26 - 2016-06-30 21:27 - 00000000 ____D C:\Users\Audio User\Documents\Incredimail
2016-06-29 21:17 - 2016-07-18 09:06 - 00002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2016-06-29 19:01 - 2016-06-30 22:12 - 00000000 ____D C:\Users\Audio User\Documents\CCleaner backups
2016-06-29 18:26 - 2016-06-29 18:26 - 00000000 ____D C:\Program Files\Reason
2016-06-28 20:01 - 2016-06-28 20:01 - 06569088 _____ (Tim Kosse) C:\Users\Audio User\Downloads\FileZilla_3.19.0_win64-setup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 08:02 - 2013-10-12 02:22 - 00000000 ____D C:\Users\Audio User\AppData\Local\Corel
2016-07-21 08:01 - 2015-10-17 23:19 - 00000000 ____D C:\Users\Audio User\Documents\My PSP Files
2016-07-21 08:01 - 2013-10-12 02:22 - 00004704 ___SH C:\Windows\SysWOW64\KGyGaAvL.sys
2016-07-21 07:58 - 2014-03-17 22:56 - 00000000 ____D C:\Program Files (x86)\Trillian
2016-07-21 07:29 - 2015-04-22 06:21 - 00000000 ____D C:\Users\Audio User\Downloads\WEB TOOLS
2016-07-21 07:26 - 2009-07-14 00:45 - 00025872 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-21 07:26 - 2009-07-14 00:45 - 00025872 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-21 07:18 - 2016-02-11 09:09 - 00000000 ____D C:\ProgramData\Kodak
2016-07-21 07:16 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-20 21:01 - 2014-01-17 08:02 - 00000000 ____D C:\Program Files (x86)\IncrediMail
2016-07-20 21:00 - 2014-01-17 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2016-07-20 21:00 - 2014-01-10 00:39 - 00000000 ____D C:\ProgramData\TEMP
2016-07-20 12:37 - 2016-03-28 23:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-20 12:37 - 2016-01-02 21:04 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-20 12:37 - 2016-01-02 21:04 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-20 12:34 - 2014-03-28 18:25 - 00000000 ____D C:\Users\Audio User\AppData\LocalLow\Temp
2016-07-20 11:59 - 2013-11-23 20:55 - 00000000 ____D C:\AdwCleaner
2016-07-19 10:56 - 2015-11-03 02:41 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Professional Edition 9.1
2016-07-19 10:33 - 2016-06-10 01:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-19 10:24 - 2014-06-02 05:32 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Brave Giant
2016-07-19 10:02 - 2014-07-01 04:24 - 00000000 ____D C:\Windows\Evil Pumpkin - The Lost Halloween
2016-07-19 10:02 - 2013-09-20 01:59 - 00000000 ____D C:\Users\Audio User\AppData\Local\Apps\2.0
2016-07-18 09:06 - 2016-04-13 17:12 - 00001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-07-18 09:06 - 2016-04-06 22:12 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filter Forge 4.lnk
2016-07-18 09:06 - 2016-02-02 04:29 - 00002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk
2016-07-18 09:06 - 2016-01-02 21:06 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-18 09:06 - 2015-12-17 08:25 - 00001223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filter Forge 5.lnk
2016-07-18 09:06 - 2015-10-31 03:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-18 09:06 - 2015-09-16 16:25 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 3.0.lnk
2016-07-18 09:06 - 2015-07-14 16:01 - 00002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-07-18 09:06 - 2015-06-12 09:58 - 00000978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Nature Manual.lnk
2016-07-18 09:06 - 2014-02-12 04:25 - 00002665 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EclipsePalette.lnk
2016-07-18 09:06 - 2014-02-01 07:47 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2016-07-18 09:06 - 2014-01-31 23:50 - 00000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xenofex 2 Manual.lnk
2016-07-18 09:06 - 2014-01-30 17:58 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2016-07-18 09:06 - 2014-01-30 17:55 - 00001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
2016-07-18 09:06 - 2014-01-30 17:54 - 00001306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2016-07-18 09:06 - 2014-01-30 17:52 - 00001563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2016-07-18 09:06 - 2014-01-30 17:52 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2016-07-18 09:06 - 2014-01-28 11:41 - 00000944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Impact Manual.lnk
2016-07-18 09:06 - 2014-01-25 21:18 - 00000892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5.0 Textures Manual.lnk
2016-07-18 09:06 - 2014-01-17 11:26 - 00001752 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PowerArchiver.lnk
