Yes Kaspersky Total Security and I do have a subscription to Logmein. After this happened though I added a two step security to logmein so that they have to send me a code to my phone prior to login.
Ran the avremover twice --once after reboot --and it said there was nothing to remove
Here is the rescan Farbar:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-11-2016
Ran by Suzanne (administrator) on SUZANNE-PC (03-11-2016 16:08:34)
Running from C:\Users\Suzanne\Desktop
Loaded Profiles: Suzanne (Available Profiles: Suzanne & LogMeInRemoteUser & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
() C:\Program Files\NVIDIA Corporation\nView\nviewMain64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\NVIDIA Corporation\nView\nviewMain.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\update_w32.exe
(Akamai Technologies, Inc.) C:\Users\Suzanne\AppData\Local\Akamai\netsession_win.exe
(Box, Inc.) C:\Users\Suzanne\AppData\Local\Box\Box Edit\Box Edit.exe
(Box, Inc.) C:\Users\Suzanne\AppData\Local\Box\Box Local Com Server\Box Local Com Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Akamai Technologies, Inc.) C:\Users\Suzanne\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
() C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\wmi64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2010-09-17] (LogMeIn, Inc.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2168976 2015-11-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [update_w32.exe] => "C:\Windows\SysWOW64\regsvr32.exe" /s "C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\MSIMG32.dll" C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\update_w32.exe <===== ATTENTION
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [Google Update] => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Suzanne\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [77248 2016-04-12] (Intuit Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\BitDefender\Bitdefender 2016\bdwtxag.exe"
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [Box Edit] => C:\Users\Suzanne\AppData\Local\Box\Box Edit\Box Edit.exe [919280 2016-08-15] (Box, Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [Box Local Com Server] => C:\Users\Suzanne\AppData\Local\Box\Box Local Com Server\Box Local Com Service.exe [121072 2016-08-15] (Box, Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\MountPoints2: {bf8c87ee-5192-11e0-bc42-806e6f6e6963} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2010-10-16] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2010-10-16] (Wave Systems Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2011-03-14]
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Driver performer.lnk [2011-05-27]
ShortcutTarget: Driver performer.lnk -> C:\Users\Suzanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ALTNH929\DriverPerformer_V15[1].exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2016-01-28]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update Manager.lnk [2016-10-04]
ShortcutTarget: Windows Update Manager.lnk -> C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\update_w32.exe (TeamViewer GmbH)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update Manager.lnk [2016-10-21]
ShortcutTarget: Windows Update Manager.lnk -> C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\update_w32.exe (TeamViewer GmbH)
Startup: C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2016-11-03]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-09-30]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Update Manager.lnk [2016-10-04]
ShortcutTarget: Windows Update Manager.lnk -> C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\update_w32.exe (TeamViewer GmbH)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{ABD0FBC1-D7C9-4998-B256-9E7E2EFC42C1}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{DD2ABD81-8CBC-4327-864B-6CA8A461820B}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{EE1CEDF6-DC37-4E1E-B9B8-793698419F43}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://igoogle.com/
hxxp://yahoo.com/
hxxp://bing.com/
URLSearchHook: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No File
URLSearchHook: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
SearchScopes: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317816&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP09882FE0-F102-47D6-91B3-397840C39B62&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317816&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP09882FE0-F102-47D6-91B3-397840C39B62&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6CEFBC305BD66386&affID=125830&tsp=5036
SearchScopes: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
SearchScopes: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-10-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-14] (Sun Microsystems, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-10-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-07] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-10-24] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
Toolbar: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-151233617-2686695857-2843107125-1001 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
DPF: HKLM-x32 {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} hxxps://remote.gdcre.com/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://mystores.genpt.com/dana-cached/sc/JuniperSetupClient.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=4103956056
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-06-28]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-03-14] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-10-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-151233617-2686695857-2843107125-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Suzanne\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-07-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-151233617-2686695857-2843107125-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-151233617-2686695857-2843107125-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR StartupUrls: Default -> "hxxps://www.yahoo.com/","hxxp://www.bing.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\54.0.2840.71\gcswf32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll => No File
CHR Plugin: (Native Client) - C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\54.0.2840.71\pdf.dll => No File
CHR Plugin: (WinZip Courier) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.0.2_0\wzwmcgc.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Users\Suzanne\AppData\Local\Google\Update\1.3.21.81\npGoogleUpdate3.dll => No File
CHR Plugin: (Musicnotes) - C:\Program Files (x86)\Musicnotes\npmusicn.dll => No File
CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Musicnotes\npsibelius.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Suzanne\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll => No File
CHR Profile: C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default [2016-11-03]
CHR Extension: (Google Drive) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Honey) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-11-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Pinterest Save Button) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-10-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (LogMeIn) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-151233617-2686695857-2843107125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Suzanne\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-10-24]
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
StartMenuInternet: Google Chrome - C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-04] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2016-10-21] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3088712 2015-11-10] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2117120 2010-11-03] (Wave Systems Corp.) [File not signed]
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] () [File not signed]
R2 TermService; C:\Program Files\RDP Wrapper\rdpwrap.dll [116736 2016-10-04] (Stas'M Corp.) [File not signed]
R2 usbhubsvc3; C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\MSIMG32.dll [100352 2016-01-01] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-09-12] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1027984 2016-09-12] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50008 2016-09-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [126360 2016-09-12] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-29] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 Sentinel; C:\Windows\System32\Drivers\SENTINEL64.SYS [141888 2006-04-20] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [54192 2006-04-20] (SafeNet, Inc.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-03 16:07 - 2016-11-03 16:07 - 00000000 ____D C:\Users\Suzanne\Downloads\FRST-OlderVersion
2016-11-03 16:03 - 2016-11-03 16:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2016-11-03 16:00 - 2016-11-03 16:08 - 00037393 _____ C:\Users\Suzanne\Desktop\FRST.txt
2016-11-03 15:42 - 2016-11-03 15:42 - 11646112 _____ (ESET) C:\Users\Suzanne\Downloads\avremover_nt64_enu (1).exe
2016-11-03 15:23 - 2016-11-03 15:23 - 11646112 _____ (ESET) C:\Users\Suzanne\Desktop\avremover_nt64_enu.exe
2016-11-03 14:44 - 2016-11-03 14:44 - 00000000 ____D C:\Grange
2016-11-03 14:41 - 2016-11-03 14:41 - 00091323 _____ C:\Users\Suzanne\Desktop\20161103_dep_direct_deposit_form_3911.pdf
2016-11-03 09:19 - 2016-11-03 09:19 - 08126070 _____ C:\Users\Suzanne\Desktop\scan0002.pdf
2016-11-02 03:00 - 2016-11-02 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2016-10-31 18:20 - 2016-11-03 16:07 - 00000000 ____D C:\Users\Suzanne\Desktop\FRST-OlderVersion
2016-10-31 18:19 - 2016-10-31 18:19 - 00000000 ____D C:\Users\Suzanne\Desktop\New folder
2016-10-31 18:14 - 2016-10-31 18:14 - 00125372 _____ C:\Users\Suzanne\Desktop\IC3 Complaint Referral Form.pdf
2016-10-31 18:14 - 2016-10-31 18:14 - 00016730 _____ C:\Users\Suzanne\Desktop\IC3 Complaint Referral Form.html
2016-10-31 18:14 - 2016-10-31 18:14 - 00000000 ____D C:\Users\Suzanne\Desktop\IC3 Complaint Referral Form_files
2016-10-31 16:59 - 2016-10-31 16:59 - 00058666 _____ C:\Users\Suzanne\Desktop\External Accounts - chase.pdf
2016-10-31 13:57 - 2016-10-31 13:57 - 00000000 ____D C:\Users\Suzanne\AppData\Local\Logitech® Webcam Software
