Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

COM Surrogate shuts down my PC


  • This topic is locked This topic is locked
17 replies to this topic

#1 AlgernonTehMouse

AlgernonTehMouse

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 25 March 2015 - 05:58 PM

The Virus COM Surrogate is on my computer and causes it to shutdown and restart...it is very annoying how do I get it off my computer?



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 25 March 2015 - 06:07 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click the 3.png to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
2.png

Step 2

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 25 March 2015 - 08:43 PM

OK 

 

Step 1: Here is the LOG

 

[2015.03.25 18:34:42.728] - Begin
[2015.03.25 18:34:42.748] - 
[2015.03.25 18:34:42.749] -     ....................................
[2015.03.25 18:34:42.750] -   ..::::::::::::::::::....................
[2015.03.25 18:34:42.751] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2015.03.25 18:34:42.753] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.4
[2015.03.25 18:34:42.755] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Mar 25 2015
[2015.03.25 18:34:42.756] -  .::EE:::::::::::::SS:.EE..........TT......
[2015.03.25 18:34:42.757] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2015.03.25 18:34:42.758] -   ..::::::::::::::::::....................    1992-2015. All rights reserved.
[2015.03.25 18:34:42.758] -     ....................................
[2015.03.25 18:34:42.758] - 
[2015.03.25 18:34:42.759] - --------------------------------------------------------------------------------
[2015.03.25 18:34:42.759] - 
[2015.03.25 18:34:42.760] - INFO: OS: 6.2.9200 SP0
[2015.03.25 18:34:42.760] - INFO: Product Type: Workstation
[2015.03.25 18:34:42.761] - INFO: WoW64: True
[2015.03.25 18:34:42.761] - INFO: Machine guid: 7328B74C-0867-4C67-97FB-5D300ECB2F4E 
[2015.03.25 18:34:42.761] - 
[2015.03.25 18:34:44.577] - INFO: Scanning for system infection...
[2015.03.25 18:34:44.577] - --------------------------------------------------------------------------------
[2015.03.25 18:34:44.583] - 
[2015.03.25 18:34:44.583] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.03.25 18:34:44.583] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2015.03.25 18:34:44.584] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.03.25 18:34:44.584] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2015.03.25 18:34:44.584] - INFO: Processing classes...
[2015.03.25 18:34:44.584] - INFO: Processing clsid [\Registry\User\S-1-5-21-5524059-56250828-1699871848-1001\SOFTWARE\Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
[2015.03.25 18:34:44.584] - INFO: Processing clsid [\Registry\User\S-1-5-21-5524059-56250828-1699871848-1001\SOFTWARE\Classes\CLSID\{75F5F73E-AB69-DC45-A655-28183E9093CC}]
[2015.03.25 18:34:44.584] - INFO: Processing clsid [\Registry\User\S-1-5-21-5524059-56250828-1699871848-1001\SOFTWARE\Classes\CLSID\{75F5F73E-AB69-DC45-A655-98460909E298}]
[2015.03.25 18:34:44.584] - INFO: Processing clsid [\Registry\User\S-1-5-21-5524059-56250828-1699871848-1001\SOFTWARE\Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
[2015.03.25 18:34:44.584] - INFO: Processing clsid [\Registry\User\S-1-5-21-5524059-56250828-1699871848-1001\SOFTWARE\Classes\CLSID\{B8EC1FB8-AB69-DC45-A655-28183E9093CC}]
[2015.03.25 18:34:44.585] - INFO: Processing clsid [\Registry\User\S-1-5-21-5524059-56250828-1699871848-1001\SOFTWARE\Classes\CLSID\{B8EC1FB8-AB69-DC45-A655-98460909E298}]
[2015.03.25 18:34:44.585] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.25 18:34:44.586] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.25 18:34:44.586] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.25 18:34:44.586] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.25 18:34:44.586] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.25 18:34:44.587] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2015.03.25 18:34:44.587] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.25 18:34:44.587] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2015.03.25 18:34:44.587] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2015.03.25 18:34:44.587] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2015.03.25 18:34:44.588] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.03.25 18:34:44.589] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2015.03.25 18:34:44.589] - INFO: (XSW) Scanning for XSW variant...
[2015.03.25 18:34:44.591] - INFO: (XSW) Processing users subkeys...
[2015.03.25 18:34:44.592] - INFO: Win32/Poweliks not found
[2015.03.25 18:35:00.793] - End
 
Step 2:
 
