My friends are having trouble with a slow computer. Currently Avast is installed but I'm going to switch it over to BitDefender Free after the cleanup.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by the Hoff (administrator) on THEHOFF-PC (09-08-2015 12:38:07)
Running from C:\Users\the Hoff\Desktop
Loaded Profiles: the Hoff (Available Profiles: the Hoff)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\[]TOOLS[]\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Stardock Corporation) C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe
(Actual Tools) C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Actual Tools) C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter64.exe
(AVAST Software) C:\Program Files\[]TOOLS[]\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Actual Tools) C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsShellCenter64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\[]TOOLS[]\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [CursorFX] => C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe [417280 2010-03-23] (Stardock Corporation)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [Actual Multiple Monitors] => C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1782576 2013-09-19] (Actual Tools)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5404296 2015-03-13] (Plex, Inc.)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [Dropbox Update] => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
Startup: C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\[]TOOLS[]\Avast\ashShA64.dll [2015-07-31] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-23] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
SearchScopes: HKLM -> {5807584B-75B6-465D-88B0-3C4AC684276C} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {B01640CD-4AE7-4121-9097-F4E61054E570} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3472861432-3466800176-631802751-1001 -> {B01640CD-4AE7-4121-9097-F4E61054E570} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\[]TOOLS[]\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\[]TOOLS[]\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B0B045C6-0DBA-4926-8B56-159FF565315A}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: chrome://fastdial/content/fastdial.html
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[]TOOLS[]\PDF-XChange\npPDFXCviewNPPlugin.dll [2011-02-15] (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2013-04-19] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[]TOOLS[]\PDF-XChange\Win32\npPDFXCviewNPPlugin.dll [2011-02-15] (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.7 -> C:\Program Files (x86)\[]TOOLS[]\VLC\npvlc.dll [2011-01-30] (the VideoLAN Team)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3472861432-3466800176-631802751-1001: @citrixonline.com/appdetectorplugin -> C:\Users\the Hoff\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-12-15] (Citrix Online)
FF Plugin HKU\S-1-5-21-3472861432-3466800176-631802751-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll [2012-10-24] (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\searchplugins\imdb.xml [2015-01-31]
FF SearchPlugin: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\searchplugins\mycroft-project.xml [2013-09-26]
FF SearchPlugin: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\searchplugins\youtube.xml [2014-12-12]
FF Extension: Fast Dial - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-05-29]
FF Extension: LastPass - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-07-17]
FF Extension: Flashblock - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29]
FF Extension: FEBE - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-29]
FF Extension: Aquatint Slate - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{526fd696-27a0-11dc-8314-0800200c9a66} [2011-03-03]
FF Extension: Aquatint Black - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2011-03-03]
FF Extension: Noia 2.0 (eXtreme) - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2011-03-09]
FF Extension: Gradient iBlu - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{bf70ba50-e70d-11dd-ba2f-0800200c9a66} [2011-03-03]
FF Extension: Gradient iCool - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2011-03-03]
FF Extension: YouTube Video and Audio Downloader - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-01-21]
FF Extension: Gmail Manager NG - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-04-20]
FF Extension: Webmail Ad Blocker - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2011-06-26]
FF Extension: Google Image Help - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-01-21]
FF Extension: Weather Forecast - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-01-21]
FF Extension: Menu Icons Plus - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-01-21]
FF Extension: Restartless Restart - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2013-09-19]
FF Extension: Download Manager (S3) - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-01-21]
FF Extension: Super Drag - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2015-01-21]
FF Extension: Thumbnail Zoom Plus - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2013-09-19]
FF Extension: Undo Closed Tabs Button - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\[email protected] [2011-06-26]
FF Extension: Session Manager - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2011-08-03]
FF Extension: Image Zoom - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2013-04-15]
FF Extension: Nuke Anything Enhanced - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2014-10-19]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2011-06-26]
FF Extension: Unhide Passwords - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi [2012-06-07]
