Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8 Computer Affected With MPlayerX Virus and Possibly More


  • This topic is locked This topic is locked
9 replies to this topic

#1 mrmnew

mrmnew

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 12 February 2015 - 03:18 PM

My Google web browser opens automatically, and I am directed to MPlayerX download as well as other download pages that are telling me my computer is infected with viruses.  

My IE browser will open new tabs automatically with the same issues as with Google Chrome, but the browser will not start automatically as does Google Chrome.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015

Ran by Michael (administrator) on HP1 on 12-02-2015 14:10:04
Running from C:\Users\Michael\Downloads
Loaded Profiles: Michael & MSSQL$SQL2014 & MSSQLFDLauncher & MSSQLSERVER & MSSQLFDLauncher$SQL2014 (Available profiles: Michael & peloton & ReportServer$SQL2014 & MsDtsServer110 & MSSQL$SQL2014 & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & SQLSERVERAGENT & MSSQLSERVER & MSSQLFDLauncher$SQL2014)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Launch8\Launch8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Launch8\Launch8_64.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowFX\WindowFXSRV.exe
() C:\Program Files (x86)\Stardock\WindowFX\wfx32.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\DeskScapes8\Deskscapes64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Peloton Computer Enterprises Ltd.) C:\Peloton\Services\Integrator\MasterView Well Lifecycle Integrator 3.0.2015.01.09 (WellView 10.0 - SiteView 5.0 - RigView 4.0)\Peloton.AppFrame.Integrator.Service.exe
(Peloton Computer Enterprises Ltd.) C:\Peloton\Services\SyncHost\WellView9\App\WellView 9.0.20130912 app\system\bin\Peloton.AppFrame.SyncHost.Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Cisco WebEx LLC) C:\Program Files (x86)\WebEx\Productivity Tools\ptoneclk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Cisco WebEx LLC) C:\Program Files (x86)\WebEx\Productivity Tools\ptSrv.exe
() C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Pokki) C:\Users\Michael\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Pokki) C:\Users\Michael\AppData\Local\Pokki\Engine\HostAppService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\dthtml.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\nacl64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQL2014\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQL2014\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQL2014\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\Ssms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-07-13] (Hewlett-Packard )
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-27] (IDT, Inc.)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364544 2012-09-03] (IVT Corporation)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT HPO] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [120400 2012-08-16] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ScrewDrivers RDP Plugin] => C:\Program Files (x86)\triCerat\Simplify Printing\ScrewDrivers Client v4\install_rdp.exe [45384 2010-11-05] ()
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395616 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [PTOneClick] => C:\Program Files (x86)\WebEx\Productivity Tools\ptoneclk.exe [370704 2013-01-28] (Cisco WebEx LLC)
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [Google Update] => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-17] (Google Inc.)
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [Amazon Music] => C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [Wisdom-soft ScreenHunter 6.0 Free] => 0
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [ViStart] => C:\Users\Michael\AppData\Roaming\ViStart\ViStart.exe
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Run: [GoogleChromeAutoLaunch_1D7305B07635F8E0A4CF4B02D1C53C4D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\RunOnce: [Application Restart #3] => C:\Users\Michael\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
URLSearchHook: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 - (No Name) - {6d010537-9e99-400b-b652-b0d5a5757e5d} - C:\Program Files (x86)\OnlineMapFinder_9p\bar\1.bin\9pSrcAs.dll No File
URLSearchHook: [S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: [S-1-5-80-633224673-3063612866-542870972-4214686629-759481782] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 -> {5F9E5747-70C1-4565-9749-ED1795F90AEC} URL = http://search.conduit.com/Results.aspx?ctid=CT3300021&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 -> {C6CAFB45-15D2-4E8D-B7C8-CEC236CE336B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863 -> {C6CAFB45-15D2-4E8D-B7C8-CEC236CE336B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> {C6CAFB45-15D2-4E8D-B7C8-CEC236CE336B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> {C6CAFB45-15D2-4E8D-B7C8-CEC236CE336B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782 -> {C6CAFB45-15D2-4E8D-B7C8-CEC236CE336B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Search Assistant BHO -> {6a79cdac-f710-4996-842b-fdc33b785a35} -> C:\Program Files (x86)\OnlineMapFinder_9p\bar\1.bin\9pSrcAs.dll No File
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Toolbar BHO -> {d9f16d8b-81b5-4667-af4d-25365bbf7fc9} -> C:\PROGRA~2\ONLINE~3\bar\1.bin\9pbar.dll No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM-x32 - OnlineMapFinder - {f41a56d2-7b52-4d16-812c-a63c6ca9d4c5} - C:\Program Files (x86)\OnlineMapFinder_9p\bar\1.bin\9pbar.dll No File
Toolbar: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001 -> OnlineMapFinder - {F41A56D2-7B52-4D16-812C-A63C6CA9D4C5} - C:\Program Files (x86)\OnlineMapFinder_9p\bar\1.bin\9pbar.dll No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\vn91myvx.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @alternatiff.com/AlternaTIFF -> C:\Program Files (x86)\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1013081442-1574353736-2319275716-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Michael\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-1013081442-1574353736-2319275716-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Michael\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1013081442-1574353736-2319275716-1001: @talk.google.com/O1DPlugin -> C:\Users\Michael\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1013081442-1574353736-2319275716-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1013081442-1574353736-2319275716-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Michael\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Michael\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Michael\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: LastPass - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\vn91myvx.default\Extensions\support@lastpass.com [2014-11-09]
FF HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Firefox\Extensions: [ocplugin@webex.com] - C:\Program Files (x86)\WebEx\Productivity Tools
FF Extension: WebEx Productivity Tools - C:\Program Files (x86)\WebEx\Productivity Tools [2013-04-09]
FF Extension: No Name - C:\Program Files (x86)\Fiddler2\FiddlerHook [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-19]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-26]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-19]
CHR Extension: (Silverlight for Chrome) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgnklfhofbcfndknbonklnijndoeknal [2015-02-06]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-09-04]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2014-11-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-10]
CHR Extension: (Hangouts) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-08-21]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-19]
CHR HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1602560 2012-09-03] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-09-03] (IVT Corporation) [File not signed]
R2 DeskScapes8; C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe [75376 2013-01-25] (Stardock Software, Inc)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [136784 2012-08-16] (Portrait Displays, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Launch8; C:\Program Files (x86)\Stardock\Launch8\Launch8Srv.exe [87152 2013-10-22] (Stardock Software, Inc)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
S3 MsDtsServer110; C:\Program Files (x86)\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [219304 2014-07-22] (Microsoft Corporation)
R3 MSSQL$SQL2014; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQL2014\MSSQL\Binn\sqlservr.exe [197824 2013-10-04] (Microsoft Corporation)
S3 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [43096 2012-02-11] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQL2014; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQL2014\MSSQL\Binn\fdlauncher.exe [44224 2013-10-04] (Microsoft Corporation)
R3 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [161440 2014-07-22] (Microsoft Corporation)
S3 MSSQLServerOLAPService; C:\Program Files (x86)\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [53761520 2012-10-20] (Microsoft Corporation)
S3 Peloton Scheduled Sync Service - WellView10.0.TulsaToOKC; C:\Peloton\App\WellView 10.0.20140501 app - tulsa\system\bin\Peloton.AppFrame.ScheduledSync.Service.exe [14336 2014-04-23] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.AppFrame.Integrator.Service.AttachmentCopier; C:\Peloton\Services\Integrator\MasterView Attachment Copier 2.2.20130215\Peloton.AppFrame.Integrator.Service.exe [20480 2014-08-14] (Peloton Computer Enterprises Ltd.) [File not signed]
R2 Peloton.AppFrame.Integrator.Service.WellLifecycle; C:\Peloton\Services\Integrator\MasterView Well Lifecycle Integrator 3.0.2015.01.09 (WellView 10.0 - SiteView 5.0 - RigView 4.0)\Peloton.AppFrame.Integrator.Service.exe [20480 2015-01-14] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.AppFrame.SyncHost.WellView100.ClientToCorporate; C:\Peloton\Services\SyncHost\WellView10\App\WellView 10.0.20140501 app\system\bin\Peloton.AppFrame.SyncHost.Service.exe [15360 2014-11-07] (Peloton Computer Enterprises Ltd.) [File not signed]
R2 Peloton.AppFrame.SyncHost.WellView90.wv90; C:\Peloton\Services\SyncHost\WellView9\App\WellView 9.0.20130912 app\system\bin\Peloton.AppFrame.SyncHost.Service.exe [15360 2011-02-22] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.MasterView.DataWarehouse.Service.rv40; C:\Peloton\Services\Integrator\Data Warehouse\RigView 4\MasterView Data Warehouse 3.1.2013.11.14\Peloton.AppFrame.DataWarehouse.Service.exe [140288 2013-11-14] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.MasterView.DataWarehouse.Service.sv40; C:\Peloton\Services\Integrator\Data Warehouse\SiteView 4\MasterView Data Warehouse 3.1.2013.11.14\Peloton.AppFrame.DataWarehouse.Service.exe [140288 2013-11-14] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.MasterView.DataWarehouse.Service.sv5; C:\Peloton\Services\Integrator\Data Warehouse\SiteView 5\MasterView Data Warehouse 3.1.2013.11.14\Peloton.AppFrame.DataWarehouse.Service.exe [140288 2013-11-14] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.MasterView.DataWarehouse.Service.wv10; C:\Peloton\Services\Integrator\Data Warehouse\WellView 10\MasterView Data Warehouse 3.1.2013.11.14\Peloton.AppFrame.DataWarehouse.Service.exe [140288 2013-11-14] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 Peloton.MasterView.DataWarehouse.Service.wv90; C:\Peloton\Services\Integrator\Data Warehouse\WellView 9\MasterView Data Warehouse 3.1.2013.11.14\Peloton.AppFrame.DataWarehouse.Service.exe [140288 2013-11-14] (Peloton Computer Enterprises Ltd.) [File not signed]
S3 ReportServer; C:\Program Files (x86)\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1612800 2012-10-20] (Microsoft Corporation)
S3 ReportServer$SQL2014; C:\Program Files (x86)\Microsoft SQL Server\MSRS12.SQL2014\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2028736 2013-10-04] (Microsoft Corporation)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
S4 SQLAgent$SQL2014; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQL2014\MSSQL\Binn\SQLAGENT.EXE [454336 2013-10-04] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [448680 2014-07-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [322048 2012-07-27] (IDT, Inc.) [File not signed]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-09-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
R2 WindowFX; C:\Program Files (x86)\Stardock\WindowFX\WindowFXSrv.exe [181904 2012-03-08] (Stardock Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-09-18] (Microsoft Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-03-26] (Cisco Systems, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-12 14:10 - 2015-02-12 14:10 - 00048119 _____ () C:\Users\Michael\Downloads\FRST.txt
2015-02-12 14:09 - 2015-02-12 14:10 - 00000000 ____D () C:\FRST
2015-02-12 14:09 - 2015-02-12 14:09 - 02134016 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2015-02-12 14:08 - 2015-02-12 14:08 - 01125376 _____ (Farbar) C:\Users\Michael\Downloads\FRST.exe
2015-02-12 13:46 - 2015-02-12 13:46 - 00000165 ____H () C:\Users\Michael\Desktop\~$Well Header UDL Changes.xlsx
2015-02-12 13:18 - 2015-02-12 13:18 - 00010614 _____ () C:\Users\Michael\Desktop\Well Header UDL Changes.xlsx
2015-02-12 13:07 - 2015-02-12 13:07 - 00310904 _____ () C:\Users\Michael\Desktop\(2015-02-12 130658).wvd
2015-02-12 12:48 - 2015-02-12 12:56 - 00051876 _____ () C:\Users\Michael\Desktop\Book1.xlsx
2015-02-12 11:14 - 2015-02-12 12:22 - 00050170 _____ () C:\Users\Michael\Downloads\NWOK Well List.xlsx
2015-02-12 11:14 - 2015-02-12 11:14 - 00073099 _____ () C:\Users\Michael\Downloads\Daily Cost Report - Fellers 2711 1-3HM.xlsx