2016-10-31 13:55 - 2016-10-31 13:55 - 00000000 ____D C:\ProgramData\LogiShrd
2016-10-31 13:51 - 2016-10-31 13:51 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\Leadertech
2016-10-31 13:50 - 2016-10-31 13:50 - 00001626 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-10-31 13:50 - 2016-10-31 13:50 - 00000000 ____D C:\ProgramData\Logitech
2016-10-31 13:44 - 2016-10-31 13:51 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-10-31 13:05 - 2016-10-31 13:05 - 03199319 _____ C:\Users\Suzanne\Downloads\Attachments_20161031.zip
2016-10-31 10:31 - 2016-10-31 10:31 - 00028662 _____ C:\ProgramData\agent.1477935068.bdinstall.bin
2016-10-30 19:41 - 2016-10-30 19:41 - 00001127 _____ C:\Users\Suzanne\Desktop\HD Pro Webcam C920 - Shortcut.lnk
2016-10-26 20:52 - 2016-10-26 20:52 - 00001874 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-26 17:05 - 2016-10-26 17:22 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\XnConvert
2016-10-26 17:05 - 2016-10-26 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnConvert
2016-10-26 17:05 - 2016-10-26 17:05 - 00000000 ____D C:\Program Files\XnConvert
2016-10-26 17:04 - 2016-10-26 17:04 - 15171912 _____ (Gougelet Pierre-e ) C:\Users\Suzanne\Downloads\XnConvert-win-x64.exe
2016-10-26 17:01 - 2016-10-26 17:01 - 00057278 _____ C:\Users\Suzanne\Downloads\26243_03 (1) (1).SFW
2016-10-26 17:00 - 2016-10-26 17:00 - 00057278 _____ C:\Users\Suzanne\Downloads\26243_03 (3).SFW
2016-10-26 17:00 - 2016-10-26 17:00 - 00057278 _____ C:\Users\Suzanne\Downloads\26243_03 (2).SFW
2016-10-26 17:00 - 2016-10-26 17:00 - 00057278 _____ C:\Users\Suzanne\Downloads\26243_03 (1).SFW
2016-10-26 16:59 - 2016-10-26 16:59 - 00057278 _____ C:\Users\Suzanne\Downloads\26243_03.SFW
2016-10-26 07:20 - 2016-10-26 07:20 - 00127163 _____ C:\Users\Suzanne\Desktop\Detailed report.txt
2016-10-26 07:14 - 2016-10-26 07:14 - 00067932 _____ C:\Users\Suzanne\Downloads\Addition.txt
2016-10-25 20:53 - 2016-11-03 16:00 - 00000000 ____D C:\FRST
2016-10-25 20:52 - 2016-11-03 16:07 - 02409984 _____ (Farbar) C:\Users\Suzanne\Desktop\FRST64.exe
2016-10-25 20:03 - 2016-10-25 20:03 - 212514840 _____ (Emsisoft Ltd. ) C:\Users\Suzanne\Downloads\EmsisoftAntiMalwareSetup_bc.exe
2016-10-25 20:00 - 2016-10-25 20:00 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Suzanne\Downloads\iExplore.exe
2016-10-25 18:58 - 2016-10-25 20:00 - 00003176 _____ C:\Users\Suzanne\Desktop\Rkill.txt
2016-10-25 18:58 - 2016-10-25 18:58 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Suzanne\Downloads\rkill.com
2016-10-25 18:55 - 2016-10-25 20:09 - 00088806 _____ C:\Windows\ntbtlog.txt
2016-10-24 21:43 - 2016-10-24 21:43 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-24 21:43 - 2016-10-24 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-24 21:43 - 2016-10-24 21:43 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-24 21:41 - 2016-10-24 21:41 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2016-10-24 21:41 - 2016-10-24 21:41 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2016-10-24 21:40 - 2016-10-24 21:40 - 00000000 ____D C:\ProgramData\Oracle
2016-10-24 15:16 - 2016-11-03 16:00 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-10-24 15:16 - 2016-10-24 15:16 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-24 15:15 - 2016-10-24 15:15 - 00001376 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-10-24 15:15 - 2016-10-24 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2016-10-24 15:14 - 2016-10-24 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-10-24 15:14 - 2016-10-24 15:13 - 00002137 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-10-24 15:14 - 2016-10-24 15:13 - 00002113 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-10-24 15:12 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-10-24 15:11 - 2016-11-03 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-24 15:11 - 2016-10-24 15:15 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-10-24 15:11 - 2016-10-24 15:11 - 00000000 ____D C:\Windows\ELAMBKUP
2016-10-24 15:10 - 2016-09-12 23:03 - 01027984 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-10-24 15:10 - 2016-09-12 23:03 - 00305496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-10-24 15:10 - 2016-06-26 15:10 - 00189264 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-10-24 14:55 - 2016-10-24 14:56 - 184386592 _____ (Kaspersky Lab) C:\Users\Suzanne\Downloads\kts17.0.0.611aben_11549.exe
2016-10-24 14:55 - 2016-10-24 14:55 - 00240686 _____ C:\ProgramData\1477345837.bdinstall.bin
2016-10-22 02:52 - 2016-10-22 02:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-20 12:38 - 2016-10-20 12:38 - 00004096 _____ C:\new.lyr
2016-10-20 12:23 - 2016-10-20 12:23 - 00106510 _____ C:\Users\Suzanne\Downloads\CityBoundaries.zip
2016-10-18 15:21 - 2016-11-03 16:03 - 00000000 ___RD C:\Users\Suzanne\iCloudDrive
2016-10-18 15:21 - 2016-10-18 15:21 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-18 11:57 - 2016-09-30 13:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-18 11:57 - 2016-09-30 12:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-18 11:57 - 2016-09-30 08:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-18 11:57 - 2016-09-30 08:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-18 11:57 - 2016-09-30 08:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-18 11:57 - 2016-09-30 00:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-18 11:57 - 2016-09-29 23:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-18 11:57 - 2016-09-29 23:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-18 11:57 - 2016-09-29 23:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-18 11:57 - 2016-09-29 23:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-18 11:57 - 2016-09-29 23:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-18 11:57 - 2016-09-29 23:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-18 11:57 - 2016-09-29 23:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-18 11:57 - 2016-09-29 23:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-18 11:57 - 2016-09-29 23:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-18 11:57 - 2016-09-29 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-18 11:57 - 2016-09-29 23:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-18 11:57 - 2016-09-29 23:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-18 11:57 - 2016-09-29 23:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-18 11:57 - 2016-09-29 23:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-18 11:57 - 2016-09-29 23:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-18 11:57 - 2016-09-29 23:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-18 11:57 - 2016-09-29 22:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-18 11:57 - 2016-09-29 22:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-18 11:57 - 2016-09-29 22:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-18 11:57 - 2016-09-29 22:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-18 11:57 - 2016-09-29 22:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-18 11:57 - 2016-09-29 22:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-18 11:57 - 2016-09-29 22:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-18 11:57 - 2016-09-29 22:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-18 11:57 - 2016-09-29 22:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-18 11:57 - 2016-09-29 22:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-18 11:57 - 2016-09-29 22:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-18 11:57 - 2016-09-29 22:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-18 11:57 - 2016-09-29 22:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-18 11:57 - 2016-09-29 22:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-18 11:57 - 2016-09-29 22:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-18 11:57 - 2016-09-29 22:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-18 11:57 - 2016-09-29 22:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-18 11:57 - 2016-09-29 22:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-18 11:57 - 2016-09-29 22:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-18 11:57 - 2016-09-29 22:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-18 11:57 - 2016-09-29 22:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-18 11:57 - 2016-09-29 22:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-18 11:57 - 2016-09-29 22:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-18 11:57 - 2016-09-29 22:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-18 11:57 - 2016-09-29 22:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-18 11:57 - 2016-09-29 22:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-18 11:57 - 2016-09-29 22:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-18 11:57 - 2016-09-29 22:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-18 11:57 - 2016-09-29 22:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-18 11:57 - 2016-09-29 22:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-18 11:57 - 2016-09-29 22:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-18 11:57 - 2016-09-29 22:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-18 11:57 - 2016-09-29 22:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-18 11:57 - 2016-09-29 22:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-18 11:57 - 2016-09-29 22:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-18 11:57 - 2016-09-29 22:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-18 11:57 - 2016-09-29 22:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-18 11:57 - 2016-09-29 22:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-18 11:57 - 2016-09-29 22:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-18 11:57 - 2016-09-29 21:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-18 11:57 - 2016-09-29 21:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-18 11:57 - 2016-09-29 21:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-18 11:57 - 2016-09-29 21:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-18 11:57 - 2016-09-15 08:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-18 11:57 - 2016-09-15 08:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-18 11:57 - 2016-09-15 08:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-18 11:57 - 2016-09-15 08:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-18 11:57 - 2016-09-12 14:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-18 11:57 - 2016-09-12 14:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-18 11:57 - 2016-09-12 14:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-18 11:57 - 2016-09-12 14:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-18 11:57 - 2016-09-12 13:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-18 11:57 - 2016-09-12 13:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-18 11:57 - 2016-09-12 13:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-18 11:57 - 2016-09-12 13:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-18 11:57 - 2016-09-12 13:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-18 11:57 - 2016-09-12 12:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-18 11:57 - 2016-09-12 11:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-18 11:57 - 2016-09-12 11:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-18 11:57 - 2016-09-10 09:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-18 11:57 - 2016-09-10 08:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-18 11:57 - 2016-09-09 11:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-18 11:57 - 2016-09-09 11:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-18 11:57 - 2016-09-09 11:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-18 11:57 - 2016-09-09 11:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-18 11:57 - 2016-09-09 11:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-18 11:57 - 2016-09-09 11:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-18 11:57 - 2016-09-09 11:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-18 11:57 - 2016-09-09 11:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-18 11:57 - 2016-09-09 11:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-18 11:57 - 2016-09-09 10:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-18 11:57 - 2016-09-09 10:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-18 11:57 - 2016-09-08 13:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-18 11:57 - 2016-09-08 13:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-18 11:57 - 2016-09-08 13:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-18 11:57 - 2016-09-08 13:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-18 11:57 - 2016-09-08 07:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-18 11:57 - 2016-09-08 07:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-18 11:57 - 2016-08-12 10:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-18 11:57 - 2016-08-12 10:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-18 11:57 - 2016-08-12 10:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-18 11:57 - 2016-08-12 10:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-18 11:57 - 2016-08-12 10:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-18 11:57 - 2016-08-12 09:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-18 11:57 - 2016-08-12 09:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-18 11:57 - 2016-08-12 09:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-18 11:57 - 2016-08-12 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-18 11:57 - 2016-08-12 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-18 11:57 - 2016-08-12 09:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-18 11:57 - 2016-08-06 08:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-18 11:57 - 2016-08-06 08:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-18 11:57 - 2016-08-06 08:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-18 11:57 - 2016-08-06 08:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-18 11:57 - 2016-08-06 08:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-18 11:57 - 2016-08-06 08:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-18 11:57 - 2016-08-06 08:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-18 11:57 - 2016-08-06 08:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-18 11:57 - 2016-08-06 08:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-18 11:57 - 2016-08-06 08:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-18 11:57 - 2016-08-06 08:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-18 11:57 - 2016-08-06 08:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-18 11:57 - 2016-08-06 08:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-18 11:57 - 2016-08-06 07:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-18 11:57 - 2016-08-06 07:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-18 11:57 - 2016-08-06 07:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-18 11:57 - 2016-06-14 10:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-18 11:57 - 2016-06-14 10:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-18 11:57 - 2016-06-14 10:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-18 11:57 - 2016-06-14 10:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-18 11:57 - 2016-06-14 08:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-18 11:57 - 2016-06-14 08:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-18 11:57 - 2016-06-14 08:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-18 11:57 - 2016-06-14 08:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-18 11:57 - 2016-06-14 08:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-18 11:57 - 2016-06-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-18 11:57 - 2016-06-14 08:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-18 11:57 - 2016-06-14 08:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-18 11:57 - 2016-06-14 08:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-18 11:56 - 2016-09-29 23:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-18 11:56 - 2016-09-29 23:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-18 11:56 - 2016-09-29 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-18 11:56 - 2016-09-29 22:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-18 11:56 - 2016-09-12 14:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-18 11:56 - 2016-09-12 13:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-18 11:56 - 2016-09-12 13:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-18 11:56 - 2016-09-12 13:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-18 11:56 - 2016-09-12 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-18 11:56 - 2016-09-12 13:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 11:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-18 11:56 - 2016-09-09 11:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-18 11:56 - 2016-09-09 11:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-18 11:56 - 2016-09-09 11:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-18 11:56 - 2016-09-09 10:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-18 11:56 - 2016-09-09 10:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-18 11:56 - 2016-09-09 10:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-18 11:56 - 2016-09-09 10:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-18 11:56 - 2016-09-09 10:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-18 11:56 - 2016-09-09 10:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-18 11:56 - 2016-09-09 10:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-18 11:56 - 2016-09-09 10:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-18 11:56 - 2016-09-09 10:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-18 11:56 - 2016-09-09 10:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-18 11:56 - 2016-06-14 10:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-18 11:56 - 2016-06-14 08:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-18 11:56 - 2016-06-14 08:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-18 11:56 - 2016-06-14 08:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-18 11:56 - 2016-06-14 08:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-18 11:56 - 2016-06-14 08:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-18 11:55 - 2016-09-12 14:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-18 11:55 - 2016-09-12 14:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-18 11:55 - 2016-09-09 08:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-18 11:55 - 2016-08-16 13:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-18 11:55 - 2016-08-16 13:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-18 11:55 - 2016-08-16 13:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-18 11:55 - 2016-08-16 13:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-18 11:55 - 2016-08-16 13:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-18 11:55 - 2016-08-16 13:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-18 11:55 - 2016-08-16 13:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-18 11:54 - 2016-08-29 08:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-18 11:54 - 2016-08-29 08:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-18 11:54 - 2016-08-29 08:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-18 11:54 - 2016-08-29 08:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-18 11:54 - 2016-08-29 08:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-18 11:54 - 2016-08-29 08:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-18 11:54 - 2016-08-29 08:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-18 11:54 - 2016-08-29 07:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-18 11:54 - 2016-07-22 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-18 11:54 - 2016-07-22 07:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-07 22:52 - 2016-10-07 22:52 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00334608 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00244504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-07 22:45 - 2016-10-07 22:45 - 00271112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-10-04 22:42 - 2016-10-04 22:42 - 00000000 ____D C:\Users\Suzanne\AppData\Temp
2016-10-04 22:31 - 2016-10-30 19:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-04 22:31 - 2016-10-04 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-04 13:03 - 2016-10-04 13:03 - 00000000 ____D C:\Program Files\RDP Wrapper
2016-10-04 09:56 - 2016-10-04 09:56 - 00035112 ___SH (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys
2016-10-04 09:55 - 2016-10-23 14:10 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-03 16:12 - 2009-07-13 21:45 - 00025424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-03 16:12 - 2009-07-13 21:45 - 00025424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-03 16:10 - 2016-07-17 16:44 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\Skype