FF Extension: Text Link - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2012-12-29]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2013-05-24]
FF Extension: Google Image Search - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2015-01-21]
FF Extension: Video DownloadHelper - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16]
FF Extension: Show my Password - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2015-04-20]
FF Extension: Adblock Plus - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-01]
FF Extension: MileWideBack - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{dc0fa13c-3dae-73eb-e852-912722c852f9}.xpi [2011-10-16]
FF Extension: DownThemAll! - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-26]
FF Extension: Greasemonkey - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\[]TOOLS[]\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\[]TOOLS[]\Avast\WebRep\FF [2011-03-03]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-12]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\[]TOOLS[]\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\[]TOOLS[]\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-26]
CHR Extension: (Avast Online Security) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-12]
CHR Extension: (Google Wallet) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR HKU\S-1-5-21-3472861432-3466800176-631802751-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\THEHOF~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-10]
CHR HKU\S-1-5-21-3472861432-3466800176-631802751-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\[]TOOLS[]\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\[]TOOLS[]\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\[]TOOLS[]\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-09 12:38 - 2015-08-09 12:38 - 00030843 _____ C:\Users\the Hoff\Desktop\FRST.txt
2015-08-09 12:35 - 2015-08-09 12:38 - 00000000 ____D C:\FRST
2015-08-09 12:35 - 2015-08-09 12:35 - 00000000 ____D C:\Users\the Hoff\Desktop\FRST-OlderVersion
2015-08-09 12:32 - 2015-08-09 12:33 - 00000000 ____D C:\Users\the Hoff\Desktop\clutter2
2015-08-09 12:31 - 2015-08-09 12:35 - 02171392 _____ (Farbar) C:\Users\the Hoff\Desktop\FRST64.exe
2015-07-31 19:22 - 2015-07-31 19:22 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-07-31 19:22 - 2015-07-31 19:22 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-07-29 21:02 - 2015-07-29 21:02 - 00000000 ____D C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 19:12 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-28 19:12 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-28 19:12 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-28 19:12 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-28 19:12 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-28 19:12 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-28 19:12 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-28 19:12 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-23 10:36 - 2015-07-23 10:36 - 00001715 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-23 10:34 - 2015-07-23 10:36 - 00000000 ____D C:\Program Files\iTunes
2015-07-23 10:34 - 2015-07-23 10:34 - 00000000 ____D C:\Program Files\iPod
2015-07-22 20:51 - 2015-08-03 14:16 - 00000000 ____D C:\Users\the Hoff\Desktop\ringtone
2015-07-22 20:44 - 2015-08-03 21:21 - 00000000 ____D C:\Users\the Hoff\Desktop\NORWEX
2015-07-21 18:34 - 2015-07-21 18:34 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-20 22:48 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-20 22:48 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-20 22:48 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-20 22:48 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-20 22:48 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-20 22:48 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-20 22:48 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-20 22:48 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-20 22:48 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-20 22:48 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-14 14:59 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-14 14:59 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-14 14:59 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-14 14:59 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-14 14:59 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-14 14:59 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-14 14:59 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-14 14:59 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-14 14:59 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-14 14:59 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-14 14:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-14 14:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-14 14:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-14 14:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-14 14:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-14 14:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-14 14:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-14 14:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-14 14:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-14 14:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-14 14:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-14 14:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-14 14:58 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-14 14:58 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-14 14:58 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-14 14:58 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-14 14:58 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-14 14:58 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-14 14:58 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-14 14:58 