2015-02-11 06:53 - 2015-02-03 17:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 06:53 - 2015-02-03 17:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 06:53 - 2015-02-03 17:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 06:53 - 2015-02-02 17:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 06:53 - 2015-02-02 17:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 06:53 - 2015-02-02 17:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 06:53 - 2015-01-19 12:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 06:53 - 2015-01-15 16:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 06:53 - 2015-01-15 16:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 06:53 - 2015-01-13 22:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 06:53 - 2015-01-13 21:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 06:53 - 2015-01-13 16:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 06:53 - 2015-01-13 16:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 06:53 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 06:53 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 06:53 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 06:53 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 06:53 - 2015-01-11 20:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 06:53 - 2015-01-11 20:32 - 06041088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-11 06:53 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 06:53 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 06:53 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 06:53 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 06:53 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 06:53 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 06:53 - 2015-01-11 19:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 06:53 - 2015-01-11 19:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 06:53 - 2015-01-11 19:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 06:53 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 06:53 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 06:53 - 2015-01-11 19:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 06:53 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 06:53 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 06:53 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 06:53 - 2015-01-11 19:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 06:53 - 2015-01-11 19:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 06:53 - 2015-01-11 19:29 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 06:53 - 2015-01-11 19:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 06:53 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 06:53 - 2015-01-11 19:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 06:53 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 06:53 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 06:53 - 2015-01-11 19:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 06:53 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 06:53 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 06:53 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 06:53 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 06:53 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 06:53 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 06:53 - 2015-01-10 03:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 06:53 - 2015-01-10 03:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 06:53 - 2015-01-10 02:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 06:53 - 2015-01-10 02:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 06:53 - 2015-01-10 01:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 06:53 - 2015-01-10 00:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 06:53 - 2014-12-19 02:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 06:53 - 2014-12-19 02:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 06:53 - 2014-12-08 21:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 06:53 - 2014-12-08 19:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 06:53 - 2014-12-08 17:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 06:53 - 2014-10-28 20:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-11 06:53 - 2014-10-28 20:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-11 06:53 - 2014-10-28 20:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-11 06:53 - 2014-10-28 20:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-11 06:53 - 2014-10-28 20:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 06:53 - 2014-10-28 20:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 06:53 - 2014-10-28 19:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 06:53 - 2014-10-28 19:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-11 06:53 - 2014-10-28 19:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 06:53 - 2014-10-28 19:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 06:53 - 2014-10-28 19:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 06:53 - 2014-10-28 19:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 06:53 - 2014-10-28 19:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-08 18:09 - 2015-02-12 13:40 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-08 18:08 - 2015-02-08 18:08 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-08 18:08 - 2015-02-08 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-08 18:08 - 2015-02-08 18:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-08 18:08 - 2015-02-08 18:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-08 18:08 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-08 18:08 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-08 18:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-08 18:05 - 2015-02-08 18:06 - 15971616 _____ (IObit) C:\Users\Michael\Downloads\iobituninstaller.exe
2015-02-08 18:05 - 2015-02-08 18:05 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michael\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-08 12:30 - 2015-02-08 12:30 - 00795400 _____ (Coinis) C:\Users\Michael\Downloads\Unconfirmed 25118.crdownload
2015-02-07 15:56 - 2015-02-07 15:56 - 101538008 _____ (Intuit Inc. ) C:\Users\Michael\Downloads\Quicken_Deluxe_2012 (1).exe
2015-02-06 12:57 - 2015-02-06 12:57 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-02 21:17 - 2015-02-02 21:17 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2015-02-02 21:17 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\WINDOWS\system32\CNCALBL.DLL
2015-02-02 21:15 - 2015-02-02 21:15 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-02-02 21:15 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBL.DLL
2015-01-30 17:49 - 2015-01-30 17:50 - 101538008 _____ (Intuit Inc. ) C:\Users\Michael\Downloads\Quicken_Deluxe_2012.exe
2015-01-30 16:21 - 2015-01-30 16:21 - 00000000 ____D () C:\Users\Michael\Desktop\SiteView 5.0 (2015.01.30)
2015-01-30 14:27 - 2015-01-30 14:30 - 00000000 ____D () C:\Users\Michael\Downloads\WellView 10 Training
2015-01-30 13:32 - 2015-01-30 13:32 - 00000000 ____D () C:\Users\Michael\Downloads\SiteView 5.0 database scripts - 20140912
2015-01-30 13:31 - 2015-01-30 13:31 - 00534611 _____ () C:\Users\Michael\Downloads\SiteView 5.0 database scripts - 20140912.zip
2015-01-30 11:15 - 2015-01-30 11:16 - 49900256 _____ () C:\Users\Michael\Downloads\SiteView 5.0.20140912 (1).zip
2015-01-30 09:24 - 2015-01-30 09:25 - 00002421 _____ () C:\Users\Michael\Desktop\DVN SV 5 DEV.lnk
2015-01-30 09:23 - 2015-01-30 09:24 - 00002421 _____ () C:\Users\Michael\Desktop\DVN SV 5 PRD.lnk
2015-01-30 09:20 - 2015-02-01 20:06 - 00000000 ____D () C:\Users\Michael\Desktop\UDL and Library Edits
2015-01-30 09:20 - 2015-01-30 17:24 - 00000000 ____D () C:\Users\Michael\Desktop\SiteView5 dev
2015-01-30 09:20 - 2015-01-30 09:21 - 00000000 ____D () C:\Users\Michael\Desktop\SiteView5prod
2015-01-30 09:16 - 2015-01-30 09:17 - 51669538 _____ () C:\Users\Michael\Downloads\SiteView5 dev.zip
2015-01-30 09:16 - 2015-01-30 09:16 - 41655442 _____ () C:\Users\Michael\Downloads\SiteView5 prod.zip
2015-01-30 09:16 - 2015-01-30 09:16 - 03838835 _____ () C:\Users\Michael\Downloads\UDL and Library Edits.zip
2015-01-25 16:22 - 2015-01-25 19:14 - 3390566916 _____ () C:\Users\Michael\Downloads\Taken.2.2012.1080p.REPACK.WEB-DL.DD5.1.H.264-BS.mkv
2015-01-23 15:28 - 2015-01-23 15:32 - 1324961025 _____ () C:\Users\Michael\Downloads\What We Do in the Shadows (2014) [1080p].mp4
2015-01-23 15:02 - 2015-01-23 15:07 - 1615847646 _____ () C:\Users\Michael\Downloads\Into the Woods (2014).avi
2015-01-19 20:55 - 2015-01-19 20:55 - 00000357 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2015-01-14 15:19 - 2015-01-14 15:20 - 00000000 ____D () C:\Users\Michael\Downloads\WLC 3.0.2015.01.09 WV10-SV5-RV4
2015-01-14 15:11 - 2015-01-14 15:11 - 49395514 _____ () C:\Users\Michael\Downloads\SiteView 5.0.20140912.zip
2015-01-13 16:28 - 2014-12-19 00:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-13 16:28 - 2014-12-11 20:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-13 16:28 - 2014-12-11 18:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-13 16:28 - 2014-12-08 19:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-13 16:28 - 2014-12-08 13:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-13 16:28 - 2014-12-08 13:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-13 16:28 - 2014-12-05 21:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-13 16:28 - 2014-12-05 19:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-13 16:28 - 2014-12-05 19:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 16:28 - 2014-10-28 22:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-13 16:28 - 2014-10-28 22:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-13 16:28 - 2014-10-28 21:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-13 16:28 - 2014-10-28 21:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-13 16:28 - 2014-10-28 21:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-13 16:28 - 2014-10-28 21:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-13 16:28 - 2014-10-28 21:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-13 16:28 - 2014-10-28 21:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-13 16:28 - 2014-10-28 21:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-13 16:28 - 2014-10-28 21:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-13 16:28 - 2014-10-28 21:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-13 16:28 - 2014-10-28 20:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-13 16:28 - 2014-10-28 19:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-13 16:28 - 2014-10-28 19:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-13 16:28 - 2014-10-28 19:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-13 16:28 - 2014-10-28 19:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-12 14:06 - 2013-04-09 06:07 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Webex
2015-02-12 14:05 - 2013-03-08 18:35 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-12 14:00 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-12 13:56 - 2014-09-18 14:01 - 02062082 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-12 13:45 - 2014-03-18 04:03 - 01393266 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-12 13:45 - 2013-03-04 20:04 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1013081442-1574353736-2319275716-1001
2015-02-12 13:43 - 2013-09-17 13:53 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA.job
2015-02-12 13:42 - 2013-04-19 06:03 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 13:42 - 2012-09-10 16:54 - 00000787 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-02-12 13:41 - 2014-09-18 12:32 - 00000000 ___RD () C:\Users\Michael\Google Drive
2015-02-12 13:40 - 2014-09-18 14:28 - 00000000 ___DO () C:\Users\Michael\OneDrive
2015-02-12 13:40 - 2013-04-19 06:03 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 13:40 - 2012-11-23 12:47 - 00004524 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-02-12 13:39 - 2013-08-22 08:46 - 00675298 _____ () C:\WINDOWS\setupact.log
2015-02-12 13:39 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-12 13:39 - 2012-11-23 12:47 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-02-12 13:38 - 2014-03-18 03:54 - 00150966 _____ () C:\WINDOWS\PFRO.log
2015-02-12 13:38 - 2013-08-22 08:44 - 00508400 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-12 13:37 - 2013-08-22 07:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-12 12:33 - 2014-09-18 14:22 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E7EAC941-9951-4043-AF06-B8048619FF61}
2015-02-12 11:15 - 2013-03-04 19:54 - 00000000 ____D () C:\Users\Michael\AppData\Local\Packages
2015-02-12 11:11 - 2014-02-24 16:13 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\rmi
2015-02-12 08:16 - 2013-03-05 20:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-12 08:16 - 2013-03-05 20:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 06:46 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-12 06:44 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-12 06:40 - 2012-07-25 23:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-02-12 06:38 - 2013-03-08 17:12 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-12 06:35 - 2013-07-18 02:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-12 06:29 - 2013-03-05 20:29 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-12 06:23 - 2014-12-12 20:09 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-12 06:23 - 2014-09-28 20:45 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-12 06:15 - 2013-03-04 20:07 - 00000000 ____D () C:\Users\Michael\AppData\Local\Pokki
2015-02-09 12:49 - 2013-03-08 17:24 - 00000000 ____D () C:\Users\Michael\Documents\Visual Studio 2012
2015-02-08 19:58 - 2014-09-18 13:25 - 00000000 ____D () C:\Users\Michael
2015-02-08 19:11 - 2014-09-18 13:25 - 00000000 ____D () C:\Users\MSSQLSERVER
2015-02-08 19:11 - 2014-09-18 13:25 - 00000000 ____D () C:\Users\MSSQLFDLauncher
2015-02-08 18:22 - 2014-02-15 17:09 - 00000000 ____D () C:\Program Files (x86)\Fiddler2
2015-02-08 18:21 - 2014-02-15 17:10 - 00000000 ____D () C:\Users\Michael\Documents\Fiddler2
2015-02-08 18:20 - 2013-04-19 06:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\Google
2015-02-08 18:17 - 2013-10-30 14:31 - 00002333 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-08 18:15 - 2014-02-03 20:42 - 00000000 ____D () C:\Program Files (x86)\Stardock
2015-02-08 09:37 - 2014-02-03 20:44 - 00000000 ____D () C:\ProgramData\Intuit
2015-02-07 09:37 - 2013-04-19 06:03 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 09:37 - 2013-04-19 06:03 - 00003642 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 23:43 - 2013-09-17 13:53 - 00000872 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core.job
2015-02-06 23:38 - 2013-09-17 13:53 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA
2015-02-06 23:38 - 2013-09-17 13:53 - 00003494 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core
2015-02-06 17:25 - 2014-09-04 16:28 - 00000000 ____D () C:\Users\Michael\AppData\Local\Greenshot
2015-02-06 10:05 - 2013-03-08 19:45 - 00000000 ____D () C:\Users\Michael\Documents\SQL Server Management Studio
2015-02-05 22:30 - 2013-03-04 20:48 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\vlc
2015-02-04 13:05 - 2013-03-08 18:35 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 13:31 - 2013-08-22 09:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 13:31 - 2013-08-22 09:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 21:22 - 2013-11-13 19:39 - 00338944 ___SH () C:\Users\Michael\Downloads\Thumbs.db
2015-02-02 21:17 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-01-31 13:01 - 2013-04-12 07:23 - 00000000 ____D () C:\ProgramData\WebEx
2015-01-30 13:32 - 2014-09-12 14:03 - 01714883 _____ () C:\Users\Michael\Downloads\sql_01_sv50schema.sql
2015-01-30 09:41 - 2013-03-11 17:27 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Peloton
2015-01-29 07:38 - 2014-09-18 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-25 18:17 - 2014-02-03 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
 