2016-11-03 16:07 - 2014-01-24 11:40 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-11-03 16:02 - 2011-05-27 10:54 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-03 16:02 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-03 16:01 - 2011-03-14 17:22 - 00062308 _____ C:\Windows\system32\BMXStateBkp-{00000001-00000000-00000000-00001102-0000000B-00441102}.rfx
2016-11-03 16:01 - 2011-03-14 17:22 - 00062308 _____ C:\Windows\system32\BMXState-{00000001-00000000-00000000-00001102-0000000B-00441102}.rfx
2016-11-03 16:01 - 2011-03-14 17:22 - 00000820 _____ C:\Windows\system32\DVCState-{00000001-00000000-00000000-00001102-0000000B-00441102}.rfx
2016-11-03 16:01 - 2011-03-14 14:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-03 15:51 - 2011-05-27 10:54 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-03 15:47 - 2014-11-15 18:11 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA1d0013a3ffd0f14.job
2016-11-03 15:47 - 2014-11-15 18:11 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core1d0013a3e4c6110.job
2016-11-03 15:42 - 2011-03-25 08:10 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA.job
2016-11-03 15:38 - 2015-10-12 17:13 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2016-11-03 15:38 - 2015-10-12 17:13 - 00001080 _____ C:\Windows\system32\settings.sfm
2016-11-03 15:18 - 2014-02-06 15:11 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA1cf23886a25815c.job
2016-11-03 15:12 - 2011-03-18 12:15 - 00000000 ___HD C:\Users\Suzanne\AppData\Roaming\Adobe
2016-11-03 14:28 - 2016-09-06 13:37 - 00000000 ____D C:\Users\Suzanne\Documents\Outlook Files
2016-11-03 13:42 - 2011-03-25 08:10 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core.job
2016-11-03 09:15 - 2011-03-21 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2016-11-03 00:00 - 2011-03-18 12:30 - 00000000 ____D C:\ProgramData\LogMeIn
2016-11-02 22:25 - 2011-03-21 17:42 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\ESRI
2016-11-02 22:24 - 2016-05-20 17:37 - 00000000 ___HD C:\Users\Suzanne\AppData\Local\ESRI_Licensing
2016-11-02 18:43 - 2011-03-18 13:39 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5F1214C0-A7BC-412C-83C5-45F631CD7E30}
2016-11-02 16:18 - 2014-02-06 15:11 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core1cf23885969d023.job
2016-11-02 10:36 - 2011-03-21 17:42 - 00000000 ____D C:\Users\Suzanne\Documents\ArcGIS
2016-11-02 10:22 - 2016-07-12 21:31 - 00264312 ____H C:\Windows\system32\mlfcache.dat
2016-11-02 03:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-11-01 14:21 - 2013-09-29 11:12 - 00003428 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2016-11-01 12:17 - 2011-03-25 08:10 - 00000000 ___HD C:\Users\Suzanne\AppData\Local\Google
2016-10-31 13:51 - 2014-05-25 18:09 - 00000000 ____D C:\Program Files (x86)\Logitech
2016-10-31 13:50 - 2014-05-25 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-31 10:36 - 2012-07-01 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-10-31 10:36 - 2012-07-01 14:55 - 00000000 ____D C:\Program Files (x86)\HP
2016-10-30 19:57 - 2016-07-17 16:43 - 00000000 ____D C:\ProgramData\Skype
2016-10-30 16:28 - 2015-03-14 17:37 - 00000871 _____ C:\messages.xml
2016-10-30 16:24 - 2016-05-24 13:02 - 00000000 ____D C:\Users\Suzanne\.matplotlib
2016-10-27 13:59 - 2015-03-06 12:44 - 00000000 ____D C:\Ed
2016-10-26 20:42 - 2011-03-14 14:44 - 00000000 ____D C:\ProgramData\Sonic
2016-10-26 20:41 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-10-26 18:28 - 2011-08-18 17:12 - 00038400 ___SH C:\Users\Suzanne\Thumbs.db
2016-10-26 17:37 - 2009-07-13 22:13 - 00786578 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-26 17:08 - 2011-09-09 15:40 - 00000000 ___HD C:\Users\Suzanne\AppData\Local\Windows Live
2016-10-26 16:08 - 2009-07-13 21:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-26 11:14 - 2016-09-15 15:30 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\Add-in Express
2016-10-26 07:50 - 2014-01-24 13:16 - 00000000 ____D C:\Windows\Minidump
2016-10-25 20:14 - 2011-11-15 20:26 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-25 20:14 - 2011-08-24 13:57 - 00000000 ____D C:\Program Files (x86)\Citrix
2016-10-25 20:14 - 2011-03-14 14:28 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-25 14:42 - 2016-09-14 10:58 - 00003676 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-151233617-2686695857-2843107125-1001
2016-10-25 14:42 - 2016-09-14 10:58 - 00003580 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-151233617-2686695857-2843107125-1001
2016-10-25 10:25 - 2016-08-02 14:16 - 00000000 ____D C:\Users\Suzanne\Documents\MoreThanMapps
2016-10-25 08:16 - 2011-03-25 08:11 - 00002388 _____ C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-24 21:41 - 2012-06-04 15:49 - 00268864 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-10-24 20:01 - 2011-09-05 19:46 - 00000000 ___HD C:\Users\Suzanne\AppData\Local\ElevatedDiagnostics
2016-10-24 19:47 - 2011-03-21 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-24 16:34 - 2016-09-15 08:37 - 00000000 ____D C:\2016_Upwork
2016-10-24 15:13 - 2011-03-26 09:19 - 00000000 ____D C:\Users\Dorothy
2016-10-24 15:02 - 2011-03-18 12:49 - 00000000 ____D C:\Program Files\BitDefender
2016-10-24 14:58 - 2011-08-27 18:06 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\Orbit
2016-10-24 14:55 - 2011-03-18 12:42 - 00000000 ____D C:\Program Files\Common Files\BitDefender
2016-10-24 14:52 - 2011-03-18 14:01 - 00184210 _____ C:\bdlog.txt
2016-10-21 14:43 - 2011-03-18 12:30 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2016-10-21 10:52 - 2011-03-18 12:30 - 00122400 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2016-10-21 10:52 - 2011-03-18 12:30 - 00107520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2016-10-20 12:32 - 2011-03-21 17:42 - 00000000 ___HD C:\Users\Suzanne\AppData\Local\ESRI
2016-10-20 11:13 - 2015-11-08 11:28 - 00000000 ____D C:\Users\Suzanne\AppData\Roaming\ProjectTimer
2016-10-19 04:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2016-10-19 03:41 - 2009-07-13 21:45 - 02498824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-19 03:39 - 2013-03-13 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-19 03:39 - 2013-03-13 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-19 03:35 - 2014-12-10 04:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-19 03:35 - 2014-04-30 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-19 03:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-19 03:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-19 03:17 - 2013-07-16 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-10-19 03:06 - 2011-03-18 13:58 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-19 03:05 - 2013-03-13 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-18 17:30 - 2011-09-01 18:50 - 00007597 ____H C:\Users\Suzanne\AppData\Local\Resmon.ResmonCfg
2016-10-18 15:21 - 2015-10-28 18:03 - 00000000 ____D C:\Users\Suzanne\AppData\Local\Apple Inc
2016-10-18 15:21 - 2011-03-18 14:09 - 00000000 ___HD C:\Users\Suzanne
2016-10-18 15:18 - 2011-03-18 13:15 - 00000000 ___HD C:\Users\Suzanne\AppData\Local\Apple Computer
2016-10-18 15:17 - 2011-03-18 13:15 - 00000000 ___HD C:\Users\Suzanne\AppData\Roaming\Apple Computer
2016-10-18 11:54 - 2015-11-08 11:07 - 00000000 ____D C:\JasonNov
2016-10-18 11:46 - 2016-09-06 13:16 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-18 11:35 - 2011-03-18 13:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-18 11:14 - 2012-04-13 09:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-04 22:31 - 2016-07-17 16:44 - 00000000 ____D C:\Users\Suzanne\AppData\Local\Skype
2016-10-04 16:40 - 2016-02-01 13:56 - 00000000 ____D C:\Users\Suzanne\Documents\invoices 2016
2016-10-04 16:40 - 2016-01-17 11:20 - 00000000 ____D C:\Job Invoices
2016-10-04 13:10 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2011-09-01 18:50 - 2016-10-18 17:30 - 0007597 ____H () C:\Users\Suzanne\AppData\Local\Resmon.ResmonCfg
2016-10-24 14:55 - 2016-10-24 14:55 - 0240686 _____ () C:\ProgramData\1477345837.bdinstall.bin
2016-10-31 10:31 - 2016-10-31 10:31 - 0028662 _____ () C:\ProgramData\agent.1477935068.bdinstall.bin
2016-01-28 20:12 - 2016-01-28 20:12 - 0000016 _____ () C:\ProgramData\mntemp
2016-01-28 20:12 - 2016-01-28 20:12 - 0004881 _____ () C:\ProgramData\rxsmznjf.zcp
Files to move or delete:
====================
C:\Users\Suzanne\ExporttoKML.dll
C:\Users\Suzanne\ExporttoKML.reg
C:\Users\Suzanne\ExporttoKML_64bit.reg
C:\Users\Suzanne\ExporttoKML_INSTALL.bat
C:\Users\Suzanne\ExporttoKML_UNINSTALL.bat
Some files in TEMP:
====================
C:\Users\Suzanne\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe
C:\Users\Suzanne\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-25 00:32
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-11-2016
Ran by Suzanne (03-11-2016 16:15:40)
Running from C:\Users\Suzanne\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-03-18 21:08:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-151233617-2686695857-2843107125-500 - Administrator - Disabled)
Guest (S-1-5-21-151233617-2686695857-2843107125-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-151233617-2686695857-2843107125-1002 - Limited - Enabled)
LogMeInRemoteUser (S-1-5-21-151233617-2686695857-2843107125-1003 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
Suzanne (S-1-5-21-151233617-2686695857-2843107125-1001 - Administrator - Enabled) => C:\Users\Suzanne
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Add or Remove Adobe Creative Suite 3 Design Premium (HKLM-x32\...\Adobe_498b43b77cac072081a5692bfc52804) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 8.1.5 - CPSID_49013 (HKLM-x32\...\Adobe Acrobat 8 Professional_815) (Version: - Adobe Systems Incorporated)
Adobe Acrobat 8.1.5 Professional (HKLM-x32\...\Adobe Acrobat 8 Professional) (Version: 8.1.5 - )
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 9 Plugin (HKLM-x32\...\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcGIS 10.4 for Desktop (HKLM-x32\...\ArcGIS 10.4 for Desktop) (Version: 10.4.5524 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.4 for Desktop (x32 Version: 10.4.5524 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS ArcReader 10 (HKLM-x32\...\ArcGIS ArcReader 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Earth (HKLM\...\ArcGIS Earth) (Version: 1.0.1214 - Environmental Systems Research Institute, Inc.)