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-14 14:58 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 14:55 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-14 14:55 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-14 14:55 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-14 14:55 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-14 14:55 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-14 14:55 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-14 14:55 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-14 14:55 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-14 14:55 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-14 14:55 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-14 14:55 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-14 14:55 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-14 14:55 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-14 14:55 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-14 14:55 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 14:55 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-14 14:55 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-14 14:55 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-14 14:55 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-14 14:55 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-14 14:55 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-14 14:55 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-14 14:55 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-14 14:55 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-14 14:55 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-14 14:55 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-14 14:55 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-14 14:55 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-14 14:55 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-14 14:55 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-14 14:55 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-14 14:55 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-14 14:55 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-14 14:55 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 14:55 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-14 14:55 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-14 14:55 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-14 14:55 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-14 14:55 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-14 14:55 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-14 14:55 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-14 14:55 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-14 14:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-14 14:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-14 14:50 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-14 14:50 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-14 14:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-14 14:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-14 14:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-14 14:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-14 14:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-14 14:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-14 14:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-14 14:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-14 14:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-14 14:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-14 14:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-14 14:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-14 14:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-14 14:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-14 14:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-14 14:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-14 14:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-14 14:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-14 14:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-14 14:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-14 14:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-14 14:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-14 14:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-14 14:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-14 14:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-14 14:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-14 14:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-14 14:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-14 14:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-14 14:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-14 14:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-14 14:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-14 14:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-14 14:50 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-14 14:50 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-14 14:50 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-14 14:50 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-14 14:50 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-14 14:50 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-14 14:50 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-14 14:50 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-09 12:35 - 2009-07-13 21:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-09 12:35 - 2009-07-13 21:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-09 12:33 - 2011-06-30 21:11 - 00000000 ____D C:\Users\the Hoff\AppData\Local\Adobe
2015-08-09 12:33 - 2011-03-03 17:00 - 00000000 ____D C:\Users\the Hoff\AppData\Roaming\TeraCopy
2015-08-09 12:23 - 2013-10-01 13:45 - 01160963 _____ C:\windows\WindowsUpdate.log