FRST log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Anthony (administrator) on OFFICE on 25-03-2015 18:39:04
Running from C:\Users\Anthony\Desktop\Cleaning
Loaded Profiles: Anthony (Available profiles: Anthony)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [41280 2014-01-12] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-02-13] (Seagate Technology LLC)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [GoogleChromeAutoLaunch_2AA0595218EF30A2508F1E549DA19CC6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-02-13] (Seagate Technology LLC)
Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-5524059-56250828-1699871848-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-5524059-56250828-1699871848-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Anthony\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-16] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-04]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-12]
CHR Extension: (Google Docs) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-12]
CHR Extension: (Google Drive) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-12]
CHR Extension: (YouTube) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-12]
CHR Extension: (Google Search) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-12]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-05]
CHR Extension: (Google Sheets) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-12]
CHR Extension: (AdBlock) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-18]
CHR Extension: (LastPass Vault) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2015-02-12]
CHR Extension: (Save to Pocket) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-12]
CHR Extension: (Gmail) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-15] (Electronic Arts)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-11-06] (CyberLink)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-02-13] (Seagate Technology LLC)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-25 18:38 - 2015-03-25 18:39 - 00000000 ____D () C:\FRST
2015-03-25 18:37 - 2015-03-25 18:37 - 02095616 _____ (Farbar) C:\Users\Anthony\Downloads\FRST64.exe
2015-03-25 18:34 - 2015-03-25 18:39 - 00000000 ____D () C:\Users\Anthony\Desktop\Cleaning
2015-03-25 18:34 - 2015-03-25 18:34 - 00221384 _____ (ESET) C:\Users\Anthony\Downloads\ESETPoweliksCleaner.exe
2015-03-24 13:07 - 2015-03-24 13:07 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\TuneUp Software
2015-03-24 13:02 - 2015-03-25 15:54 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-24 13:02 - 2015-03-24 13:02 - 04816784 _____ (AVG Technologies) C:\Users\Anthony\Downloads\avg_isc_stb_all_2015_ltst_206.exe
2015-03-24 13:02 - 2015-03-24 13:02 - 00000000 ____D () C:\Users\Anthony\AppData\Local\MFAData
2015-03-24 08:58 - 2015-03-24 08:58 - 00002567 _____ () C:\Users\Anthony\Desktop\GoToMeeting Quick Connect.lnk
2015-03-23 17:18 - 2015-03-23 17:19 - 00032929 _____ () C:\Users\Anthony\Downloads\mailed to - Sheet1.csv
2015-03-23 14:14 - 2015-03-23 14:14 - 00001125 _____ () C:\Users\Public\Desktop\X-Lite.lnk
2015-03-23 14:14 - 2015-03-23 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CounterPath X-Lite
2015-03-23 14:14 - 2015-03-23 14:14 - 00000000 ____D () C:\Program Files (x86)\CounterPath
2015-03-23 14:09 - 2015-03-23 14:09 - 45781544 _____ (CounterPath Corporation ) C:\Users\Anthony\Downloads\X-Lite_Win32_4.5.5._71236.exe
2015-03-23 07:39 - 2015-03-23 07:39 - 00002733 _____ () C:\Users\Public\Desktop\Seagate Dashboard.lnk
2015-03-23 07:39 - 2015-03-23 07:39 - 00000000 ____D () C:\ProgramData\Nero
2015-03-23 07:39 - 2015-03-23 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
2015-03-20 10:32 - 2015-03-20 10:32 - 00002585 _____ () C:\Users\Anthony\Downloads\Dental_Marketing_Ideas_For_Your_Practice_Transcript.txt
2015-03-20 10:32 - 2015-03-20 10:32 - 00001546 _____ () C:\Users\Anthony\Downloads\Why_Use_Us_Transcript.txt
2015-03-20 10:05 - 2015-03-20 10:05 - 00005048 _____ () C:\Users\Anthony\Downloads\envato_marketplace_statement_2015-01-01_to_2015-03-21.csv
2015-03-18 22:41 - 2015-03-18 22:41 - 00001654 _____ () C:\Users\Anthony\Desktop\The Traveller.wve
2015-03-18 22:40 - 2015-03-18 22:40 - 11444752 _____ () C:\Users\Anthony\Desktop\the traveller.wav
2015-03-18 09:23 - 2015-03-18 09:23 - 00000000 ____D () C:\Users\Anthony\Tracing
2015-03-17 10:28 - 2015-03-17 10:55 - 00000000 ____D () C:\Users\Anthony\Desktop\CL ADs
2015-03-16 07:24 - 2015-03-16 07:24 - 01652636 _____ () C:\Users\Anthony\Downloads\woocommerce.zip
2015-03-16 07:12 - 2015-03-16 07:12 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage006.bmp
2015-03-13 13:04 - 2015-03-16 08:24 - 00001456 _____ () C:\Users\Anthony\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-03-13 12:26 - 2015-03-13 12:26 - 00000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-03-12 17:25 - 2015-03-12 17:25 - 16899129 _____ () C:\Users\Anthony\Downloads\Manufacturing-Authority-Banners.zip
2015-03-12 10:21 - 2015-03-13 12:11 - 00000000 ____D () C:\Users\Anthony\Desktop\Manufacturing-Authority-Banners
2015-03-11 08:16 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 08:16 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 08:15 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:15 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:15 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:15 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 08:15 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 08:15 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 08:15 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 08:15 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 08:15 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 08:15 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 08:15 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 08:15 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 08:15 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 08:15 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 08:15 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 08:14 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:14 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:14 