ArcGIS Earth (Version: 1.0.1214 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS License Manager 10 (HKLM-x32\...\ArcGIS License Manager 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Pro (HKLM\...\ArcGISPro) (Version: 1.3.5861 - Environmental Systems Research Institute, Inc.)
ArcGIS Pro (Version: 1.3.5861 - Environmental Systems Research Institute, Inc.) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Tools (HKLM-x32\...\{56647361-687B-452B-8999-6179125FFD63}) (Version: 3.2.10.1533 - Box)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 14.0.3.2 - Broadcom Corporation)
CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)
Custom (Version: 12.34.56.789 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.0.00000.085 - Dell Inc.)
Dell Data Protection | Access (Version: 01.01.00.085 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 1.00.011 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 1.00.005 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Manager (HKLM\...\{0DB0EA38-E806-44ED-A892-489F2E305080}) (Version: 1.5.00000 - Dell Inc.)
DellAccess (Version: 01.01.00.053 - Wave Systems Corp.) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EMBASSY Security Center (Version: 04.03.00.067 - Wave Systems Corp.) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Esri CityEngine 2016.0 (HKLM\...\Esri CityEngine 2016.0) (Version: 16.0.100 - Environmental Systems Research Institute, Inc.)
Esri CityEngine 2016.0 (Version: 16.0.100 - Environmental Systems Research Institute, Inc.) Hidden
FME Desktop 2016.1.2.1 (Build 16674 - win64) (HKLM\...\{C6197A42-6BFE-1014-B1BC-EE2AC0F79D75}) (Version: 7.22.16674 - Safe Software Inc.)
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
Google Chrome (HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Chrome (HKU\S-1-5-21-151233617-2686695857-2843107125-1003\...\Google Chrome) (Version: 15.0.874.121 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Earth Pro (HKLM-x32\...\{1C63D1F0-DE50-11E2-BB78-B8AC6F98CCE3}) (Version: 7.1.1.1871 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 5.0.0.799 (HKU\S-1-5-21-151233617-2686695857-2843107125-1003\...\GoToMeeting) (Version: 5.0.0.799 - CitrixOnline)
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (x32 Version: 2.5 - honestech) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 6 Update 23 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416023FF}) (Version: 6.0.230 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}) (Version: 4.1.1578 - LogMeIn, Inc.)
LogMeIn Client (HKLM-x32\...\{D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB}) (Version: 1.3.1675 - LogMeIn, Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional 2016 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 16.0.7369.2038 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Video Editor 11 (HKLM-x32\...\Movavi Video Editor 11) (Version: 11.2.0 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-151233617-2686695857-2843107125-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NTRU TCG Software Stack (Version: 2.1.34 - Security Innovation) Hidden
NVIDIA 3D Vision Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5929 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA nView 146.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.78 - NVIDIA Corporation)
NVIDIA WMI 2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.24.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Preboot Manager (Version: 03.03.00.049 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.01.00.007 - Wave Systems Corp.) Hidden
Python 2.5 numpy-1.0.3 (HKLM-x32\...\numpy-py2.5) (Version: - )
Python 2.5 numpy-1.0.3 (HKLM-x32\...\Python 2.5 numpy-1.0.3) (Version: - )
Python 2.5.1 (HKLM-x32\...\Python 2.5.1) (Version: - )
QGIS 2.16 2.16.2 Nødebo (HKLM\...\QGIS 2.16) (Version: - QGIS Development Team)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.11.1 - Intuit)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.37.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sentinel System Driver(64-bit) 7.2.2 (HKLM\...\{97407E09-4EA8-49F0-A513-2C1776A6DEC0}) (Version: 7.2.2 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smilebox (HKU\S-1-5-21-151233617-2686695857-2843107125-1003\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
Trusted Drive Manager (Version: 4.0.0.512 - Wave Systems Corp.) Hidden
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Wave Infrastructure Installer (Version: 07.66.40.0008 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.014 - Wave Systems Corp) Hidden
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
XnConvert 1.73 (HKLM\...\XnConvert_is1) (Version: 1.73 - Gougelet Pierre-e)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-151233617-2686695857-2843107125-1003\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll => No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncApi64.dll => No File
CustomCLSID: HKU\S-1-5-21-151233617-2686695857-2843107125-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Suzanne\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CF0900A-2372-446C-9BFD-CD4C3E88568A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {0DC59238-B059-4EFF-9CF9-9A8CA49C9C53} - System32\Tasks\{0413D07A-8D30-4D5A-BE61-486976FB485F} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {15D894C6-8C07-4502-817B-3633CBC2F6A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {16E7A5FB-0D27-4FFC-935D-CB64441A4BD1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core1cf23885969d023 => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {19E720E5-12AA-4EE3-9C27-83BF10CA2419} - System32\Tasks\{A4BA670A-111C-4595-88DE-44B1BC131F3C} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {296820CE-CF2E-4BF6-A702-4363873404AB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3B786855-FB5F-4C15-B445-7A740D115058} - System32\Tasks\{04FF8751-D100-4F82-BE83-D96DAFA59B39} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {48239E39-A010-47DA-A4BA-F13478A0CAE6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {65729D44-5252-401D-B2CF-BAF410DE527B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {66732F40-8D0E-4B61-A60C-AEBCC6F3114C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6B1929ED-F652-45B4-91AF-2B689541E8D6} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {708F24B9-28BC-47E9-B04A-16B31A1C6744} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA1cf23886a25815c => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {87B96AB0-7AB8-4E37-A083-9C8B6952E13E} - System32\Tasks\{4D5AC19A-5FF4-4A2F-A1AF-3E5DD0BAAB0C} => D:\autorun.exe
Task: {964025AA-7830-4AC4-B364-E67585C17F61} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {A9C69709-F628-4E15-AA80-357F047BB55C} - System32\Tasks\G2MUpdateTask-S-1-5-21-151233617-2686695857-2843107125-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\5742\g2mupdate.exe
Task: {B24AE1E3-4FF1-4DF0-8E8A-FFEAF516B368} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {B2AEA276-409F-468F-9DE6-98B2696BD095} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {B85041F5-4507-4DF4-B32F-2120AD6A00B5} - System32\Tasks\{89B37D2F-F8B6-4666-BC35-FCBF4333D964} => D:\autorun.exe
Task: {CEABA74D-1DA7-4D11-8436-1C4F8EC1EA84} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA1d0013a3ffd0f14 => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {CFB72B10-B94B-4668-8030-98F6B2092CD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {D957B3D7-A0E7-47BE-A2B1-44A42E4C19DF} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-09-09] (Apple Inc.)