2015-08-09 12:21 - 2011-03-04 11:14 - 00000000 ___RD C:\Users\the Hoff\Dropbox
2015-08-09 12:20 - 2012-05-13 17:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 12:20 - 2011-03-04 11:11 - 00000000 ____D C:\Users\the Hoff\AppData\Roaming\Dropbox
2015-08-09 12:20 - 2011-03-03 13:38 - 00000000 ____D C:\Program Files (x86)\[]TOOLS[]
2015-08-09 12:17 - 2013-02-06 21:37 - 00000000 ___RD C:\Users\the Hoff\Google Drive
2015-08-09 12:17 - 2012-02-20 15:35 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-09 12:15 - 2015-06-30 11:02 - 00020464 _____ C:\windows\setupact.log
2015-08-09 12:15 - 2015-03-01 23:20 - 00000248 _____ C:\windows\Tasks\AutoKMS.job
2015-08-09 12:15 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-09 12:14 - 2015-07-04 14:35 - 00084586 _____ C:\windows\PFRO.log
2015-08-08 23:15 - 2012-02-20 15:35 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-08 23:10 - 2015-02-01 00:02 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-08 22:49 - 2014-12-15 12:10 - 00000544 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001.job
2015-08-08 22:46 - 2015-06-16 20:35 - 00000930 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001UA.job
2015-08-08 22:20 - 2015-03-01 23:20 - 00000248 _____ C:\windows\Tasks\AutoKMSDaily.job
2015-08-08 21:35 - 2015-05-31 07:45 - 00000640 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-3472861432-3466800176-631802751-1001.job
2015-08-07 23:46 - 2015-06-16 20:35 - 00000878 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001Core.job
2015-08-05 09:28 - 2015-05-31 07:45 - 00003680 _____ C:\windows\System32\Tasks\G2MUploadTask-S-1-5-21-3472861432-3466800176-631802751-1001
2015-08-05 09:28 - 2014-12-15 12:10 - 00003584 _____ C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001
2015-08-04 16:49 - 2011-03-04 13:47 - 00000000 ____D C:\Users\the Hoff\AppData\Local\CrashDumps
2015-08-03 21:21 - 2014-08-24 12:34 - 00000000 ____D C:\Users\the Hoff\Desktop\Norwex stuff
2015-07-31 19:23 - 2012-07-05 06:19 - 00003914 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-07-31 19:22 - 2014-04-22 12:38 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-07-31 19:22 - 2013-12-25 21:06 - 00150672 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-07-31 19:22 - 2013-03-05 09:44 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-07-31 19:22 - 2013-03-05 09:44 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-07-31 19:22 - 2012-02-24 06:42 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-07-31 19:22 - 2011-03-03 15:29 - 01048856 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2015-07-31 19:22 - 2011-03-03 15:29 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-07-31 19:22 - 2011-03-03 15:29 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-07-29 21:21 - 2009-07-13 22:13 - 00786578 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-29 03:00 - 2014-05-07 03:01 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-25 18:01 - 2015-04-04 22:45 - 00000000 ____D C:\Users\the Hoff\dwhelper
2015-07-25 17:28 - 2015-04-04 22:55 - 00000000 ___SD C:\windows\system32\GWX
2015-07-23 10:36 - 2013-09-10 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-23 10:34 - 2015-02-19 20:12 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-23 10:34 - 2014-09-16 18:57 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-23 10:34 - 2011-03-04 07:57 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-22 20:50 - 2015-05-24 10:37 - 00000000 ____D C:\Users\the Hoff\Desktop\Pictures off Mandy's Camera 5-24-15
2015-07-21 03:22 - 2009-07-13 21:45 - 00421160 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-17 23:41 - 2015-06-16 20:35 - 00003910 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001UA
2015-07-17 23:41 - 2015-06-16 20:35 - 00003514 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001Core
2015-07-17 13:28 - 2014-04-17 22:05 - 00000000 ____D C:\Users\the Hoff\Documents\Calibre Library
2015-07-17 13:19 - 2013-02-06 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-16 03:04 - 2015-04-04 22:55 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-15 22:35 - 2011-04-01 22:28 - 00000000 ____D C:\Users\the Hoff\AppData\Roaming\vlc
2015-07-15 20:10 - 2012-02-20 15:35 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 20:10 - 2012-02-20 15:35 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 13:02 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2015-07-15 10:30 - 2013-01-09 23:23 - 00000000 ____D C:\Users\the Hoff\Documents\Makenna Fall 2012
2015-07-15 10:01 - 2014-12-10 04:51 - 00000000 ____D C:\windows\system32\appraiser
2015-07-15 10:01 - 2009-07-13 20:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-14 21:54 - 2011-03-04 10:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-14 21:41 - 2013-08-14 03:03 - 00000000 ____D C:\windows\system32\MRT
2015-07-14 14:11 - 2015-02-01 00:02 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 14:11 - 2015-02-01 00:02 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 14:11 - 2015-02-01 00:02 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2011-08-12 21:20 - 2013-07-30 19:41 - 0007680 _____ () C:\Users\the Hoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Users\the Hoff\AppData\Local\Temp\ammemb.dll
C:\Users\the Hoff\AppData\Local\Temp\ammemb64.dll
C:\Users\the Hoff\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu8dxh0.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-02 00:23
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by the Hoff (2015-08-09 12:38:53)
Running from C:\Users\the Hoff\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3472861432-3466800176-631802751-500 - Administrator - Disabled)
Guest (S-1-5-21-3472861432-3466800176-631802751-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3472861432-3466800176-631802751-1006 - Limited - Enabled)
the Hoff (S-1-5-21-3472861432-3466800176-631802751-1001 - Administrator - Enabled) => C:\Users\the Hoff