2016-07-18 09:06 - 2013-09-19 05:49 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-07-18 09:06 - 2013-09-19 05:49 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-07-18 09:06 - 2013-09-19 04:31 - 00002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-07-18 09:06 - 2009-07-14 01:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-07-18 09:06 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-07-18 09:06 - 2009-07-14 00:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-07-18 09:06 - 2009-07-14 00:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-07-18 09:06 - 2009-07-14 00:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-07-18 09:06 - 2009-07-14 00:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-07-18 09:06 - 2009-07-14 00:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-07-18 09:05 - 2016-03-11 06:55 - 00002378 _____ C:\Users\Public\Desktop\Play Living Legends - Bound by Wishes Collectors Edition.lnk
2016-07-18 09:05 - 2016-03-05 05:17 - 00002376 _____ C:\Users\Public\Desktop\Play Myths of the World - Spirit Wolf Collectors Edition.lnk
2016-07-18 09:05 - 2016-02-03 07:10 - 00001118 _____ C:\Users\Audio User\Desktop\AMP Font Viewer.lnk
2016-07-18 09:05 - 2016-01-24 06:26 - 00001465 _____ C:\Users\Audio User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-18 09:05 - 2016-01-20 05:58 - 00002283 _____ C:\Users\Public\Desktop\Play Haunted Hotel - Phoenix Collectors Edition.lnk
2016-07-18 09:05 - 2015-12-06 03:29 - 00002101 _____ C:\Users\Audio User\Desktop\DAZ Install Manager.lnk
2016-07-18 09:05 - 2014-03-30 16:05 - 00001161 _____ C:\Users\Audio User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2016-07-18 05:59 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-07-18 04:48 - 2014-01-27 15:18 - 00000000 ____D C:\Users\Audio User\Documents\ADDRESSES
2016-07-18 04:19 - 2013-11-12 02:19 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2016-07-18 04:14 - 2013-09-20 16:50 - 00000000 ____D C:\Program Files (x86)\Auslogics
2016-07-17 12:37 - 2014-07-09 22:33 - 00000000 ____D C:\Windows\Haunted Hotel 6- Ancient Bane Collector's Edition
2016-07-17 12:05 - 2013-09-26 22:31 - 00000000 ____D C:\Program Files (x86)\J River
2016-07-17 12:03 - 2013-11-12 02:17 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cool VL Viewer
2016-07-17 12:03 - 2013-11-12 02:17 - 00000000 ____D C:\Program Files (x86)\CoolVLViewer-1.26.10
2016-07-17 11:28 - 2013-09-19 04:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\DNSAPI.dll
2016-07-17 11:24 - 2016-03-24 15:28 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForAudio User.job
2016-07-17 11:23 - 2013-09-19 04:18 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-07-17 11:20 - 2015-12-04 05:52 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-07-17 11:16 - 2015-06-16 21:31 - 00000000 ____D C:\Users\Audio User\AppData\Local\CrashDumps
2016-07-17 08:13 - 2015-03-31 16:02 - 00000000 ____D C:\Program Files (x86)\Screen Calipers 4.0
2016-07-17 07:28 - 2013-09-20 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2016-07-17 05:12 - 2009-07-14 00:45 - 05137440 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-16 15:18 - 2016-01-05 18:37 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-16 14:06 - 2015-04-11 22:19 - 00000000 ____D C:\Users\Audio User\Downloads\Font
2016-07-16 12:06 - 2016-01-29 06:31 - 00000000 ____D C:\Users\Audio User\Downloads\Plugins
2016-07-14 01:28 - 2016-01-02 13:49 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 01:28 - 2016-01-02 13:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 02:27 - 2013-09-19 07:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-13 02:27 - 2013-09-19 07:16 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 02:22 - 2013-09-20 13:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-13 00:50 - 2009-07-14 01:13 - 00835878 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-12 05:44 - 2014-07-21 17:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-12 05:44 - 2014-07-21 17:06 - 00000000 ____D C:\ProgramData\Skype
2016-07-12 04:50 - 2015-08-25 00:47 - 00000000 ____D C:\Users\Audio User\Downloads\Incredimail
2016-07-12 04:21 - 2015-10-10 18:08 - 00000000 ____D C:\Users\Audio User\AppData\Local\IM
2016-07-12 03:43 - 2013-09-25 22:17 - 00000000 ____D C:\Users\Audio User\AppData\Local\ElevatedDiagnostics
2016-07-11 22:26 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-07-10 23:55 - 2011-04-12 04:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-10 23:55 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-10 02:50 - 2013-09-19 04:59 - 00000000 ____D C:\Windows\system32\MRT