==================== Files in the root of some directories =======
 
2014-09-04 16:35 - 2014-09-04 16:35 - 15000576 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-02-16 19:08 - 2014-02-16 19:08 - 0000002 _____ () C:\Users\Michael\AppData\Roaming\Stardockfences_debug_info2.txt
2014-07-10 15:14 - 2014-07-10 15:14 - 0000600 _____ () C:\Users\Michael\AppData\Local\PUTTY.RND
2013-05-02 11:45 - 2014-11-25 11:08 - 0007610 _____ () C:\Users\Michael\AppData\Local\resmon.resmoncfg
2014-02-03 20:46 - 2014-02-17 13:31 - 0000313 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiavzkr.dll
C:\Users\Michael\AppData\Local\Temp\ICReinstall_Free_Download_Setup.exe
C:\Users\Michael\AppData\Local\Temp\jna2064161898654488561.dll
C:\Users\Michael\AppData\Local\Temp\oct65.tmp.exe
C:\Users\Michael\AppData\Local\Temp\octB025.tmp.exe
C:\Users\Michael\AppData\Local\Temp\octD141.tmp.exe
C:\Users\Michael\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Michael\AppData\Local\Temp\SymCCIS.dll
C:\Users\Michael\AppData\Local\Temp\vlc-2.1.5-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-12 06:15
 