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:14 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 08:14 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:14 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:14 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:14 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:14 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:14 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:14 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:14 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:14 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 08:14 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:14 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:14 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:14 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:14 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:14 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 08:14 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:14 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:14 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:14 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 08:14 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 08:14 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 08:14 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:14 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:14 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:14 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:14 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:14 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 08:14 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 08:14 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:14 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 08:14 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:14 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:14 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:14 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:14 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:14 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:14 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:14 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:14 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:14 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 08:14 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 08:14 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 08:14 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 08:14 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 08:14 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 08:14 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 08:14 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:14 - 2015-01-29 20:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 08:14 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 08:14 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 08:14 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 08:14 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 08:14 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 08:14 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 08:14 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 08:14 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 08:14 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 08:14 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 08:14 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 08:14 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 08:14 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 08:14 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:14 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:14 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 08:14 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 08:14 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 08:14 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 08:14 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 08:14 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 08:14 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 08:14 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 08:14 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:14 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 08:14 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 08:14 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 08:14 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 08:14 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:14 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 08:14 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 08:14 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 08:14 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:14 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:14 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:14 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 08:14 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 08:14 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 08:14 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:14 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:14 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:14 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 08:14 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 08:14 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 08:14 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 08:14 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 08:14 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 08:14 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:14 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:14 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:14 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 08:14 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 08:14 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 08:14 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 08:14 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 08:14 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 08:14 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 08:14 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 08:14 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 08:14 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 08:14 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 08:14 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 08:14 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 08:14 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 08:14 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 08:14 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-09 09:55 - 2015-03-09 09:55 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Evernote