2016-07-10 02:36 - 2013-09-19 04:59 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-10 02:34 - 2013-09-20 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-10 02:32 - 2013-09-20 11:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-10 02:32 - 2013-09-20 11:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-10 02:19 - 2013-10-24 17:21 - 00812600 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-10 02:00 - 2014-03-29 19:51 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-07-09 21:02 - 2015-04-18 02:02 - 00000000 ____D C:\Users\Audio User\Downloads\Alien Skin
2016-07-09 02:27 - 2009-07-13 22:34 - 00450732 ____R C:\Windows\system32\Drivers\etc\hp.bak
2016-07-09 01:36 - 2013-09-20 11:37 - 00000000 ____D C:\Windows\pss
2016-07-08 22:02 - 2014-01-25 21:13 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Alien Skin
2016-07-07 20:16 - 2015-07-14 15:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-07 00:11 - 2015-11-09 02:08 - 00000000 ____D C:\Users\Audio User\Downloads\Coloring Books
2016-07-06 21:13 - 2015-04-22 04:40 - 00000000 ____D C:\Users\Audio User\Downloads\Photoshop
2016-07-06 20:39 - 2010-11-20 23:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-05 21:59 - 2015-10-11 13:06 - 00044544 ____N C:\Windows\AWuninstall.exe
2016-07-05 21:24 - 2014-01-28 11:41 - 00000000 ____D C:\Alien Skin
2016-07-05 21:24 - 2014-01-25 21:18 - 00000000 ____D C:\Program Files (x86)\Alien Skin
2016-07-05 20:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2016-07-04 00:34 - 2013-09-19 04:32 - 00001945 _____ C:\Windows\epplauncher.mif
2016-07-04 00:33 - 2013-09-19 04:31 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-07-04 00:33 - 2013-09-19 04:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-07-02 23:50 - 2013-09-19 07:17 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Adobe
2016-07-02 21:32 - 2013-10-12 02:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Paint Shop Pro Photo X2
2016-07-02 16:28 - 2016-01-05 17:04 - 00000000 ____D C:\Users\Audio User\Desktop\JES PLUGIN LESSONS
2016-06-30 22:21 - 2016-06-06 00:03 - 00000000 ____D C:\Users\Audio User\Desktop\PLETHORA LESSONS
2016-06-30 21:27 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-29 20:26 - 2016-06-20 02:15 - 00000000 __HDC C:\ProgramData\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
2016-06-29 20:26 - 2016-06-20 02:15 - 00000000 __HDC C:\ProgramData\{63B3AF69-722B-4FA9-965F-94DEB1E78796}
2016-06-29 20:26 - 2016-06-20 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2016-06-29 20:26 - 2016-06-20 02:13 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2016-06-29 20:26 - 2016-02-12 16:21 - 00000000 ____D C:\Users\Audio User\AppData\Local\Eastman_Kodak_Company
2016-06-29 20:26 - 2014-05-25 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Galaxy
2016-06-29 20:26 - 2014-02-20 14:48 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WD Diagnostics
2016-06-29 20:26 - 2013-09-19 03:04 - 00000000 ____D C:\Users\Audio User
2016-06-28 22:14 - 2014-07-10 22:04 - 00000756 _____ C:\Windows\nvrph.ini
2016-06-28 20:04 - 2014-01-21 19:16 - 00000000 ____D C:\Users\Audio User\AppData\Roaming\FileZilla
2016-06-26 10:04 - 2009-07-14 01:08 - 00032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-24 15:01 - 2015-09-25 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PluginsGalaxy
2016-06-21 07:01 - 2014-05-01 20:04 - 00373248 _____ C:\Windows\EyeCand3.INI
==================== Files in the root of some directories =======
2014-08-15 07:01 - 2015-11-09 01:05 - 0000363 _____ () C:\Program Files (x86)\RecentPlaces.lnk
2014-02-12 02:53 - 2015-01-16 14:50 - 0000132 _____ () C:\Users\Audio User\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-07-18 03:49 - 2016-07-18 03:49 - 0008192 ___SH () C:\Users\Audio User\AppData\Roaming\Thumbs.db
2015-04-04 00:13 - 2015-10-10 21:19 - 0004608 _____ () C:\Users\Audio User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-14 10:33 - 2016-03-17 18:10 - 0010374 _____ () C:\Users\Audio User\AppData\Local\installer.log
2013-11-10 06:39 - 2013-11-10 06:39 - 0000080 _____ () C:\Users\Audio User\AppData\Local\X-Plane Installer.prf
2013-11-10 06:37 - 2013-11-10 06:37 - 0000046 _____ () C:\Users\Audio User\AppData\Local\x-plane_install_10.txt
2016-02-22 20:42 - 2016-02-22 20:42 - 0000000 _____ () C:\Users\Audio User\AppData\Local\{E2817094-16B9-441C-A0CA-D72AEC9E0246}
2013-10-06 05:45 - 2016-02-02 04:41 - 0000512 _____ () C:\ProgramData\HPWALog.txt
Some files in TEMP:
====================
C:\Users\Audio User\AppData\Local\Temp\parctmp.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-07 07:12
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2016
Ran by Audio User (2016-07-21 08:35:03)
Running from C:\FRST
Windows 7 Home Premium Service Pack 1 (X64) (2013-09-19 07:04:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2365759274-3180811660-3926093282-500 - Administrator - Disabled)