Task: {DC286D2F-C572-45D8-9115-DB9BC8B91E53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core1d0013a3e4c6110 => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E69A5AB1-5E51-4F59-AA96-C7F1360BDE91} - System32\Tasks\DigitalSite => C:\Users\Suzanne\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F3F98508-023D-412B-A62A-F3C4D70BB29E} - System32\Tasks\G2MUploadTask-S-1-5-21-151233617-2686695857-2843107125-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\5742\g2mupload.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Suzanne\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core.job => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core1cf23885969d023.job => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001Core1d0013a3e4c6110.job => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA.job => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA1cf23886a25815c.job => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151233617-2686695857-2843107125-1001UA1d0013a3ffd0f14.job => C:\Users\Suzanne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Web Applications\pinterest.com\http_80\Pinterest _ Goodies.lnk -> C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://pinterest.com/about/goodies/
==================== Loaded Modules (Whitelisted) ==============
2016-01-28 10:39 - 2015-11-10 02:32 - 03088712 _____ () C:\Windows\system32\nvwmi64.exe
2016-01-28 10:38 - 2015-11-05 08:13 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-06 13:21 - 2016-10-08 00:52 - 08923840 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-01-28 10:39 - 2015-11-10 02:26 - 01941304 _____ () C:\Program Files\NVIDIA Corporation\nView\nViewH64.dll
2013-06-13 17:07 - 2013-03-25 10:57 - 00727952 _____ () C:\Windows\SysWOW64\WSCM64.dll
2016-01-28 10:39 - 2015-11-10 02:26 - 01315128 _____ () C:\Program Files\NVIDIA Corporation\nView\nViewMain64.exe
2016-01-28 10:39 - 2015-11-10 02:26 - 01187656 _____ () C:\Program Files\NVIDIA Corporation\nView\nViewMain.exe
2016-01-28 20:32 - 2009-11-03 10:19 - 00409088 _____ () C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
2010-11-17 08:35 - 2010-11-17 08:35 - 00514544 ____N () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-11-11 14:07 - 2011-11-11 14:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2016-01-28 10:39 - 2015-11-10 02:26 - 01582408 _____ () C:\Program Files\NVIDIA Corporation\nView\nViewH.dll
2016-10-04 09:55 - 2016-01-01 02:00 - 00100352 ___SH () C:\Users\Suzanne\AppData\Roaming\MicrocoftUrdateNT\MSIMG32.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-01-28 20:32 - 2008-04-27 19:06 - 00053248 _____ () C:\Program Files (x86)\honestech\honestech TVR 2.5\ReadRemoteKey.dll
2010-11-24 20:44 - 2010-11-24 20:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-12-12 15:44 - 2011-12-12 15:44 - 00336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2016-11-03 16:02 - 2016-11-03 16:02 - 00098816 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32api.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00110080 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\pywintypes27.dll
2016-11-03 16:02 - 2016-11-03 16:02 - 00364544 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\pythoncom27.dll
2016-11-03 16:02 - 2016-11-03 16:02 - 00320512 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32com.shell.shell.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00776704 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_hashlib.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 01176576 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._core_.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00806400 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._gdi_.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00816128 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._windows_.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 01067008 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._controls_.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00733184 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._misc_.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00682496 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\pysqlite2._sqlite.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00088064 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_ctypes.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00119808 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32file.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00108544 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32security.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00007168 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\hashobjs_ext.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00017920 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\thumbnails_ext.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00088064 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\usb_ext.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00012800 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\common.time34.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00018432 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32event.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00167936 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32gui.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00046080 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_socket.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 01208320 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_ssl.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00128512 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_elementtree.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00127488 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\pyexpat.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00038912 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32inet.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00036864 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_psutil_windows.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00525208 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\windows._lib_cacheinvalidation.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00011264 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32crypt.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00077312 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._html2.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00027136 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_multiprocessing.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00020480 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\_yappi.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00035840 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32process.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00686080 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\unicodedata.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00078848 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._animate.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00123392 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\wx._wizard.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00024064 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32pipe.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00010240 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\select.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00025600 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32pdh.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00017408 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32profile.pyd
2016-11-03 16:02 - 2016-11-03 16:02 - 00022528 ____R () C:\Users\Suzanne\AppData\Local\Temp\_MEI34522\win32ts.pyd
2016-10-25 08:16 - 2016-10-20 01:47 - 01819240 _____ () C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-25 08:16 - 2016-10-20 01:47 - 00093288 _____ () C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-10-04 09:55 - 2016-01-01 02:00 - 00100352 ___SH () c:\users\suzanne\appdata\roaming\microcofturdatent\msimg32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\SysWOW64\ractrlkeyhook.dll:BDU [22]
AlternateDataStreams: C:\Windows\SysWOW64\TABCTL32.htm:BDU [22]
AlternateDataStreams: C:\Users\Suzanne\Downloads\ArcGISPro_5023_149395.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\ArcGIS_Desktop_104_149411.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\ArcGIS_Earth_x64_Setup_1.0.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\BoxEditInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\CityEngine_2016_0_150261.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\Driver207win (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\Driver207win.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\easycapture_setup_1.2.0.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\PatchFinder.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\Setup.X86.en-US_ProfessionalRetail_bd258168-37e4-471a-92f1-93d2ff205f62_TX_PR_.exe:BDU [0]