==================== End Of Log ============================


BC AdBot (Login to Remove)

 


m

#2 olgun52

olgun52

  • Malware Response Team
  • 3,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 12 February 2015 - 04:58 PM

Hello mrmnew and Welcome to the BleepingComputer. :welcome:  
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
---------------------------------------------------------------------------------------------------------
 
Addition.txt is created by default from the first run of FRST, can you check inside this folder: C:\FRST\Logs I need to see that log before we progress. If no Addition log inside the Logs folder run FRST scan one more time, ensure "Addition" is checked in the optional scan box...
Attached Images
 
Ashampoo_Snap_20140927_13h17m38s_001_Far
 

---------------------------------------------------------------------------------------------------

 

Do you use Peloton ???  What is software?
 C:\Peloton

 

----------------------------------------------------

Have a great day. :hello:


Edited by olgun52, 12 February 2015 - 05:54 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 olgun52

olgun52

  • Malware Response Team
  • 3,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 15 February 2015 - 06:04 PM

Hello mrmnew,

 

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#4 mrmnew

mrmnew
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 15 February 2015 - 10:02 PM

I have attached the file you requested.

 

Peloton is commercial business software used in the Oil and Gas  industry.  I work for the company and support this software.



#5 mrmnew

mrmnew
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 15 February 2015 - 10:02 PM

I have attached the file you requested.

 

Peloton is commercial business software used in the Oil and Gas  industry.  I work for the company and support this software.



#6 mrmnew

mrmnew
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 15 February 2015 - 10:03 PM

Peloton is commercial business software used in the Oil and Gas  industry.  I work for the company and support this software.

I have tried attaching the file you requested, but I get Error522. I am pasting the contents of the Addition.txt file below.

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
Ran by Michael at 2015-02-12 14:11:11
Running from C:\Users\Michael\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4407 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
GDR 3128 for SQL Server 2012 (KB2793634) (HKLM-x32\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3153 for SQL Server 2012 (KB2977326) (HKLM-x32\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\HPConnectedMusic) (Version: 1.1 (build 57) hp - Meridian Audio Ltd)
HP My Display TouchSmart Edition (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.12.004 - Portrait Displays, Inc.)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6419.0 - IDT)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft MapPoint North America 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-1111BC2C2B6D}) (Version: 19.0.18.1100 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{73C86D5C-45CA-4C97-93C1-C89378CEAD2A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Runtime for SQL Server 2014 CTP2 (HKLM-x32\...\{E0090F34-645A-467D-949E-406BA5C08B14}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{8F3AB164-B4F3-45B1-A85A-F5E5815A44E1}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{623C2F4B-0C93-44D0-B216-6010AC2B82F7}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{536729EB-12ED-45AA-BB39-CB801623C01A}) (Version: 11.1.3436.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{376949D9-0B10-4E7A-9AA5-16AC38F9E843}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 CTP2 (HKLM-x32\...\Microsoft SQL Server SQL14CTP2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 CTP2 Setup (English) (HKLM-x32\...\{ACAB42F8-F664-492C-9C9C-D5A01D2982F8}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies CTP2 (HKLM-x32\...\{2ED3EA76-C6BA-44D4-8952-F95757B932B7}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service CTP2 (HKLM\...\{F175389E-00E5-40BE-A730-E9FB25770DE3}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom CTP2 (HKLM\...\{BD03E02F-D135-474B-A3BD-174BA595C043}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 CTP2 (HKLM\...\{802046C3-464D-42CC-8E91-5DFBBC14B68A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{e20d88d6-6150-4602-b4ef-49e138467d4d}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Language Support (HKLM-x32\...\{44774b10-3e2b-443c-899b-56c46b370aa7}) (Version: 11.0.50727.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{e238e1a0-7fbd-4146-a4ac-d48badcdf3ae}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 CTP2 (HKLM\...\{549E59D0-CE66-4AE1-905D-A1E3FD915070}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
Online Plug-in (x32 Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden
OnlineMapFinder Internet Explorer Toolbar (HKLM-x32\...\OnlineMapFinder_9pbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Peloton WellView (HKLM-x32\...\{24D1ACA3-9CFA-4AFC-8520-4D7D49FA6C12}) (Version: 8.1.57 - )
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Pokki (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Pokki) (Version: 0.269.5.460 - Pokki)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
Quest PowerGUI® 3.5 (HKLM-x32\...\{57FE4597-505A-4B6E-A3F4-924B7620DB23}_Qs) (Version: 3.5.0.2293 - Quest Software, Inc.)
Quest PowerGUI® 3.5 (x32 Version: 3.5.0.2293 - Quest Software, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{3DA4255C-E376-83BE-72B4-B060F7124CC8}) (Version: 9.0.720.5 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
ScrewDrivers Client v4 (HKLM-x32\...\{8F82D940-8862-4111-B5BA-5F3546646656}) (Version: 4.5.07.74 - triCerat, Inc.)
SDK (x32 Version: 2.28.007 - Portrait Displays, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-003B-0000-0000-0000000FF1CE}_Office15.PRJPROR_{115B7592-B71D-4C27-AB34-34268FB199CA}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
SQL Server 2008 R2 Common Files (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2012 Analysis Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data Tools - BI for Visual Studio 2012 (x32 Version: 11.1.3436.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SSIS 64Bit For SSDTBI VS2012 (Version: 11.1.3436.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Client Tools (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Common Files (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Database Engine Services (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Database Engine Shared (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Documentation Components (Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Documentation Components (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Full text search (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Management Studio (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Reporting Services (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 CTP2 (HKLM-x32\...\{07080044-8AF5-4F06-BFE9-6317E059B76A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
Stardock DeskScapes 8 (HKLM-x32\...\Stardock DeskScapes 8) (Version: 8.10 - Stardock Software, Inc.)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Stardock IconPackager (HKLM-x32\...\IconPackager) (Version: 5.10 - Stardock Software, Inc.)
Stardock Launch8 (HKLM-x32\...\Stardock Launch8) (Version: 1.00 - Stardock Software, Inc.)
Stardock ModernMix (HKLM-x32\...\Stardock ModernMix) (Version: 1.12 - Stardock Software, Inc.)
Stardock Object Desktop Manager (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Object Desktop Manager) (Version:  - Stardock Software, Inc.)
Stardock SkinStudio (HKLM-x32\...\SkinStudio) (Version: 8.01 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.)
Stardock Theme Manager (HKLM-x32\...\Theme Manager) (Version: 4.00 - Stardock Systems, Inc.)
Stardock Tiles (HKLM-x32\...\Tiles) (Version: 1.10 - Stardock Software, Inc.)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.02 - Stardock Software, Inc.)
Stardock WindowFX (HKLM-x32\...\WindowFX) (Version: 5.12 - Stardock Software, Inc.)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WebEx Productivity Tools (HKLM-x32\...\{E7C4EB6C-746A-421B-8B4D-FDEB9B97FBBD}) (Version: 2.32.900.15980 - Cisco WebEx LLC)
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.5.0 - Dane Prairie Systems, LLC.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
25-01-2015 11:36:42 Windows Update
29-01-2015 07:37:56 Windows Update
06-02-2015 06:02:11 Windows Update
08-02-2015 18:24:29 Plex Media Server
12-02-2015 06:18:03 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01914367-74F6-4DB4-8DF1-6DBA9CA4791B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {049B4C62-28AD-43E2-A635-4C234DD02A1E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-12] (Microsoft Corporation)
Task: {0ECA56B1-AD2E-4456-8396-1C837AB50852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {14AA9FC1-98C3-4BE1-8421-18EC79F7208D} - System32\Tasks\LibertyResourcesLibraryUpdater2 => C:\Users\Michael\Desktop\Release\LibertyResourcesLibraryUpdater.exe
Task: {1EF47E68-5C3D-4185-A7B5-0B1485AA4E84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5267551B-34B8-400C-BAB2-B7C6D4F54B07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {642129DE-6216-44CB-A39A-78C778477365} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {697D7A6D-E4E6-4094-83D9-E9EF54072DE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {77A550D9-04FB-47DD-A52F-29F7DDE05A1B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {7FEC12C3-84F5-425E-8DE9-35057DE89AC1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {88CDD1F0-EF51-495C-A489-1E94FDEB80BB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {B6B87225-8761-44E0-9456-887506A86B5F} - System32\Tasks\{98F7BB73-10CF-4843-A637-3313F1A225E5} => pcalua.exe -a "C:\Program Files\Webroot\WRSA.exe" -c -uninstall
Task: {D42C21AD-29AE-48E2-8F07-3B8D640E62EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {D4A90884-8B67-444B-8A98-32046740F5E6} - System32\Tasks\Object Desktop-S-1-5-21-1013081442-1574353736-2319275716-1001 => C:\Users\Michael\AppData\Local\Stardock\ObjectDesktop\ObjectDesktopManager.exe [2014-06-10] (Stardock)
Task: {DFC7582C-B783-48A4-B171-B7F9A89865AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {EC70EBA0-76E0-4421-8B48-821C66361D97} - System32\Tasks\LibertyResourcesLibraryUpdater => C:\Users\Michael\Desktop\Release\LibertyResourcesLibraryUpdater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-03-08 01:46 - 2012-11-12 11:02 - 00399536 ____N () C:\Program Files (x86)\Stardock\WindowFX\WFX32.exe
2013-03-22 20:19 - 2012-10-24 15:54 - 00075552 _____ () C:\WINDOWS\System32\win2pdfm.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2015-01-21 14:59 - 2015-01-21 14:59 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-23 12:32 - 2012-08-16 19:12 - 00268880 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2013-10-15 18:43 - 2013-10-15 18:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-30 15:30 - 2014-09-05 18:54 - 06281536 _____ () C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-11-23 12:32 - 2012-08-16 19:12 - 00161360 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2012-11-23 12:32 - 2012-08-16 19:12 - 00194640 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2013-03-26 09:44 - 2013-03-26 09:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-09-03 13:48 - 2012-09-03 13:48 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 12:24 - 2012-08-14 12:24 - 00323648 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 19:28 - 2012-05-02 19:28 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00054784 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2014-11-07 13:48 - 2014-06-23 20:32 - 00025088 _____ () C:\Peloton\Services\SyncHost\WellView9\App\WellView 9.0.20130912 app\system\bin\Peloton.AppFrame.GISDataNormalizer.dll
2015-01-21 14:58 - 2015-01-21 14:58 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-09-03 13:52 - 2012-09-03 13:52 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2012-09-03 13:01 - 2012-09-03 13:01 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2012-11-23 12:34 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00098816 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32api.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00110080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pywintypes27.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00364544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pythoncom27.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00045568 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_socket.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01160704 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_ssl.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00320512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32com.shell.shell.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00713216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_hashlib.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01175040 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._core_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00805888 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._gdi_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00811008 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._windows_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01062400 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._controls_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00735232 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._misc_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00557056 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pysqlite2._sqlite.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00128512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_elementtree.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00127488 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pyexpat.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00087552 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_ctypes.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00119808 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32file.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00108544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32security.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00007168 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\hashobjs_ext.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00167936 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32gui.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00018432 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32event.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00038912 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32inet.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00011264 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32crypt.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00070656 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._html2.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00027136 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_multiprocessing.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00035840 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32process.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00686080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\unicodedata.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00122368 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._wizard.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00024064 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32pipe.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00025600 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32pdh.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00525640 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\windows._lib_cacheinvalidation.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00010240 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\select.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32profile.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00022528 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32ts.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00078336 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._animate.pyd
2012-11-23 12:32 - 2012-01-17 18:21 - 00068104 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\PEGAACPIDLL.dll
2012-11-23 12:32 - 2011-02-15 13:59 - 00015624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\ACPIDll.dll
2014-03-28 03:35 - 2014-03-28 03:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-09-03 13:48 - 2012-09-03 13:48 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2012-11-23 12:32 - 2012-08-16 18:53 - 00180224 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2012-11-23 12:22 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Michael\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\Google Drive\Peloton2.jpg
HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 68.105.28.11 - 68.105.29.11
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Snagit 11.lnk"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "ScrewDrivers RDP Plugin"
HKLM\...\StartupApproved\Run32: => "OnlineMapFinder AppIntegrator 64-bit"
HKLM\...\StartupApproved\Run32: => "OnlineMapFinder AppIntegrator 32-bit"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1D7305B07635F8E0A4CF4B02D1C53C4D"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "ViStart"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1013081442-1574353736-2319275716-500 - Administrator - Disabled)
Guest (S-1-5-21-1013081442-1574353736-2319275716-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1013081442-1574353736-2319275716-1007 - Limited - Enabled)
Michael (S-1-5-21-1013081442-1574353736-2319275716-1001 - Administrator - Enabled) => C:\Users\Michael
peloton (S-1-5-21-1013081442-1574353736-2319275716-1008 - Limited - Enabled) => C:\Users\peloton
 