Audio User (S-1-5-21-2365759274-3180811660-3926093282-1000 - Administrator - Enabled) => C:\Users\Audio User
Guest (S-1-5-21-2365759274-3180811660-3926093282-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2365759274-3180811660-3926093282-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Shadow by Lokas Software (HKLM-x32\...\3D Shadow by Lokas Software) (Version: - )
A Ruler for Windows (HKLM\...\{DCF4C336-18DB-449B-9238-821B7F28B614}_is1) (Version: 2.7 - Latour)
AbstractCurves x64 (HKLM\...\AbstractCurves AbstractCurves x64 1) (Version: 1.190 - AbstractCurves Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
aiofw (x32 Version: 4.2.6.0 - Eastman Kodak Company) Hidden
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 4.2.6.0 - Your Company Name) Hidden
Alien Skin Eye Candy 5 Impact (HKLM-x32\...\EyeCandy5Impact) (Version: - )
Alien Skin Eye Candy 5 Nature (HKLM-x32\...\EyeCandy5Nature) (Version: - )
Alien Skin Eye Candy 5 Textures (HKLM-x32\...\EyeCandy5Textures) (Version: - )
Alien Skin Snap Art 2 (HKLM-x32\...\Snap Art 2) (Version: - )
Alien Skin Snap Art 3 (HKLM\...\Alien Skin Snap Art 3) (Version: - Alien Skin)
Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - )
Amazon Kindle (HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\Amazon Kindle) (Version: - Amazon)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
AmphiSoft plug-in filters DEMO (HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\AmphiSoft plug-in filters DEMO) (Version: 01.22.00.00 - AmphiSoft)
Artistic Effects by Lokas Software (HKLM-x32\...\Artistic Effects by Lokas Software) (Version: - )
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.6.0.0 - Auslogics Software Pty Ltd)
Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 3.5.4.0 - Auslogics Labs Pty Ltd)
Auto FX Free (HKLM\...\{ABE4D060-5260-453F-A742-933194AEB045}) (Version: 2.00.0004 - Auto FX Software)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Bonjour (HKLM\...\{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
center (x32 Version: 5.0.0.0 - Eastman Kodak Company) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.2.10260.0 - Cisco Consumer Products LLC)
CoffeeCup HTML Editor (HKLM-x32\...\CoffeeCup HTML Editor) (Version: - )
Color Efex Pro 3.0 Complete (HKLM-x32\...\Color Efex Pro 3.0 Complete) (Version: 3.1.0.0 - Nik Software, Inc.)
Cool VL Viewer 1.26.12 (HKLM-x32\...\Cool VL Viewer 1.26.12) (Version: 1.26.12.41 - Cool Products)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic for Windows 1.25 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.41) (Version: 1.1.0.41 - DAZ 3D)
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version: - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EclipsePalette (HKLM-x32\...\{889047C6-F781-46AF-8183-04C661155710}) (Version: 2.0.20 - Green Eclipse)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Eye Candy 4000 Demo (HKLM-x32\...\Eye Candy 4000) (Version: - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fear For Sale: Nightmare Cinema (HKLM-x32\...\Fear For Sale: Nightmare Cinema) (Version: 1.0.0.0 - Pogo.com)
Filter Forge 1.009 (HKLM-x32\...\Filter Forge_is1) (Version: - Filter Forge, Inc.)
Filter Forge 4.015 (HKLM-x32\...\Filter Forge 4_is1) (Version: - Filter Forge, Inc.)
Filter Forge 5.007 (HKLM-x32\...\Filter Forge 5_is1) (Version: - Filter Forge, Inc.)
Filter Forge Freepack 2 - Photo Effects 2.013 (HKLM-x32\...\Filter Forge Freepack 2 - Photo Effects_is1) (Version: - Filter Forge, Inc.)
Filter Forge Freepack 4 - Distortions 2.013 (HKLM-x32\...\Filter Forge Freepack 4 - Distortions_is1) (Version: - Filter Forge, Inc.)
FilterMeister 1.0 Beta 8.7 (HKLM-x32\...\FilterMeister_is1) (Version: - AFH Systems)
Filters Unlimited 2.0 (HKLM-x32\...\Filters Unlimited_is1) (Version: - )
FM Patcher 1.01 (HKLM-x32\...\FM Patcher_is1) (Version: - AFH Systems & The Plugin Site)
Fotomatic version 1.4 (HKLM-x32\...\{6022299E-440C-43DA-825F-B58BCCB570B9}_is1) (Version: 1.4 - Cybia)
G-Force (HKLM-x32\...\G-Force) (Version: 5.1.1 - SoundSpectrum)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version: - The Plugin Site)
Haunted Hotel: Phoenix Collector's Edition (HKLM-x32\...\BFG-Haunted Hotel - Phoenix Collectors Edition) (Version: - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM-x32\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
HughesNet Status Meter (HKLM-x32\...\{67939A60-3C84-4556-8427-97793155AEF6}) (Version: 6.2.0 - None provided)
IcePattern 1.2 for Adobe Photoshop (HKLM-x32\...\IcePattern v 1.2. for Adobe Photoshop_is1) (Version: - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
IncrediBackup (HKLM-x32\...\IncrediBackup) (Version: 1.0.0.1087 - IncrediMail Ltd.)