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Actual Multiple Monitors 8.0 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.0 - Actual Tools)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Aleks 3.14 (HKLM-x32\...\Aleks 3.14) (Version: - )
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{09076BCB-56D7-483C-969E-1723E9FC3F4E}) (Version: 1.32.0 - Kovid Goyal)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon Inkjet Printer Driver Add-On Module V2.00 (HKLM\...\CANONIJINBOXADDON200) (Version: - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MX300 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{A08A6B7D-1F21-4843-85A3-77B8D15FAE0E}) (Version: 1.0.244 - Citrix)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: - Elaborate Bytes)
CursorFX (HKLM-x32\...\CursorFX) (Version: - Stardock Corporation)
CursorFX (x32 Version: 2.00 - Stardock Corporation) Hidden
dBpoweramp [Calculate Audio CRC] Codec (HKLM-x32\...\dBpoweramp [Calculate Audio CRC] Codec) (Version: - )
dBpoweramp [Multi Encoder] Codec (HKLM-x32\...\dBpoweramp [Multi Encoder] Codec) (Version: Release 2 - Illustrate)
dBpoweramp [ReplayGain] Codec (HKLM-x32\...\dBpoweramp [ReplayGain] Codec) (Version: - )
dBpoweramp AAC Encoder (HKLM-x32\...\dBpoweramp AAC Encoder) (Version: - )
dBpoweramp CLI Encoder (HKLM-x32\...\dBpoweramp CLI Encoder) (Version: - )
dBpoweramp Dalet Codec (HKLM-x32\...\dBpoweramp Dalet Codec) (Version: - )
dBpoweramp FLAC Codec (HKLM-x32\...\dBpoweramp FLAC Codec) (Version: - )
dBpoweramp m4a Codec (HKLM-x32\...\dBpoweramp m4a Codec) (Version: Release 7 - Illustrate)
dBpoweramp m4a Utilities (HKLM-x32\...\dBpoweramp m4a Utilities) (Version: - )
dBpoweramp Monkeys Audio Codec (HKLM-x32\...\dBpoweramp Monkeys Audio Codec) (Version: - )
dBpoweramp Mp2 and BwfMp2 codec (HKLM-x32\...\dBpoweramp Mp2 and BwfMp2 codec) (Version: - )
dBpoweramp mp3 (Fraunhofer IIS) Codec (HKLM-x32\...\dBpoweramp mp3 (Fraunhofer IIS) Codec) (Version: Release 2 (v4.0.3) - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 13.1 - Illustrate)
dBpoweramp Ogg Vorbis Codec (HKLM-x32\...\dBpoweramp Ogg Vorbis Codec) (Version: - )
dBpoweramp Real Audio (Helix) Encoder (HKLM-x32\...\dBpoweramp Real Audio (Helix) Encoder) (Version: - )
dBPoweramp tooLame MP2 codec (HKLM-x32\...\dBPoweramp tooLame MP2 codec) (Version: - )
dBpoweramp Wave64 Codec (HKLM-x32\...\dBpoweramp Wave64 Codec) (Version: - )
dBpoweramp WavPack Codec (HKLM-x32\...\dBpoweramp WavPack Codec) (Version: - )
dBpoweramp Windows Media Audio 10 Codec (HKLM-x32\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 5 - Illustrate)
Dropbox (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
DVDFab 8.0.6.1 (18/12/2010) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
GetDiz 4.5 (HKLM-x32\...\GetDiz 4.5) (Version: 4.5 - Outertech)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GoToMeeting 7.2.4.3164 (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\GoToMeeting) (Version: 7.2.4.3164 - CitrixOnline)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
JumpStart Languages (HKLM-x32\...\JumpStart Languages) (Version: - )
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets & Trips 2010 (HKLM-x32\...\{C82185E8-C27B-4EF4-2010-4444BC2C2B6D}) (Version: 17.0.19.2900 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
PDF-XChange Viewer (HKLM\...\{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}) (Version: 2.5.193.0 - Tracker Software Products Ltd.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{52d63919-7661-4c1c-a688-cb684f374881}) (Version: 0.9.1116 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1116 - Plex, Inc.) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Quicken WillMaker Plus 2014 (HKLM-x32\...\{44160FDE-C190-45C1-B8E1-23F00228E572}) (Version: 1.0.0.0 - Nolo)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Revo Uninstaller 1.91 (HKLM-x32\...\Revo Uninstaller) (Version: 1.91 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spotify (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
TeraCopy 2.12 (HKLM\...\TeraCopy_is1) (Version: - Code Sector Inc.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.7 - Tweaking.com)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 2.0.6.9 - HTC)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-03-2015 03:00:13 Windows Update
31-03-2015 02:08:34 Windows Update
03-04-2015 12:41:55 Windows Update
04-04-2015 22:55:17 Windows Update
10-04-2015 02:32:29 Windows Update
14-04-2015 03:21:05 Windows Update
15-04-2015 03:00:30 Windows Update
20-04-2015 15:54:26 Windows Update
24-04-2015 00:50:33 Windows Update
24-04-2015 22:42:37 avast! antivirus system restore point
26-04-2015 12:25:46 Plex Media Server
26-04-2015 12:30:58 Plex Media Server
28-04-2015 04:05:21 Windows Update
01-05-2015 12:56:09 Windows Update
05-05-2015 16:58:08 Windows Update
12-05-2015 04:47:22 Windows Update
12-05-2015 23:07:54 Windows Update
13-05-2015 11:19:26 Windows Update
19-05-2015 04:44:28 Windows Update
19-05-2015 19:13:03 Installed Quicken WillMaker Plus 2014
20-05-2015 03:00:13 Windows Update
26-05-2015 11:31:02 Windows Update
29-05-2015 21:22:23 Removed WTS3_iLGs
02-06-2015 05:25:46 Windows Update
09-06-2015 12:21:11 Scheduled Checkpoint
09-06-2015 18:16:05 Windows Update
10-06-2015 03:01:07 Windows Update
13-06-2015 14:10:45 Windows Update
19-06-2015 02:38:59 Windows Update
23-06-2015 10:24:35 Windows Update
26-06-2015 14:50:36 Windows Update
30-06-2015 02:32:28 Windows Update
04-07-2015 14:58:21 Windows Update
10-07-2015 04:19:54 Windows Update
14-07-2015 14:45:30 Windows Update
14-07-2015 21:40:43 Windows Update
16-07-2015 03:03:17 Windows Update
20-07-2015 13:23:38 avast! antivirus system restore point
20-07-2015 22:44:33 Windows Update
21-07-2015 03:00:10 Windows Update
23-07-2015 10:31:42 Installed iTunes
24-07-2015 05:08:10 Windows Update
28-07-2015 19:13:09 Windows Update