==================== Faulty Device Manager Devices =============
 
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/12/2015 01:24:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 40.0.2214.111 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3804
 
Start Time: 01d046f8b2855708
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: c5c74289-b2ec-11e4-bf07-689423a73d14
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (02/12/2015 00:57:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: DTSPipelinePerf110.dllDTSPipeline1104
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (02/12/2015 00:57:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
 
System errors:
=============
Error: (02/12/2015 00:58:52 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:58:51 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:56:57 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:56:48 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 06:52:55 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:52:52 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:17 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:14 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:11 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:08 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
 
Microsoft Office Sessions:
=========================
Error: (02/12/2015 01:24:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe40.0.2214.111380401d046f8b28557084294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exec5c74289-b2ec-11e4-bf07-689423a73d14
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (02/12/2015 00:57:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: DTSPipelinePerf110.dllDTSPipeline1104
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (02/12/2015 00:57:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 06:48:24.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:24.518
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:24.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.905
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:04.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:04.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:03.769
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 53%
Total physical RAM: 6007.86 MB
Available physical RAM: 2772.5 MB
Total Pagefile: 7799.86 MB
Available Pagefile: 3625.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:913.93 GB) (Free:756.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.67 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7C85191C)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#7 mrmnew

mrmnew
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 15 February 2015 - 10:04 PM

Peloton is commercial business software used in the Oil and Gas  industry.  I work for the company and support this software.

I have tried attaching the file you requested, but I get Error522. I am pasting the contents of the Addition.txt file below.