IncrediBackup (x32 Version: 1.0.0.1087 - IncrediMail) Hidden
IncrediMail (x32 Version: 6.6.0.5328 - IncrediMail) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.50.2 - JMicron Technology Corp.)
JRiver Media Center 21 (HKLM-x32\...\Media Center 21) (Version: 21 - JRiver, Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kai's Power Tools 5 (HKLM-x32\...\Kai's Power Tools 5) (Version: - )
KODAK AiO Home Center (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 5.4.6.4 - Eastman Kodak Company)
LightScribe Applications (HKLM-x32\...\{16F5ADDD-6EFD-411A-9013-8DD2C629FE53}) (Version: 1.18.27.10 - LightScribe)
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{8A03241E-7A3C-401D-B0CE-B3096F50AE6F}) (Version: 1.18.27.10 - LightScribe)
Living Legends: Bound by Wishes Collector's Edition (HKLM-x32\...\BFG-Living Legends - Bound by Wishes Collectors Edition) (Version: - )
Mahjong Garden Deluxe (HKLM-x32\...\Mahjong Garden Deluxe) (Version: - Pogo.com)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
M-Audio FireWire Driver 6.0.1 (x64) (HKLM\...\{3C33BA1B-D447-41CF-A228-84DD499F6F61}) (Version: 6.0.1 - M-Audio)
MediaFACE 4.2 (HKLM-x32\...\InstallShield_{9DFCAA7A-9B62-4468-8F91-F68150AA8BAD}) (Version: 4.2 - Fellowes)
MediaFACE 4.2 (x32 Version: 4.2 - Fellowes) Hidden
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.4.29.10845) (Version: 1.4.29.10845 - MediaFire)
MeshLab_64b 1.3.4BETA (HKLM-x32\...\MeshLab_64b) (Version: 1.3.4BETA - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Myths of the World: Spirit Wolf Collector's Edition (HKLM-x32\...\BFG-Myths of the World - Spirit Wolf Collectors Edition) (Version: - )
namesuppressed Plaid Lite (HKLM-x32\...\PlaidLite_5QM) (Version: (v1.20) - namesuppressed)
NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
Path Copy Copy 11.1 (HKLM\...\{3C01F274-867C-4D1D-BE8C-CB488C31B0C9}_is1) (Version: - Charles Lechasseur)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PhotoFreebies 2.03 (Plugin) (HKLM\...\PhotoFreebies 2.03 (Plugin)_is1) (Version: - The Plugin Site)
Plugin Galaxy 1.0 (HKLM-x32\...\Plugin Galaxy 1.0_is1) (Version: - )
Plugin Galaxy 3.01 (Plugin Demo) (HKLM\...\Plugin Galaxy 3.01 (Plugin Demo)_is1) (Version: - The Plugin Site)
PowerArchiver 2015 (HKLM-x32\...\PowerArchiver 2015 15.01.06) (Version: 15.01.06 - ConeXware, Inc.)
PowerArchiver 2015 (x32 Version: 15.01.06 - ConeXware, Inc.) Hidden
PreReq (x32 Version: 6.0.5.2 - Eastman Kodak Company) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Riverpoint Writer (HKLM-x32\...\FF389026-F961-42C5-BACD-B4A3AA73E0F3) (Version: 1.0 - Apollo Group, Inc.)
Singularity (remove only) (HKLM-x32\...\Singularity) (Version: - )
SingularityAlpha (64 bit) (remove only) (HKLM-x32\...\SingularityAlpha (64 bit)) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SP45629 - Intel Chipset Installation Utility (HKLM-x32\...\{7AB416C2-4AEC-4967-A873-E2A3B404E6EC}) (Version: 1.0.0 - Hewlett-Packard International Pte. Ltd.)
Splat! 1.0 (HKLM-x32\...\Splat) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sqirlz Water Reflections (HKLM-x32\...\Sqirlz Water Reflections) (Version: 2.6 - xiberpix)
Stamps.com (HKLM-x32\...\Stamps.com) (Version: - Stamps.com, Inc.)
Stamps.com (x32 Version: 13.3.1.3017 - Stamps.com, Inc.) Hidden
Stamps.com Application Support for Microsoft Word 2000-2013 (x32 Version: 12.2.0.2734 - Stamps.com, Inc.) Hidden
Stamps.com support for Microsoft Word 2000-2013 (HKLM-x32\...\Stamps.com support for Microsoft Word 2000-2013) (Version: - Stamps.com, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
The Legend of Sleepy Hollow: Jar of Marbles III - Free to Play (HKLM-x32\...\BFG-The Legend of Sleepy Hollow - Jar of Marbles III - Free to Play) (Version: - )
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs, LLC)
Topaz Simplify 3 (64-bit) (HKLM-x32\...\Topaz Simplify 3 (64-bit)) (Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Simplify 3 (HKLM-x32\...\Topaz Simplify 3) (Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)
Ulead ArtTexture.Plugin 1.0 (HKLM-x32\...\Ulead ArtTexture.Plugin 1.0) (Version: - )
Ulead GIF-X.Plugin 2.0 (HKLM-x32\...\Ulead GIF-X.Plugin 2.0) (Version: - )
Ulead Particle.Plugin 1.0 (HKLM-x32\...\Ulead Particle.Plugin 1.0) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WikFonts 1.5.1.2 (HKLM-x32\...\WikFonts_1.5.1.2_is1) (Version: 1 - WikMail.com)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Your Uninstaller! 2010 (HKLM-x32\...\YU2010_is1) (Version: 7.0 - URSoft, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {20C32223-3BAC-4209-9ECB-5B3DA9FE6C22} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {4934DE90-72F7-43BD-96E1-83C16DF54E43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6CABEBA4-CE7F-4970-914F-732DDC2E9B8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-06-28] (HP Inc.)