29-07-2015 03:00:11 Windows Update
31-07-2015 19:21:35 avast! antivirus system restore point
04-08-2015 03:16:17 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2013-09-25 13:25 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12A83DF3-8D6F-40A3-AFA4-6E482BCE9251} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {1678C4F8-485F-493A-A5B5-C07709444E6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {184FC201-EE9F-4ACB-A34E-F93250F8FD28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {3069410F-04F7-46F2-B21A-594F8EF36BB8} - System32\Tasks\avast! Emergency Update => C:\Program Files\[]TOOLS[]\Avast\AvastEmUpdate.exe [2015-07-31] (AVAST Software)
Task: {37C24772-6096-4852-9F2F-9BD112FA9BEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {3E75F997-9576-46F1-9FD6-B72B45C280DB} - System32\Tasks\AdobeAAMUpdater-1.0-theHoff-PC-the Hoff => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {61D5FAE9-2E2B-44D5-9798-B660CA7647A1} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {6CA54804-74C3-4865-AE4C-E14A575CAE65} - System32\Tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\3164\g2mupdate.exe [2015-08-05] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {6CC22947-C959-4F4A-9C1A-4694BE0AB57C} - System32\Tasks\{745A26DB-0E8C-449F-925B-FF4D22A4369A} => pcalua.exe -a C:\Windows\UnJSLang.exe -d C:\windows
Task: {6E4F472F-CA1B-4975-B1E2-425CE3DCBE7A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {7220FC43-43BD-4A4D-9C9E-03D115747650} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {81759849-BAC2-4560-B379-F29B7FEF9FF4} - System32\Tasks\G2MUploadTask-S-1-5-21-3472861432-3466800176-631802751-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\3164\g2mupload.exe [2015-08-05] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {99BF1AB0-AF5C-47C5-9E0D-217DE75D449E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {A942DC52-D8BA-424C-A4D6-090C17D4E6EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AA84109C-B609-49BC-BA4A-0EB05A8A999F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001UA => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {ABDE922D-66AF-4C31-88EF-89D9D4DCFB97} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {B527F042-33F2-4252-8A9B-3D7149FAAE8A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C07B0ED4-21B5-4B66-9E4C-E9583ECC7ED0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D7DB9198-81B0-429C-BF2C-8FDA5FE6E823} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001Core => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FEEBFBA3-7517-48F0-9623-3922637009F1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001Core.job => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001UA.job => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\3164\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-3472861432-3466800176-631802751-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\3164\g2mupload.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2011-03-03 16:36 - 2009-06-21 08:52 - 00318976 _____ () C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt64.dll
2011-03-03 16:36 - 2009-06-22 04:27 - 00126464 _____ () C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopy64.dll
2013-04-30 00:25 - 2013-04-30 00:25 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 17:03 - 2012-03-05 17:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 15:53 - 2012-02-16 15:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-31 19:22 - 2015-07-31 19:22 - 00102864 _____ () C:\Program Files\[]TOOLS[]\Avast\log.dll
2015-07-31 19:22 - 2015-07-31 19:22 - 00123976 _____ () C:\Program Files\[]TOOLS[]\Avast\JsonRpcServer.dll
2015-08-08 12:15 - 2015-08-08 12:15 - 02960384 _____ () C:\Program Files\[]TOOLS[]\Avast\defs\15080801\algo.dll
2015-08-09 12:28 - 2015-08-09 12:28 - 02960384 _____ () C:\Program Files\[]TOOLS[]\Avast\defs\15080900\algo.dll
2010-03-23 07:17 - 2010-03-23 07:17 - 00059904 _____ () C:\Program Files (x86)\[]TOOLS[]\CursorFX\zlib1.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 01883784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2015-08-09 12:17 - 2015-08-09 12:17 - 00071168 _____ () c:\Users\the Hoff\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu8dxh0.dll
2015-03-04 14:45 - 2015-07-16 17:31 - 00012800 _____ () C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 14:45 - 2015-07-16 17:31 - 00779776 _____ () C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-29 21:02 - 2015-07-16 17:31 - 00056320 _____ () C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 14:45 - 2015-07-16 17:31 - 00012288 _____ () C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-03-17 03:33 - 2015-03-17 03:33 - 40540672 _____ () C:\Program Files\[]TOOLS[]\Avast\libcef.dll
2015-08-09 12:16 - 2015-08-09 12:16 - 00098816 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32api.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00110080 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\pywintypes27.dll
2015-08-09 12:16 - 2015-08-09 12:16 - 00364544 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\pythoncom27.dll