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
Ran by Michael at 2015-02-12 14:11:11
Running from C:\Users\Michael\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4407 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
GDR 3128 for SQL Server 2012 (KB2793634) (HKLM-x32\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3153 for SQL Server 2012 (KB2977326) (HKLM-x32\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\HPConnectedMusic) (Version: 1.1 (build 57) hp - Meridian Audio Ltd)
HP My Display TouchSmart Edition (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.12.004 - Portrait Displays, Inc.)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6419.0 - IDT)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft MapPoint North America 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-1111BC2C2B6D}) (Version: 19.0.18.1100 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{73C86D5C-45CA-4C97-93C1-C89378CEAD2A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Runtime for SQL Server 2014 CTP2 (HKLM-x32\...\{E0090F34-645A-467D-949E-406BA5C08B14}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{8F3AB164-B4F3-45B1-A85A-F5E5815A44E1}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{623C2F4B-0C93-44D0-B216-6010AC2B82F7}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{536729EB-12ED-45AA-BB39-CB801623C01A}) (Version: 11.1.3436.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{376949D9-0B10-4E7A-9AA5-16AC38F9E843}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 CTP2 (HKLM-x32\...\Microsoft SQL Server SQL14CTP2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 CTP2 Setup (English) (HKLM-x32\...\{ACAB42F8-F664-492C-9C9C-D5A01D2982F8}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies CTP2 (HKLM-x32\...\{2ED3EA76-C6BA-44D4-8952-F95757B932B7}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service CTP2 (HKLM\...\{F175389E-00E5-40BE-A730-E9FB25770DE3}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom CTP2 (HKLM\...\{BD03E02F-D135-474B-A3BD-174BA595C043}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 CTP2 (HKLM\...\{802046C3-464D-42CC-8E91-5DFBBC14B68A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{e20d88d6-6150-4602-b4ef-49e138467d4d}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Language Support (HKLM-x32\...\{44774b10-3e2b-443c-899b-56c46b370aa7}) (Version: 11.0.50727.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{e238e1a0-7fbd-4146-a4ac-d48badcdf3ae}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 CTP2 (HKLM\...\{549E59D0-CE66-4AE1-905D-A1E3FD915070}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
Online Plug-in (x32 Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden
OnlineMapFinder Internet Explorer Toolbar (HKLM-x32\...\OnlineMapFinder_9pbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Peloton WellView (HKLM-x32\...\{24D1ACA3-9CFA-4AFC-8520-4D7D49FA6C12}) (Version: 8.1.57 - )
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Pokki (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Pokki) (Version: 0.269.5.460 - Pokki)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
Quest PowerGUI® 3.5 (HKLM-x32\...\{57FE4597-505A-4B6E-A3F4-924B7620DB23}_Qs) (Version: 3.5.0.2293 - Quest Software, Inc.)
Quest PowerGUI® 3.5 (x32 Version: 3.5.0.2293 - Quest Software, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{3DA4255C-E376-83BE-72B4-B060F7124CC8}) (Version: 9.0.720.5 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
ScrewDrivers Client v4 (HKLM-x32\...\{8F82D940-8862-4111-B5BA-5F3546646656}) (Version: 4.5.07.74 - triCerat, Inc.)
SDK (x32 Version: 2.28.007 - Portrait Displays, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-003B-0000-0000-0000000FF1CE}_Office15.PRJPROR_{115B7592-B71D-4C27-AB34-34268FB199CA}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
SQL Server 2008 R2 Common Files (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2012 Analysis Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data Tools - BI for Visual Studio 2012 (x32 Version: 11.1.3436.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SSIS 64Bit For SSDTBI VS2012 (Version: 11.1.3436.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Client Tools (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Common Files (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Database Engine Services (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Database Engine Shared (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Documentation Components (Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Documentation Components (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Full text search (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Management Studio (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Reporting Services (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 CTP2 (HKLM-x32\...\{07080044-8AF5-4F06-BFE9-6317E059B76A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
Stardock DeskScapes 8 (HKLM-x32\...\Stardock DeskScapes 8) (Version: 8.10 - Stardock Software, Inc.)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Stardock IconPackager (HKLM-x32\...\IconPackager) (Version: 5.10 - Stardock Software, Inc.)
Stardock Launch8 (HKLM-x32\...\Stardock Launch8) (Version: 1.00 - Stardock Software, Inc.)
Stardock ModernMix (HKLM-x32\...\Stardock ModernMix) (Version: 1.12 - Stardock Software, Inc.)
Stardock Object Desktop Manager (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Object Desktop Manager) (Version:  - Stardock Software, Inc.)
Stardock SkinStudio (HKLM-x32\...\SkinStudio) (Version: 8.01 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.)
Stardock Theme Manager (HKLM-x32\...\Theme Manager) (Version: 4.00 - Stardock Systems, Inc.)
Stardock Tiles (HKLM-x32\...\Tiles) (Version: 1.10 - Stardock Software, Inc.)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.02 - Stardock Software, Inc.)
Stardock WindowFX (HKLM-x32\...\WindowFX) (Version: 5.12 - Stardock Software, Inc.)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WebEx Productivity Tools (HKLM-x32\...\{E7C4EB6C-746A-421B-8B4D-FDEB9B97FBBD}) (Version: 2.32.900.15980 - Cisco WebEx LLC)
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.5.0 - Dane Prairie Systems, LLC.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
25-01-2015 11:36:42 Windows Update
29-01-2015 07:37:56 Windows Update
06-02-2015 06:02:11 Windows Update
08-02-2015 18:24:29 Plex Media Server
12-02-2015 06:18:03 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01914367-74F6-4DB4-8DF1-6DBA9CA4791B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {049B4C62-28AD-43E2-A635-4C234DD02A1E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-12] (Microsoft Corporation)
Task: {0ECA56B1-AD2E-4456-8396-1C837AB50852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {14AA9FC1-98C3-4BE1-8421-18EC79F7208D} - System32\Tasks\LibertyResourcesLibraryUpdater2 => C:\Users\Michael\Desktop\Release\LibertyResourcesLibraryUpdater.exe
Task: {1EF47E68-5C3D-4185-A7B5-0B1485AA4E84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5267551B-34B8-400C-BAB2-B7C6D4F54B07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {642129DE-6216-44CB-A39A-78C778477365} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {697D7A6D-E4E6-4094-83D9-E9EF54072DE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {77A550D9-04FB-47DD-A52F-29F7DDE05A1B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {7FEC12C3-84F5-425E-8DE9-35057DE89AC1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {88CDD1F0-EF51-495C-A489-1E94FDEB80BB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {B6B87225-8761-44E0-9456-887506A86B5F} - System32\Tasks\{98F7BB73-10CF-4843-A637-3313F1A225E5} => pcalua.exe -a "C:\Program Files\Webroot\WRSA.exe" -c -uninstall
Task: {D42C21AD-29AE-48E2-8F07-3B8D640E62EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {D4A90884-8B67-444B-8A98-32046740F5E6} - System32\Tasks\Object Desktop-S-1-5-21-1013081442-1574353736-2319275716-1001 => C:\Users\Michael\AppData\Local\Stardock\ObjectDesktop\ObjectDesktopManager.exe [2014-06-10] (Stardock)
Task: {DFC7582C-B783-48A4-B171-B7F9A89865AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {EC70EBA0-76E0-4421-8B48-821C66361D97} - System32\Tasks\LibertyResourcesLibraryUpdater => C:\Users\Michael\Desktop\Release\LibertyResourcesLibraryUpdater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-03-08 01:46 - 2012-11-12 11:02 - 00399536 ____N () C:\Program Files (x86)\Stardock\WindowFX\WFX32.exe
2013-03-22 20:19 - 2012-10-24 15:54 - 00075552 _____ () C:\WINDOWS\System32\win2pdfm.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2015-01-21 14:59 - 2015-01-21 14:59 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-23 12:32 - 2012-08-16 19:12 - 00268880 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2013-10-15 18:43 - 2013-10-15 18:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-30 15:30 - 2014-09-05 18:54 - 06281536 _____ () C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-11-23 12:32 - 2012-08-16 19:12 - 00161360 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2012-11-23 12:32 - 2012-08-16 19:12 - 00194640 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2013-03-26 09:44 - 2013-03-26 09:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-09-03 13:48 - 2012-09-03 13:48 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 12:24 - 2012-08-14 12:24 - 00323648 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 19:28 - 2012-05-02 19:28 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00054784 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2014-11-07 13:48 - 2014-06-23 20:32 - 00025088 _____ () C:\Peloton\Services\SyncHost\WellView9\App\WellView 9.0.20130912 app\system\bin\Peloton.AppFrame.GISDataNormalizer.dll
2015-01-21 14:58 - 2015-01-21 14:58 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-09-03 13:52 - 2012-09-03 13:52 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2012-09-03 13:01 - 2012-09-03 13:01 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2012-11-23 12:34 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00098816 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32api.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00110080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pywintypes27.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00364544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pythoncom27.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00045568 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_socket.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01160704 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_ssl.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00320512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32com.shell.shell.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00713216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_hashlib.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01175040 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._core_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00805888 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._gdi_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00811008 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._windows_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01062400 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._controls_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00735232 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._misc_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00557056 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pysqlite2._sqlite.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00128512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_elementtree.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00127488 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pyexpat.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00087552 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_ctypes.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00119808 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32file.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00108544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32security.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00007168 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\hashobjs_ext.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00167936 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32gui.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00018432 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32event.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00038912 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32inet.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00011264 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32crypt.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00070656 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._html2.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00027136 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_multiprocessing.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00035840 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32process.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00686080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\unicodedata.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00122368 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._wizard.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00024064 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32pipe.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00025600 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32pdh.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00525640 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\windows._lib_cacheinvalidation.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00010240 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\select.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32profile.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00022528 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32ts.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00078336 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._animate.pyd
2012-11-23 12:32 - 2012-01-17 18:21 - 00068104 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\PEGAACPIDLL.dll
2012-11-23 12:32 - 2011-02-15 13:59 - 00015624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\ACPIDll.dll
2014-03-28 03:35 - 2014-03-28 03:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-09-03 13:48 - 2012-09-03 13:48 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2012-11-23 12:32 - 2012-08-16 18:53 - 00180224 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2012-11-23 12:22 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Michael\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\Google Drive\Peloton2.jpg
HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 68.105.28.11 - 68.105.29.11
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Snagit 11.lnk"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "ScrewDrivers RDP Plugin"
HKLM\...\StartupApproved\Run32: => "OnlineMapFinder AppIntegrator 64-bit"
HKLM\...\StartupApproved\Run32: => "OnlineMapFinder AppIntegrator 32-bit"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1D7305B07635F8E0A4CF4B02D1C53C4D"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "ViStart"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1013081442-1574353736-2319275716-500 - Administrator - Disabled)
Guest (S-1-5-21-1013081442-1574353736-2319275716-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1013081442-1574353736-2319275716-1007 - Limited - Enabled)
Michael (S-1-5-21-1013081442-1574353736-2319275716-1001 - Administrator - Enabled) => C:\Users\Michael
peloton (S-1-5-21-1013081442-1574353736-2319275716-1008 - Limited - Enabled) => C:\Users\peloton
 