Task: {82CB2FFC-AAB4-4494-AD13-A813CD20318B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {DBFC5F69-9871-4D0B-ABE9-FE5B915C98D9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F3957B62-6ECC-4919-883E-21830E80978F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-06-28] (HP Inc.)
Task: {FA219EF0-3BA8-461B-AEDA-C1267AD4056D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAudio User.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Audio User\AppData\Local\ba75\5e9c.lnk -> C:\Users\Audio User\AppData\Local\ba75\88f9.bat (No File)
Shortcut: C:\Users\Audio User\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.com
==================== Loaded Modules (Whitelisted) ==============
2016-01-25 09:59 - 2015-10-13 13:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-17 10:18 - 2013-07-29 19:38 - 00463360 _____ () C:\Program Files\Path Copy Copy\PCC64.dll
2014-07-28 04:39 - 2011-05-05 16:36 - 00022528 _____ () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
2014-07-28 04:39 - 2011-05-05 16:36 - 01479680 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_x64.dll
2014-07-28 04:39 - 2011-05-05 16:36 - 00977408 _____ () C:\Program Files\DAZ 3D\Content Management Service\VServer_x64.dll
2014-07-28 04:39 - 2011-05-05 16:36 - 01053696 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_ssl_x64.dll
2014-07-28 04:39 - 2011-05-05 16:36 - 00155136 _____ () C:\Program Files\DAZ 3D\Content Management Service\asnmp_x64.dll
2015-01-28 07:38 - 2015-01-28 07:38 - 00233472 _____ () C:\Program Files (x86)\HughesNet Status Meter\HughesNet Status Meter.exe
2015-08-08 17:35 - 2015-04-23 09:47 - 00456176 _____ () C:\Users\Audio User\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2015-10-31 03:21 - 2015-10-31 03:22 - 13078440 _____ () C:\Users\Audio User\Downloads\Incredimail\IncrediMailSetup.exe
2014-04-01 19:38 - 2014-04-01 19:38 - 00802816 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\tide.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 01198592 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoFoundation.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00745472 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\CFLite.dll
2014-04-01 19:38 - 2014-04-01 19:38 - 00059904 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\zlib1.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 01234944 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\libxml2.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00126976 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\libproxy.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00196608 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\app\1.3.1-beta\tideapp.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00290816 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoUtil.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00511488 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoXML.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00098304 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\codec\1.3.1-beta\tidecodec.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00223232 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoZip.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00139264 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\database\1.3.1-beta\tidedatabase.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00294912 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoData.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00570368 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoSQLite.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00180224 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\filesystem\1.3.1-beta\tidefilesystem.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00075776 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\media\1.3.1-beta\tidemedia.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00086016 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\monkey\1.3.1-beta\tidemonkey.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00368640 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\network\1.3.1-beta\tidenetwork.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00642048 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\PocoNet.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00052224 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\platform\1.3.1-beta\tideplatform.dll
2014-04-01 19:37 - 2014-04-01 19:37 - 00688128 _____ () C:\Program Files (x86)\HughesNet Status Meter\runtime\1.3.1-beta\cairo.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00217088 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\process\1.3.1-beta\tideprocess.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00319488 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\ui\1.3.1-beta\tideui.dll
2014-04-01 19:40 - 2014-04-01 19:40 - 00061440 _____ () C:\Program Files (x86)\HughesNet Status Meter\modules\worker\1.3.1-beta\tideworker.dll
2015-06-02 11:18 - 2015-06-02 11:18 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-01-17 10:18 - 2013-07-29 19:39 - 00375808 _____ () C:\Program Files\Path Copy Copy\PCC32.dll
2016-07-09 02:11 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-09 02:11 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-09 02:11 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-09 02:11 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-07-09 02:11 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-10-20 07:53 - 2007-09-13 14:58 - 00292168 _____ () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\PsiClient.dll