2015-08-09 12:16 - 2015-08-09 12:16 - 00045568 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_socket.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 01161216 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_ssl.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00320512 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32com.shell.shell.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00713216 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_hashlib.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 01175040 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._core_.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00805888 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._gdi_.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00811008 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._windows_.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 01062400 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._controls_.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00735232 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._misc_.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00682496 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\pysqlite2._sqlite.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00087552 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_ctypes.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00119808 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32file.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00108544 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32security.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00007168 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\hashobjs_ext.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00068096 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\usb_ext.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00167936 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32gui.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00018432 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32event.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00128512 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_elementtree.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00127488 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\pyexpat.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00013824 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\common.time34.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00036864 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_psutil_windows.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00038912 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32inet.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00011264 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32crypt.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00070656 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._html2.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00027136 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_multiprocessing.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00020480 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\_yappi.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00035840 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32process.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00686080 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\unicodedata.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00122368 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._wizard.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00024064 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32pipe.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00010240 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\select.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00025600 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32pdh.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00525640 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\windows._lib_cacheinvalidation.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00017408 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32profile.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00022528 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\win32ts.pyd
2015-08-09 12:16 - 2015-08-09 12:16 - 00078336 _____ () C:\Users\the Hoff\AppData\Local\Temp\_MEI5162\wx._animate.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2015-03-13 12:52 - 2015-03-13 12:52 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2015-03-13 12:52 - 2015-03-13 12:52 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2015-07-16 14:11 - 2015-07-16 14:11 - 01020928 _____ () C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^the Hoff^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: PhotoshopElements8SyncAgent => C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\[]TOOLS[]\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => "C:\Users\the Hoff\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\the Hoff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VMM Mode Selection => C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0D153C91-2B50-40D6-B962-3FDD5FE33C54}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C771021-44CE-45D1-B4CC-6E5A66610E25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{48F16599-8208-489A-BF7F-63DADD51B6B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA3B7216-5D48-4947-AD18-0A4E4BD1E1B6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{951FE704-D88D-4A9D-AD18-AE2C1AB6DB6D}] => (Allow) C:\Users\the Hoff\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C3F83AE7-548F-4762-88F9-6ECC9884A5F5}] => (Allow) C:\Users\the Hoff\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{1470F669-E299-4C1D-A5ED-48E3F02F1038}] => (Allow) C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exe
FirewallRules: [{8B3C2074-FD8A-4DF9-B48A-C760CCCA6080}] => (Allow) C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4E7329C7-7A4D-48DB-B025-4AD6E04D5007}C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{3B090D51-B296-424F-89EE-FC14DDE7059A}C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{249AFFA7-84D5-448E-BBE0-88D2E38DCB46}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{D49392A9-7C28-4BD8-BC08-A09B806A478A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{2973ECCA-14E4-4CDB-9E9A-2F73A7229390}C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5D83CA6B-8187-47AE-B691-D9FD4585CF25}C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\the hoff\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{52387D6F-B9C7-4185-A9A2-5451B261364D}C:\program files (x86)\[]tools[]\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\[]tools[]\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6DA4A43E-E3D6-4230-832C-C1D807852B4F}C:\program files (x86)\[]tools[]\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\[]tools[]\mozilla firefox\firefox.exe