==================== Faulty Device Manager Devices =============
 
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/12/2015 01:24:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 40.0.2214.111 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3804
 
Start Time: 01d046f8b2855708
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: c5c74289-b2ec-11e4-bf07-689423a73d14
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (02/12/2015 00:57:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: DTSPipelinePerf110.dllDTSPipeline1104
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (02/12/2015 00:57:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
 
System errors:
=============
Error: (02/12/2015 00:58:52 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:58:51 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:56:57 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:56:48 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 06:52:55 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:52:52 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:17 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:14 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:11 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:08 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
 
Microsoft Office Sessions:
=========================
Error: (02/12/2015 01:24:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe40.0.2214.111380401d046f8b28557084294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exec5c74289-b2ec-11e4-bf07-689423a73d14
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (02/12/2015 00:57:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: DTSPipelinePerf110.dllDTSPipeline1104
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (02/12/2015 00:57:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 06:48:24.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:24.518
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:24.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.905
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:04.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:04.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:03.769
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 53%
Total physical RAM: 6007.86 MB
Available physical RAM: 2772.5 MB
Total Pagefile: 7799.86 MB
Available Pagefile: 3625.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:913.93 GB) (Free:756.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.67 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7C85191C)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Peloton is commercial business software used in the Oil and Gas  industry.  I work for the company and support this software.

I have tried attaching the file you requested, but I get Error522. I am pasting the contents of the Addition.txt file below.

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
Ran by Michael at 2015-02-12 14:11:11
Running from C:\Users\Michael\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4407 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
GDR 3128 for SQL Server 2012 (KB2793634) (HKLM-x32\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3153 for SQL Server 2012 (KB2977326) (HKLM-x32\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\HPConnectedMusic) (Version: 1.1 (build 57) hp - Meridian Audio Ltd)
HP My Display TouchSmart Edition (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.12.004 - Portrait Displays, Inc.)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6419.0 - IDT)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft MapPoint North America 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-1111BC2C2B6D}) (Version: 19.0.18.1100 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{73C86D5C-45CA-4C97-93C1-C89378CEAD2A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Runtime for SQL Server 2014 CTP2 (HKLM-x32\...\{E0090F34-645A-467D-949E-406BA5C08B14}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{8F3AB164-B4F3-45B1-A85A-F5E5815A44E1}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{623C2F4B-0C93-44D0-B216-6010AC2B82F7}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{536729EB-12ED-45AA-BB39-CB801623C01A}) (Version: 11.1.3436.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{376949D9-0B10-4E7A-9AA5-16AC38F9E843}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 CTP2 (HKLM-x32\...\Microsoft SQL Server SQL14CTP2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 CTP2 Setup (English) (HKLM-x32\...\{ACAB42F8-F664-492C-9C9C-D5A01D2982F8}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies CTP2 (HKLM-x32\...\{2ED3EA76-C6BA-44D4-8952-F95757B932B7}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service CTP2 (HKLM\...\{F175389E-00E5-40BE-A730-E9FB25770DE3}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom CTP2 (HKLM\...\{BD03E02F-D135-474B-A3BD-174BA595C043}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 CTP2 (HKLM\...\{802046C3-464D-42CC-8E91-5DFBBC14B68A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{e20d88d6-6150-4602-b4ef-49e138467d4d}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Language Support (HKLM-x32\...\{44774b10-3e2b-443c-899b-56c46b370aa7}) (Version: 11.0.50727.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{e238e1a0-7fbd-4146-a4ac-d48badcdf3ae}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 CTP2 (HKLM\...\{549E59D0-CE66-4AE1-905D-A1E3FD915070}) (Version: 12.0.1524.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
Online Plug-in (x32 Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden
OnlineMapFinder Internet Explorer Toolbar (HKLM-x32\...\OnlineMapFinder_9pbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Peloton WellView (HKLM-x32\...\{24D1ACA3-9CFA-4AFC-8520-4D7D49FA6C12}) (Version: 8.1.57 - )
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Pokki (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Pokki) (Version: 0.269.5.460 - Pokki)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
Quest PowerGUI® 3.5 (HKLM-x32\...\{57FE4597-505A-4B6E-A3F4-924B7620DB23}_Qs) (Version: 3.5.0.2293 - Quest Software, Inc.)
Quest PowerGUI® 3.5 (x32 Version: 3.5.0.2293 - Quest Software, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{3DA4255C-E376-83BE-72B4-B060F7124CC8}) (Version: 9.0.720.5 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
ScrewDrivers Client v4 (HKLM-x32\...\{8F82D940-8862-4111-B5BA-5F3546646656}) (Version: 4.5.07.74 - triCerat, Inc.)
SDK (x32 Version: 2.28.007 - Portrait Displays, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-003B-0000-0000-0000000FF1CE}_Office15.PRJPROR_{115B7592-B71D-4C27-AB34-34268FB199CA}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
SQL Server 2008 R2 Common Files (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2012 Analysis Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data Tools - BI for Visual Studio 2012 (x32 Version: 11.1.3436.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (x32 Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SSIS 64Bit For SSDTBI VS2012 (Version: 11.1.3436.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Client Tools (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Common Files (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Database Engine Services (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Database Engine Shared (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Documentation Components (Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Documentation Components (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Full text search (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Management Studio (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server 2014 CTP2 Reporting Services (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 CTP2 (HKLM-x32\...\{07080044-8AF5-4F06-BFE9-6317E059B76A}) (Version: 12.0.1524.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 12.0.1524.0 - Microsoft Corporation) Hidden
Stardock DeskScapes 8 (HKLM-x32\...\Stardock DeskScapes 8) (Version: 8.10 - Stardock Software, Inc.)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Stardock IconPackager (HKLM-x32\...\IconPackager) (Version: 5.10 - Stardock Software, Inc.)
Stardock Launch8 (HKLM-x32\...\Stardock Launch8) (Version: 1.00 - Stardock Software, Inc.)
Stardock ModernMix (HKLM-x32\...\Stardock ModernMix) (Version: 1.12 - Stardock Software, Inc.)
Stardock Object Desktop Manager (HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\Object Desktop Manager) (Version:  - Stardock Software, Inc.)
Stardock SkinStudio (HKLM-x32\...\SkinStudio) (Version: 8.01 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.)
Stardock Theme Manager (HKLM-x32\...\Theme Manager) (Version: 4.00 - Stardock Systems, Inc.)
Stardock Tiles (HKLM-x32\...\Tiles) (Version: 1.10 - Stardock Software, Inc.)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.02 - Stardock Software, Inc.)
Stardock WindowFX (HKLM-x32\...\WindowFX) (Version: 5.12 - Stardock Software, Inc.)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WebEx Productivity Tools (HKLM-x32\...\{E7C4EB6C-746A-421B-8B4D-FDEB9B97FBBD}) (Version: 2.32.900.15980 - Cisco WebEx LLC)
Win2PDF 7 (HKLM\...\Win2PDF_is1) (Version: 7.5.0 - Dane Prairie Systems, LLC.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013081442-1574353736-2319275716-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
25-01-2015 11:36:42 Windows Update
29-01-2015 07:37:56 Windows Update
06-02-2015 06:02:11 Windows Update
08-02-2015 18:24:29 Plex Media Server
12-02-2015 06:18:03 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01914367-74F6-4DB4-8DF1-6DBA9CA4791B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {049B4C62-28AD-43E2-A635-4C234DD02A1E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-12] (Microsoft Corporation)
Task: {0ECA56B1-AD2E-4456-8396-1C837AB50852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {14AA9FC1-98C3-4BE1-8421-18EC79F7208D} - System32\Tasks\LibertyResourcesLibraryUpdater2 => C:\Users\Michael\Desktop\Release\LibertyResourcesLibraryUpdater.exe
Task: {1EF47E68-5C3D-4185-A7B5-0B1485AA4E84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5267551B-34B8-400C-BAB2-B7C6D4F54B07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {642129DE-6216-44CB-A39A-78C778477365} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {697D7A6D-E4E6-4094-83D9-E9EF54072DE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {77A550D9-04FB-47DD-A52F-29F7DDE05A1B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {7FEC12C3-84F5-425E-8DE9-35057DE89AC1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {88CDD1F0-EF51-495C-A489-1E94FDEB80BB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {B6B87225-8761-44E0-9456-887506A86B5F} - System32\Tasks\{98F7BB73-10CF-4843-A637-3313F1A225E5} => pcalua.exe -a "C:\Program Files\Webroot\WRSA.exe" -c -uninstall
Task: {D42C21AD-29AE-48E2-8F07-3B8D640E62EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {D4A90884-8B67-444B-8A98-32046740F5E6} - System32\Tasks\Object Desktop-S-1-5-21-1013081442-1574353736-2319275716-1001 => C:\Users\Michael\AppData\Local\Stardock\ObjectDesktop\ObjectDesktopManager.exe [2014-06-10] (Stardock)
Task: {DFC7582C-B783-48A4-B171-B7F9A89865AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {EC70EBA0-76E0-4421-8B48-821C66361D97} - System32\Tasks\LibertyResourcesLibraryUpdater => C:\Users\Michael\Desktop\Release\LibertyResourcesLibraryUpdater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001Core.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1013081442-1574353736-2319275716-1001UA.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-03-08 01:46 - 2012-11-12 11:02 - 00399536 ____N () C:\Program Files (x86)\Stardock\WindowFX\WFX32.exe
2013-03-22 20:19 - 2012-10-24 15:54 - 00075552 _____ () C:\WINDOWS\System32\win2pdfm.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2015-01-21 14:59 - 2015-01-21 14:59 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-23 12:32 - 2012-08-16 19:12 - 00268880 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2013-10-15 18:43 - 2013-10-15 18:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-30 15:30 - 2014-09-05 18:54 - 06281536 _____ () C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-11-23 12:32 - 2012-08-16 19:12 - 00161360 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2012-11-23 12:32 - 2012-08-16 19:12 - 00194640 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2013-03-26 09:44 - 2013-03-26 09:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-09-03 13:48 - 2012-09-03 13:48 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-08-14 12:24 - 2012-08-14 12:24 - 00323648 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 19:28 - 2012-05-02 19:28 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2012-09-03 13:50 - 2012-09-03 13:50 - 00054784 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2014-11-07 13:48 - 2014-06-23 20:32 - 00025088 _____ () C:\Peloton\Services\SyncHost\WellView9\App\WellView 9.0.20130912 app\system\bin\Peloton.AppFrame.GISDataNormalizer.dll
2015-01-21 14:58 - 2015-01-21 14:58 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-09-03 13:52 - 2012-09-03 13:52 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2012-09-03 13:01 - 2012-09-03 13:01 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2012-11-23 12:34 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00098816 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32api.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00110080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pywintypes27.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00364544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pythoncom27.dll
2015-02-12 13:40 - 2015-02-12 13:40 - 00045568 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_socket.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01160704 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_ssl.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00320512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32com.shell.shell.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00713216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_hashlib.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01175040 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._core_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00805888 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._gdi_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00811008 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._windows_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 01062400 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._controls_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00735232 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._misc_.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00557056 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pysqlite2._sqlite.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00128512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_elementtree.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00127488 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\pyexpat.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00087552 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_ctypes.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00119808 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32file.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00108544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32security.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00007168 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\hashobjs_ext.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00167936 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32gui.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00018432 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32event.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00038912 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32inet.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00011264 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32crypt.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00070656 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._html2.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00027136 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\_multiprocessing.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00035840 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32process.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00686080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\unicodedata.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00122368 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._wizard.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00024064 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32pipe.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00025600 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32pdh.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00525640 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\windows._lib_cacheinvalidation.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00010240 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\select.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32profile.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00022528 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\win32ts.pyd
2015-02-12 13:40 - 2015-02-12 13:40 - 00078336 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI59402\wx._animate.pyd
2012-11-23 12:32 - 2012-01-17 18:21 - 00068104 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\PEGAACPIDLL.dll
2012-11-23 12:32 - 2011-02-15 13:59 - 00015624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\ACPIDll.dll
2014-03-28 03:35 - 2014-03-28 03:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-09-03 13:48 - 2012-09-03 13:48 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2012-11-23 12:32 - 2012-08-16 18:53 - 00180224 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2012-11-23 12:22 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-02-05 22:37 - 2015-02-04 03:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Michael\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\Google Drive\Peloton2.jpg
HKU\S-1-5-80-2737076373-123140731-2525382599-767194424-4268292863\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-633224673-3063612866-542870972-4214686629-759481782\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 68.105.28.11 - 68.105.29.11
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Snagit 11.lnk"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "ScrewDrivers RDP Plugin"
HKLM\...\StartupApproved\Run32: => "OnlineMapFinder AppIntegrator 64-bit"
HKLM\...\StartupApproved\Run32: => "OnlineMapFinder AppIntegrator 32-bit"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1D7305B07635F8E0A4CF4B02D1C53C4D"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1013081442-1574353736-2319275716-1001\...\StartupApproved\Run: => "ViStart"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1013081442-1574353736-2319275716-500 - Administrator - Disabled)
Guest (S-1-5-21-1013081442-1574353736-2319275716-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1013081442-1574353736-2319275716-1007 - Limited - Enabled)
Michael (S-1-5-21-1013081442-1574353736-2319275716-1001 - Administrator - Enabled) => C:\Users\Michael
peloton (S-1-5-21-1013081442-1574353736-2319275716-1008 - Limited - Enabled) => C:\Users\peloton
 