2015-12-02 12:58 - 2015-11-16 14:32 - 00919040 _____ () C:\Windows\mod_frst.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:AstInfo [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [176]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-07-20 12:34 - 00450767 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15461 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2365759274-3180811660-3926093282-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: Media Center 19 Service => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ProtexisLicensing => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: vToolbarUpdater14.0.1 => 2
MSCONFIG\startupfolder: C:^Users^Audio User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerReg Scheduler.exe => C:\Windows\pss\PowerReg Scheduler.exe.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Box Edit => C:\Users\Audio User\AppData\Local\Box\Box Edit\Box Edit.exe
MSCONFIG\startupreg: Box Local Com Server => C:\Users\Audio User\AppData\Local\Box\Box Local Com Server\Box Local Com Service.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Corel File Shell Monitor => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
MSCONFIG\startupreg: CucusoftNetGuard => "C:\Program Files\Cucusoft\NetGuard\BandwidthGuard.exe" /boot
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: Facebook Update =>
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: HughesNetStatusMeter => "C:\Program Files (x86)\HughesNet Status Meter\HughesNet Status Meter.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: M-Audio Taskbar Icon => C:\Windows\system32\MAFWTray.exe
MSCONFIG\startupreg: MediaFace Integration => C:\Program Files (x86)\Fellowes\MediaFACE 4.2\SetHook.exe
MSCONFIG\startupreg: MediaFire Tray => "C:\Users\Audio User\AppData\Local\MediaFire Desktop\mf_watch.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{8E3F7B6A-1CFB-4156-AB42-2E25586D4E5F}C:\program files (x86)\singularity\slvoice.exe] => (Allow) C:\program files (x86)\singularity\slvoice.exe
FirewallRules: [UDP Query User{1FD5FE05-28DF-4640-83D4-2376B9413E9A}C:\program files (x86)\singularity\slvoice.exe] => (Allow) C:\program files (x86)\singularity\slvoice.exe
FirewallRules: [{EBD8F952-8071-42CF-A83A-993963D74F8A}] => (Block) C:\program files (x86)\singularity\slvoice.exe
FirewallRules: [{76294E70-7C8F-4F9B-855F-FC4FD9740FFF}] => (Block) C:\program files (x86)\singularity\slvoice.exe
FirewallRules: [TCP Query User{B3FD51A9-5391-49E6-A312-AE0E0132C77A}C:\program files (x86)\soundspectrum\g-force\g-force standalone.x64.exe] => (Allow) C:\program files (x86)\soundspectrum\g-force\g-force standalone.x64.exe
FirewallRules: [UDP Query User{398DCE24-7E59-4F97-99F8-73F10B82DB70}C:\program files (x86)\soundspectrum\g-force\g-force standalone.x64.exe] => (Allow) C:\program files (x86)\soundspectrum\g-force\g-force standalone.x64.exe
FirewallRules: [TCP Query User{0ECA8386-1AD4-4732-91BD-49271DEEA493}C:\program files\singularityalpha\slvoice.exe] => (Allow) C:\program files\singularityalpha\slvoice.exe
FirewallRules: [UDP Query User{DEC97D05-14B7-41EC-BE91-5ED7A5C75776}C:\program files\singularityalpha\slvoice.exe] => (Allow) C:\program files\singularityalpha\slvoice.exe
FirewallRules: [TCP Query User{D0BABFB1-08DC-4599-8CC2-853D5928F122}C:\program files\singularity\slvoice.exe] => (Allow) C:\program files\singularity\slvoice.exe
FirewallRules: [UDP Query User{BEEB56D6-1F63-4166-BE38-70F7E0D708FE}C:\program files\singularity\slvoice.exe] => (Allow) C:\program files\singularity\slvoice.exe
FirewallRules: [TCP Query User{71BD7307-3C2C-43CF-A8DE-D09E024C339D}C:\program files\singularityalpha\slvoice.exe] => (Allow) C:\program files\singularityalpha\slvoice.exe
FirewallRules: [UDP Query User{F8A210B9-7DF0-4F45-BF2F-99C13D3362C1}C:\program files\singularityalpha\slvoice.exe] => (Allow) C:\program files\singularityalpha\slvoice.exe
FirewallRules: [{5FE466C0-C0D4-40F0-A088-A6CCCCD72E1D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{F7AFE0A4-A416-4AB5-8622-63F17FE8F35F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{77DF6586-665F-44A5-ABCB-60EE05A5F8F7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6CF15CDD-E582-423F-AD93-6AF7D02D90E9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{EAE21488-9FEE-4942-B715-1E1C4458CE75}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C698C698-B0BF-44FE-B7A5-BB66F98853C2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2854E073-511B-4AD0-A8F5-9825BF33F09C}] => (Allow) LPort=9322
FirewallRules: [{B09EB2B5-7105-4034-AEAA-31AC56C38201}] => (Allow) LPort=5353
FirewallRules: [{AE9E39F4-130D-41D5-A2F1-37A16F47E97B}] => (Allow) LPort=9322
FirewallRules: [{D4AA43ED-52D6-4365-BC7B-95F113795DD1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2736EF24-BB95-4B3B-9AF0-CAA1441994FB}] => (Allow) LPort=2869
FirewallRules: [{6EFE16ED-6A37-45A3-ADFD-128296A81E27}] => (Allow) LPort=1900
FirewallRules: [{9AC82F8F-591F-4B03-9723-ABDD00B811D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{69884C28-D093-4F11-AF9E-1DC1632F2210}] => (Allow) J:\MY DOWNLOADS FROM C- DRIVE\IM Content\incredimail_install.exe
FirewallRules: [{9EA9C0EB-4B73-4460-8D56-25484169618E}] => (Allow) J:\MY DOWNLOADS FROM C- DRIVE\IM Content\incredimail_install.exe
FirewallRules: [{CA912A8F-BEDB-41C8-B136-3FE8D77F2187}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{735D0557-A0A4-402F-ACF5-072BE8F8ABC2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
19-07-2016 11:36:05 AA11
19-07-2016 11:36:51 AA11
20-07-2016 11:32:04 JRT Pre-Junkware Removal
20-07-2016 12:33:22 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Internet Access Server
Description: Internet Access Server
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/20/2016 12:33:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {97e10b8c-e0b6-4f0a-86fc-b3902ab7b0dc}
Error: (07/18/2016 04:11:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (07/18/2016 04:08:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (07/17/2016 11:28:37 AM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0x80070005
Partial Pkey=7HKHR
ACID=?