FirewallRules: [{C00CFFAC-68C7-4A5D-9706-AD45FF3B0F3B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{05A2B2EE-B540-4BBC-B330-5C6A1756C93C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{DB68EB0D-5FF6-46F1-9997-FFFDD60B414C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{9F68EA6B-2534-46EB-9868-0A0E2742B814}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ABD83C8D-900A-413F-B401-7981E9AF4A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/08/2015 11:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x517f39a1
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x77c
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
Error: (08/04/2015 04:49:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ammemb.dll, version: 8.0.0.0, time stamp: 0x520d8f13
Exception code: 0xc0000005
Fault offset: 0x00001c3e
Faulting process id: 0x1b08
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Error: (07/29/2015 09:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x517f39a1
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x798
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
Error: (07/27/2015 09:52:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000
Error: (07/27/2015 09:52:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000
Error: (07/27/2015 09:52:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/27/2015 09:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001
Error: (07/27/2015 09:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9001
Error: (07/27/2015 09:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/27/2015 09:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003
System errors:
=============
Error: (08/08/2015 11:24:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/30/2015 11:03:25 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}
Error: (07/29/2015 09:35:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 08:36:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MYBOOKLIVE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B0B045C6-0DBA-4926-8B56-159FF565315A}.
The master browser is stopping or an election is being forced.
Error: (07/27/2015 01:00:16 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.0.2 with the system
having network hardware address 00-88-65-26-1B-D4. Network operations on this system may
be disrupted as a result.
Error: (07/26/2015 05:36:37 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MYBOOKLIVE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B0B045C6-0DBA-4926-8B56-159FF565315A}.
The master browser is stopping or an election is being forced.
Error: (07/26/2015 05:14:03 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.2.
The computer with the IP address 192.168.0.12 did not allow the name to be claimed by
this computer.
Error: (07/26/2015 04:56:50 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.2.
The computer with the IP address 192.168.0.12 did not allow the name to be claimed by
this computer.
Error: (07/26/2015 04:38:45 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MYBOOKLIVE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B0B045C6-0DBA-4926-8B56-159FF565315A}.
The master browser is stopping or an election is being forced.
Error: (07/26/2015 04:20:38 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MYBOOKLIVE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B0B045C6-0DBA-4926-8B56-159FF565315A}.
The master browser is stopping or an election is being forced.
Microsoft Office:
=========================
Error: (08/08/2015 11:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c177c01d0caf15fc811f4C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll53a2cec3-3e5f-11e5-b791-bcaec54f1b9f
Error: (08/04/2015 04:49:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe39.0.0.565955933a80ammemb.dll8.0.0.0520d8f13c000000500001c3e1b0801d0ce1e9ca2813bC:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exeC:\Users\THEHOF~1\AppData\Local\Temp\ammemb.dll6240dc63-3b03-11e5-b791-bcaec54f1b9f
Error: (07/29/2015 09:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c179801d0c7d4fcb29640C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll6c360a61-3674-11e5-8de9-bcaec54f1b9f
Error: (07/27/2015 09:52:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000
Error: (07/27/2015 09:52:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000
Error: (07/27/2015 09:52:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/27/2015 09:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001
Error: (07/27/2015 09:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9001
Error: (07/27/2015 09:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/27/2015 09:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003
CodeIntegrity:
===================================
Date: 2015-07-24 16:09:02.343
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-24 16:09:02.246
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-24 16:08:51.890
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-24 16:08:51.792
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Phenom II X4 955 Processor
Percentage of memory in use: 33%
Total physical RAM: 7934.18 MB
Available physical RAM: 5248.38 MB
Total Virtual: 15866.56 MB
Available Virtual: 13068.96 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1862.92 GB) (Free:318.84 GB) NTFS
Drive z: (Storage) (Fixed) (Total:3725.9 GB) (Free:2803.85 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 3726 GB) (Disk ID: 075A0ECB)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
==================== End of log ============================