==================== Faulty Device Manager Devices =============
 
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/12/2015 01:24:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 40.0.2214.111 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3804
 
Start Time: 01d046f8b2855708
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: c5c74289-b2ec-11e4-bf07-689423a73d14
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (02/12/2015 00:57:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: DTSPipelinePerf110.dllDTSPipeline1104
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (02/12/2015 00:57:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
 
System errors:
=============
Error: (02/12/2015 00:58:52 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:58:51 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:56:57 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 00:56:48 PM) (Source: DCOM) (EventID: 10016) (User: HP1)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}HP1MichaelS-1-5-21-1013081442-1574353736-2319275716-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/12/2015 06:52:55 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:52:52 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:17 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:14 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:11 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (02/12/2015 06:50:08 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
 
Microsoft Office Sessions:
=========================
Error: (02/12/2015 01:24:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe40.0.2214.111380401d046f8b28557084294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exec5c74289-b2ec-11e4-bf07-689423a73d14
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (02/12/2015 00:57:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (02/12/2015 00:57:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: DTSPipelinePerf110.dllDTSPipeline1104
 
Error: (02/12/2015 00:57:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (02/12/2015 00:57:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 06:48:24.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:24.518
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:24.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.905
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:05.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:04.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:04.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 06:48:03.769
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 53%
Total physical RAM: 6007.86 MB
Available physical RAM: 2772.5 MB
Total Pagefile: 7799.86 MB
Available Pagefile: 3625.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:913.93 GB) (Free:756.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.67 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7C85191C)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Attached Files



#8 olgun52

olgun52

  • Malware Response Team
  • 3,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 16 February 2015 - 10:11 AM

Hi mrmnew, thanks for the logs.
 
Uninstalling a Program using Add/Remove Program

I recommend the uninstalling of the below listed program(s).

  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Uninstall the following by clicking on the program(s) below (and any other similar names) and selecting Remove or Uninstall

Ads by MPlayerX or MPlayerX
OnlineMapFinder Internet Explorer Toolbar

  • Reboot your computer

-----------------
 
Step 1:
FRST Script:
Ensure your external and/or USB drives are inserted during the scan

Please download this attached txt.gif  fixlist.txt   14.31KB   0 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
  • Please copy and paste its contents in your next reply.

NOT : It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 
Step 2:
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 3:
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 4:
Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Have a great day.

Attached Files


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 olgun52

olgun52

  • Malware Response Team
  • 3,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 18 February 2015 - 04:46 PM

Hello mrmnew,

 

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#10 olgun52

olgun52

  • Malware Response Team
  • 3,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 22 February 2015 - 08:01 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users