Detailed Error[?]
Error: (07/17/2016 11:24:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ekdiscovery.exe, version: 5.4.6.3, time stamp: 0x4c815873
Faulting module name: ekdiscovery.exe, version: 5.4.6.3, time stamp: 0x4c815873
Exception code: 0xc0000005
Fault offset: 0x0000b9f9
Faulting process id: 0xbf4
Faulting application start time: 0xekdiscovery.exe0
Faulting application path: ekdiscovery.exe1
Faulting module path: ekdiscovery.exe2
Report Id: ekdiscovery.exe3
Error: (07/17/2016 10:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 47.0.0.5999, time stamp: 0x5753660e
Faulting module name: mozglue.dll, version: 47.0.0.5999, time stamp: 0x57535438
Exception code: 0x80000003
Fault offset: 0x0000f3ad
Faulting process id: 0x1f24
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (07/17/2016 10:09:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 47.0.0.5999, time stamp: 0x5753660e
Faulting module name: mozglue.dll, version: 47.0.0.5999, time stamp: 0x57535438
Exception code: 0x80000003
Fault offset: 0x0000f3ad
Faulting process id: 0x1850
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (07/17/2016 08:56:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Allpcoptimizer.exe, version: 2.0.0.1, time stamp: 0x57469eb4
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x2b30
Faulting application start time: 0xAllpcoptimizer.exe0
Faulting application path: Allpcoptimizer.exe1
Faulting module path: Allpcoptimizer.exe2
Report Id: Allpcoptimizer.exe3
Error: (07/17/2016 08:56:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Allpcoptimizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
at System.Windows.Application.LoadComponent(System.Uri, Boolean)
at System.Windows.Application.DoStartup()
at System.Windows.Application.<.ctor>b__1(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at WinPCOptimizer.App.Main()
Error: (07/17/2016 08:49:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QuickCleanerUS2.exe, version: 1.0.0.0, time stamp: 0x572afa3a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x2e2c
Faulting application start time: 0xQuickCleanerUS2.exe0
Faulting application path: QuickCleanerUS2.exe1
Faulting module path: QuickCleanerUS2.exe2
Report Id: QuickCleanerUS2.exe3
System errors:
=============
Error: (07/20/2016 01:41:16 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.225.1908.0
Update Source: %NT AUTHORITY59
Update Stage: 4.9.0218.00
Source Path: 4.9.0218.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (07/20/2016 12:34:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.225.1908.0
Update Source: %NT AUTHORITY59
Update Stage: 4.9.0218.00
Source Path: 4.9.0218.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SBSD Security Center Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/20/2016 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Scanner Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2014-09-11 15:51:30.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-11 14:16:06.783
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-11 09:40:32.277
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-11 06:42:44.616
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-11 06:30:25.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-10 11:13:06.340
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-10 10:41:08.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-10 07:59:08.379
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-10 07:18:40.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-08 06:53:52.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Cucusoft\NetGuard\BandwidthGuard64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 6134.87 MB
Available physical RAM: 3455.96 MB
Total Virtual: 12567.93 MB
Available Virtual: 9669 MB
==================== Drives ================================
Drive c: (Local Disk) (Fixed) (Total:239.58 GB) (Free:128.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.78 GB) (Free:0.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Fixed) (Total:0.11 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (MY BOOK) (Fixed) (Total:298.01 GB) (Free:94.8 GB) FAT32
Drive k: (Graphics) (Fixed) (Total:209.1 GB) (Free:135.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 580F697D)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=117 MB) - (Type=42)
Partition 3: (Not Active) - (Size=82 MB) - (Type=42)
Partition 4: (Not Active) - (Size=239.6 GB) - (Type=42)
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 41FFC810)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)
==================== End of Addition.txt ============================