AlternateDataStreams: C:\Users\Suzanne\Downloads\wlsetup-web.exe:BDU [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2016-10-24 14:41 - 00003072 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-151233617-2686695857-2843107125-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Suzanne\Pictures\gumby.jpg
HKU\S-1-5-21-151233617-2686695857-2843107125-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{41422E44-3406-4A93-B450-2D312C87D6E1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{D4A758E9-3C0D-44E8-ADB2-854FC98DFE5D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{3157DD3A-319D-4D65-B6AB-93ADB4D0C653}] => (Allow) LPort=3703
FirewallRules: [{441D9186-92A4-4803-BA11-81797D55FA23}] => (Allow) LPort=3704
FirewallRules: [{DEB659CD-54F8-41A1-80B9-58AA05256D7E}] => (Allow) LPort=50900
FirewallRules: [{91D4E84B-47C9-40A2-AD72-5E88730A454E}] => (Allow) LPort=50901
FirewallRules: [{88989606-90A7-4BB1-BD7C-1CE9214F2628}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{EF737E9D-43CF-4486-8F8D-DA1CD805EBB2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [TCP Query User{3657E126-8208-4A49-AF8E-8C2F67290776}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A8990542-A0F9-4F21-A280-9B40215B48F5}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{35C514E1-2A7C-414C-9DBF-3CFD2041C813}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{8D9A34C2-1F86-4732-9B17-16CDEF0FA141}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{744D57AA-4761-4FD7-AC38-DB3F978D2CD5}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{2CE9DC3A-C8E0-4E2B-ABEA-63A5EA4C8B6E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{BA4A4083-E4AE-4689-8489-6853D6966CA5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{8A3E9F7D-57F0-4896-92D0-9AD22349AD68}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{FB2964C2-23C2-45D0-AD6C-63A6609EF4C6}C:\program files (x86)\arcgis\desktop10.0\bin\arcmap.exe] => (Allow) C:\program files (x86)\arcgis\desktop10.0\bin\arcmap.exe
FirewallRules: [UDP Query User{FB3D0B7A-D1E0-4659-A4CD-B16994194ABE}C:\program files (x86)\arcgis\desktop10.0\bin\arcmap.exe] => (Allow) C:\program files (x86)\arcgis\desktop10.0\bin\arcmap.exe
FirewallRules: [TCP Query User{F150EBA6-1731-46CF-84A8-C7CAE1819E92}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{1BE6857F-5A65-4110-955F-0879D273B82F}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{84C9C5E3-7B7F-4CCE-BB5C-56554272AACC}] => (Allow) %ProgramFiles% (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{ABFFB7A9-9081-4825-A3F0-E7F43010878B}C:\users\suzanne\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\suzanne\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8B3ED360-E7F8-4AD0-AF68-9A97502C9E20}C:\users\suzanne\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\suzanne\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{CED04AFF-E697-456D-9774-CFE97754AEED}C:\users\suzanne\appdata\local\temp\lmi1467.tmp\logmein client.exe] => (Allow) C:\users\suzanne\appdata\local\temp\lmi1467.tmp\logmein client.exe
FirewallRules: [UDP Query User{5595BF07-86BD-492A-B9BF-CD836622E16C}C:\users\suzanne\appdata\local\temp\lmi1467.tmp\logmein client.exe] => (Allow) C:\users\suzanne\appdata\local\temp\lmi1467.tmp\logmein client.exe
FirewallRules: [TCP Query User{99EA1E7D-E49D-4A49-AEBB-E07858ECDF90}C:\users\suzanne\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\suzanne\appdata\local\logmein client\logmein client.exe
FirewallRules: [UDP Query User{4C89C0BD-E6C6-436C-B0DF-97C7E2082B7E}C:\users\suzanne\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\suzanne\appdata\local\logmein client\logmein client.exe
FirewallRules: [TCP Query User{B5C8AFCC-5C87-4757-B0DD-F995D841735B}C:\users\suzanne\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\suzanne\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A3463A72-67CB-4961-9734-66F4D88F62DD}C:\users\suzanne\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\suzanne\appdata\local\akamai\netsession_win.exe
FirewallRules: [{732EAA20-57DD-4604-9510-F1A736F7BAD8}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{9655D171-2832-45E1-B9C0-6776DE56CFA1}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{B5B9EB9D-00F6-4463-8971-C64EBAF5BBD5}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{83CACCBF-39E6-4BD9-9EFD-D20D2004CDAC}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [TCP Query User{23D6FAE3-CFF4-49F6-8D2C-23C474FE0321}C:\users\suzanne\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\suzanne\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E6DC87CD-29DA-44C9-8F95-6687908B57BF}C:\users\suzanne\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\suzanne\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{67A479B6-923D-4EBE-9C6C-46EB93EFE929}C:\users\suzanne\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\suzanne\appdata\local\logmein client\lmiignition.exe
FirewallRules: [UDP Query User{C3F93811-B9A0-4376-89C2-C672A2C25C12}C:\users\suzanne\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\suzanne\appdata\local\logmein client\lmiignition.exe
FirewallRules: [TCP Query User{AC34F27F-9FE1-414A-A6D1-996DF99FC468}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [UDP Query User{A0452389-3C2D-4086-9FDF-A72BC9984728}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [TCP Query User{B701E11A-7F07-48BB-A60F-083DD8563891}C:\program files (x86)\arcgis\desktop10.2\bin\arcmap.exe] => (Allow) C:\program files (x86)\arcgis\desktop10.2\bin\arcmap.exe
FirewallRules: [UDP Query User{822A887B-A1DA-4BCE-AF99-228B45B6115D}C:\program files (x86)\arcgis\desktop10.2\bin\arcmap.exe] => (Allow) C:\program files (x86)\arcgis\desktop10.2\bin\arcmap.exe
FirewallRules: [TCP Query User{FBDB9957-690B-46CA-9507-A55E39F321D2}C:\program files (x86)\arcgis\desktop10.2\bin\arccatalog.exe] => (Allow) C:\program files (x86)\arcgis\desktop10.2\bin\arccatalog.exe
FirewallRules: [UDP Query User{B19595DA-CF6D-4993-9589-8DA867853C46}C:\program files (x86)\arcgis\desktop10.2\bin\arccatalog.exe] => (Allow) C:\program files (x86)\arcgis\desktop10.2\bin\arccatalog.exe
FirewallRules: [{F451F5B4-04F5-4F2E-A2A5-A1913F4A7038}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F62383D0-7692-43D3-B48C-6C655144597E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68FE5D4D-2129-4A80-B807-3394670D2B14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7AF72695-1DCE-40D2-8B00-9F43872CAE9E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{58D8F0A2-EA3F-42E9-8E80-DC8D20C21CED}C:\program files (x86)\logmein ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein ignition\lmiignition.exe
FirewallRules: [UDP Query User{4402769C-36F7-4AED-9682-C563834A6BA0}C:\program files (x86)\logmein ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein ignition\lmiignition.exe
FirewallRules: [{71A8EF7F-EC4E-4034-A704-E825B4EA9F49}] => (Allow) LPort=49384
FirewallRules: [{E1F7B4C3-9119-46DB-9117-AAE5FFEC99B8}] => (Allow) LPort=5000
FirewallRules: [{7B0CB2F1-0228-4081-B443-9B03EB4463B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4A855208-1C2D-4AD7-997C-62367249E94C}] => (Allow) LPort=2869
FirewallRules: [{18298327-6A1A-4BB3-B212-C95EA99A50E6}] => (Allow) LPort=1900
FirewallRules: [{6F69F51A-0A4B-4F38-8731-194E3124255B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{0F13D120-B627-4479-BF00-9C512AE3C600}C:\users\suzanne\appdata\local\temp\g2_1826\g2viewer.exe] => (Allow) C:\users\suzanne\appdata\local\temp\g2_1826\g2viewer.exe
FirewallRules: [UDP Query User{028224AD-E439-4657-A5AC-9562C1035FED}C:\users\suzanne\appdata\local\temp\g2_1826\g2viewer.exe] => (Allow) C:\users\suzanne\appdata\local\temp\g2_1826\g2viewer.exe
FirewallRules: [{4A41CC16-99B3-4869-9F40-7F7FCA0D1336}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{96BECEC8-C48A-4B9B-B6E7-0E9B28B08B26}C:\users\suzanne\appdata\local\temp\g2_1875\g2viewer.exe] => (Allow) C:\users\suzanne\appdata\local\temp\g2_1875\g2viewer.exe
FirewallRules: [UDP Query User{15CE6E14-27AE-4F1B-82AB-40680753D602}C:\users\suzanne\appdata\local\temp\g2_1875\g2viewer.exe] => (Allow) C:\users\suzanne\appdata\local\temp\g2_1875\g2viewer.exe
FirewallRules: [TCP Query User{89D3265B-BB7B-410D-B259-7EA747FA1386}C:\program files\esri\cityengine2016.0\cityengine.exe] => (Allow) C:\program files\esri\cityengine2016.0\cityengine.exe
FirewallRules: [UDP Query User{9A2A33F9-F5FA-42F3-AA18-83D84CE63C12}C:\program files\esri\cityengine2016.0\cityengine.exe] => (Allow) C:\program files\esri\cityengine2016.0\cityengine.exe
FirewallRules: [TCP Query User{1429D159-427C-44DE-93EC-9CDA37841971}C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [UDP Query User{5293B334-C0B4-400D-BD84-54557DD9465B}C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [{DA9B2384-EFC5-4F09-B4F7-BC349D18D701}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{97284FD0-7786-4CB2-89B3-EDFC047DD166}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3D6C4DCB-D476-41B7-BA83-8A2B70ACE023}] => (Allow) LPort=49265
FirewallRules: [{0CC91500-002A-4D41-B0B4-5523DBBEE0F6}] => (Allow) C:\Program Files\FME\fme.exe
FirewallRules: [{9AF969F5-A10B-4B61-B44C-296DE23664B9}] => (Allow) LPort=3389
FirewallRules: [{C66743B9-C5BF-4B60-8FF4-B16356BC9521}] => (Allow) LPort=443
FirewallRules: [{21DEDBCE-7291-4012-828A-B5536B025A0E}] => (Allow) LPort=443
FirewallRules: [{8FAFAC91-9911-4ACC-A07A-E1EB32FF4382}] => (Allow) LPort=443
FirewallRules: [{DB9B0B58-343A-483B-BB9A-D3C61817B2B6}] => (Allow) LPort=443
FirewallRules: [{81B805D5-9DA0-4078-B38E-7EB1D72198BA}] => (Allow) LPort=443
FirewallRules: [{EC95BDCC-0E2B-4806-BA68-E63AE97F21C9}] => (Allow) LPort=443
FirewallRules: [{1F5EFC2F-C3C2-4433-9248-D1D2C954819B}] => (Allow) C:\Users\Suzanne\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{4FFC1687-42E8-4AA2-8A72-2FE7264159B9}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe
FirewallRules: [{153D02CF-2359-4776-86E8-E89CEE3E760B}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe
FirewallRules: [{E00F2F2F-495E-4A41-9DEC-671E3661C32A}] => (Allow) LPort=49166
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Restore Points =========================
31-10-2016 10:30:17 Removed HP FWUpdateEDO3
31-10-2016 13:44:15 Windows Update
02-11-2016 03:00:11 Windows Update
03-11-2016 03:00:11 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/03/2016 03:33:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Photoshop.exe version 10.0.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 664
Start Time: 01d2361f5baf2f93
Termination Time: 60000
Application Path: C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
Report Id: 5d98212d-a215-11e6-9f94-bc305bd66386
Error: (11/03/2016 10:23:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rundll32.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2450
Start Time: 01d235f6c50d1c1a
Termination Time: 5
Application Path: C:\Windows\System32\rundll32.exe
Report Id: 3118d096-a1ea-11e6-9f94-bc305bd66386
Error: (11/03/2016 03:02:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7601.17777, time stamp: 0x4f35fc1d
Faulting module name: hppdcompio.dll, version: 1.3.0.24, time stamp: 0x4c9685da
Exception code: 0xc0000417
Fault offset: 0x000000000000552c
Faulting process id: 0x1ee4
Faulting application start time: 0x01d234f04f1ac6d3
Faulting application path: C:\Windows\System32\spoolsv.exe
Faulting module path: C:\Windows\system32\spool\DRIVERS\x64\3\hppdcompio.dll
Report Id: 95f2eb3a-a1ac-11e6-9f94-bc305bd66386
Error: (11/02/2016 03:02:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7601.17777, time stamp: 0x4f35fc1d
Faulting module name: hppdcompio.dll, version: 1.3.0.24, time stamp: 0x4c9685da
Exception code: 0xc0000417
Fault offset: 0x000000000000552c
Faulting process id: 0x654
Faulting application start time: 0x01d2345a893813a6
Faulting application path: C:\Windows\System32\spoolsv.exe
Faulting module path: C:\Windows\system32\spool\DRIVERS\x64\3\hppdcompio.dll
Report Id: 65f2d74a-a0e3-11e6-9f94-bc305bd66386
Error: (10/31/2016 10:35:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 2.15.599.0, time stamp: 0x4cc5ee57
Faulting module name: hppccompio.DLL, version: 1.3.0.24, time stamp: 0x4c9685d0
Exception code: 0xc0000417
Fault offset: 0x000073bf
Faulting process id: 0xb14
Faulting application start time: 0x01d2339d3202c95f
Faulting application path: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Faulting module path: C:\Windows\system32\hppccompio.DLL
Report Id: 7042091e-9f90-11e6-8663-bc305bd66386
Error: (10/31/2016 10:35:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 2.15.599.0, time stamp: 0x4cc5ee57
Faulting module name: hppccompio.DLL, version: 1.3.0.24, time stamp: 0x4c9685d0
Exception code: 0xc0000417
Fault offset: 0x000073bf
Faulting process id: 0x8e4
Faulting application start time: 0x01d2339d2b45ae8c
Faulting application path: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Faulting module path: C:\Windows\system32\hppccompio.DLL
Report Id: 69795560-9f90-11e6-8663-bc305bd66386
Error: (10/31/2016 10:35:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 2.15.599.0, time stamp: 0x4cc5ee57
Faulting module name: hppccompio.DLL, version: 1.3.0.24, time stamp: 0x4c9685d0
Exception code: 0xc0000417
Fault offset: 0x000073bf
Faulting process id: 0x11f8
Faulting application start time: 0x01d2339d2488baca
Faulting application path: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Faulting module path: C:\Windows\system32\hppccompio.DLL
Report Id: 62be0f54-9f90-11e6-8663-bc305bd66386
Error: (10/31/2016 10:35:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 2.15.599.0, time stamp: 0x4cc5ee57
Faulting module name: hppccompio.DLL, version: 1.3.0.24, time stamp: 0x4c9685d0
Exception code: 0xc0000417
Fault offset: 0x000073bf
Faulting process id: 0xd0c
Faulting application start time: 0x01d2339d1dcb51d7
Faulting application path: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Faulting module path: C:\Windows\system32\hppccompio.DLL
Report Id: 5bffbbfd-9f90-11e6-8663-bc305bd66386
Error: (10/31/2016 10:34:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 2.15.599.0, time stamp: 0x4cc5ee57
Faulting module name: hppccompio.DLL, version: 1.3.0.24, time stamp: 0x4c9685d0
Exception code: 0xc0000417
Fault offset: 0x000073bf
Faulting process id: 0x43c
Faulting application start time: 0x01d2339d170de8e3
Faulting application path: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Faulting module path: C:\Windows\system32\hppccompio.DLL
Report Id: 554427d0-9f90-11e6-8663-bc305bd66386
Error: (10/31/2016 10:34:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPLaserJetService.exe, version: 2.15.599.0, time stamp: 0x4cc5ee57
Faulting module name: hppccompio.DLL, version: 1.3.0.24, time stamp: 0x4c9685d0
Exception code: 0xc0000417
Fault offset: 0x000073bf
Faulting process id: 0x19ac
Faulting application start time: 0x01d2339d10507ff0
Faulting application path: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
Faulting module path: C:\Windows\system32\hppccompio.DLL
Report Id: 4e8697cc-9f90-11e6-8663-bc305bd66386
System errors:
=============
Error: (11/03/2016 04:06:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Sentinel service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Error: (11/03/2016 04:02:07 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends the following service: TBS. This service might not be installed.
Error: (11/03/2016 04:00:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (11/03/2016 03:44:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Sentinel service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Error: (11/03/2016 03:39:36 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends the following service: TBS. This service might not be installed.
Error: (11/03/2016 10:16:35 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (11/03/2016 10:16:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Modules Installer service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/03/2016 10:16:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
Error: (11/03/2016 03:04:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706be: HP - Printers - HP LaserJet Professional CP1520 Series PCL 6.
Error: (11/03/2016 03:02:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2016-11-03 16:06:53.877
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-03 16:06:53.647
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-03 15:44:38.068
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-03 15:44:37.898
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-01 09:12:23.699
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-01 09:12:23.528
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-31 14:54:41.728
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-31 14:54:41.541
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-31 12:33:50.160
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-31 12:33:49.960
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Xeon® CPU W3530 @ 2.80GHz
Percentage of memory in use: 58%
Total physical RAM: 6141.55 MB
Available physical RAM: 2572 MB
Total Virtual: 12281.29 MB
Available Virtual: 8634.39 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:464.99 GB) (Free:141.26 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: C648A420)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=750 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by skysuz, 03 November 2016 - 05:25 PM.