2015-03-09 09:54 - 2015-03-09 09:54 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2015-03-09 09:54 - 2015-03-09 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-03-09 09:54 - 2015-03-09 09:54 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-03-09 09:53 - 2015-03-09 09:53 - 99237384 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Anthony\Downloads\Evernote_5.8.4.6870.exe
2015-03-09 09:27 - 2015-03-09 09:27 - 14259381 _____ () C:\Users\Anthony\Downloads\Surfing.themepack
2015-03-06 11:15 - 2015-03-06 11:15 - 05894184 _____ () C:\Users\Anthony\Downloads\Lato2OFL.zip
2015-03-06 10:43 - 2015-03-06 11:26 - 74034069 _____ () C:\Users\Anthony\Desktop\LL Outside.psd
2015-03-06 10:43 - 2015-03-06 11:26 - 22096091 _____ () C:\Users\Anthony\Desktop\LL Inside.psd
2015-03-05 07:53 - 2015-03-06 10:43 - 22089829 _____ () C:\Users\Anthony\Desktop\LL Back.psd
2015-03-05 07:53 - 2015-03-05 07:53 - 73722060 _____ () C:\Users\Anthony\Desktop\LL 2.psd
2015-03-05 07:52 - 2015-03-06 09:41 - 74033803 _____ () C:\Users\Anthony\Desktop\LL Front.psd
2015-03-04 16:33 - 2015-03-04 16:33 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2015-03-04 09:54 - 2015-03-04 09:54 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002230 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002160 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2015-03-04 09:44 - 2015-03-04 09:45 - 00000000 ____D () C:\Users\Anthony\Desktop\Adobe Acrobat XI
2015-03-04 09:42 - 2015-03-04 09:44 - 00000000 ____D () C:\Users\Anthony\Downloads\Adobe Acrobat XI Professional (Windows) (2)
2015-03-04 09:40 - 2015-03-04 09:40 - 01546944 _____ (arvato digital services llc) C:\Users\Anthony\Downloads\Download_Adobe_Acrobat_XI_Professional_(Windows) (1).exe
2015-03-04 09:24 - 2015-03-04 09:25 - 05881925 _____ () C:\Users\Anthony\Downloads\001_domain-name-registration (1).zip
2015-03-03 10:58 - 2015-03-03 10:58 - 00001072 _____ () C:\Users\Anthony\Desktop\join.me.lnk
2015-03-03 10:58 - 2015-03-03 10:58 - 00001072 _____ () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2015-03-03 09:51 - 2015-03-03 09:51 - 00000000 ____D () C:\Users\Anthony\AppData\Local\LogMeIn
2015-03-03 09:51 - 2015-03-03 09:51 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-03-03 09:47 - 2015-03-03 10:58 - 00000000 ____D () C:\Users\Anthony\AppData\Local\join.me
2015-03-03 09:11 - 2015-03-03 09:11 - 00187417 _____ () C:\Users\Anthony\Desktop\shepard and parker.psd
2015-03-03 09:01 - 2015-03-03 09:01 - 00000000 ____D () C:\Users\Anthony\Desktop\graphicriver-9690247-digital-mind-logo
2015-03-03 09:00 - 2015-03-03 09:00 - 03366795 _____ () C:\Users\Anthony\Desktop\graphicriver-9690247-digital-mind-logo.zip
2015-03-03 01:39 - 2015-03-03 01:39 - 29552324 _____ () C:\Users\Anthony\Downloads\audiojungle-10489465-inspiring-.zip
2015-03-02 21:57 - 2015-03-02 21:57 - 740805952 _____ () C:\Users\Anthony\Downloads\videohive-8729240-light-bulb-explosion-logo-reveal.zip
2015-03-02 08:39 - 2015-03-02 08:39 - 00000000 _____ () C:\Users\Anthony\Desktop\New Text Document.txt
2015-03-01 17:19 - 2015-03-01 17:19 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-01 17:16 - 2015-03-03 09:19 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\vlc
2015-03-01 17:10 - 2015-03-01 17:14 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\tixati
2015-03-01 17:10 - 2015-03-01 17:10 - 00020427 _____ () C:\Users\Anthony\Downloads\[kickass.to]camtasia.studio.8.3.0.build.1471.key.torrent
2015-03-01 16:30 - 2015-03-01 16:30 - 28509232 _____ () C:\Users\Anthony\Downloads\vlc-2.2.0-win32.exe
2015-02-28 17:39 - 2015-02-28 17:39 - 05489127 _____ () C:\Users\Anthony\Downloads\graphicriver-10481382-creative-corporate-trifold-brochure-vol-30.zip
2015-02-28 17:39 - 2015-02-28 17:39 - 05489127 _____ () C:\Users\Anthony\Desktop\graphicriver-10481382-creative-corporate-trifold-brochure-vol-30.zip
2015-02-28 17:39 - 2015-02-28 17:39 - 00000000 ____D () C:\Users\Anthony\Desktop\graphicriver-10481382-creative-corporate-trifold-brochure-vol-30
2015-02-28 14:38 - 2015-03-12 21:49 - 00000000 ____D () C:\Users\Anthony\Desktop\Plastic Surgeons
2015-02-28 14:29 - 2015-02-28 14:30 - 158071223 _____ () C:\Users\Anthony\Downloads\videohive-9326939-simple-slideshow.zip
2015-02-28 14:21 - 2015-02-28 14:21 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2015-02-28 14:19 - 2015-02-28 14:19 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2015-02-28 14:03 - 2015-02-28 14:03 - 00000000 ____D () C:\Users\Anthony\Desktop\Adobe CS6
2015-02-28 13:54 - 2015-02-28 14:01 - 00000000 ____D () C:\Users\Anthony\Downloads\Adobe After Effects CS6 (Windows) (2)
2015-02-28 13:54 - 2015-02-28 13:54 - 01550712 _____ (arvato digital services llc) C:\Users\Anthony\Downloads\Download_Adobe_After_Effects_CS6_(Windows) (1).exe
2015-02-28 13:48 - 2015-02-28 13:48 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Apple Computer
2015-02-27 18:48 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-02-27 18:48 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-02-27 18:48 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-02-27 18:48 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-02-27 18:48 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-02-27 18:48 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-27 18:48 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-27 18:48 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-02-27 18:48 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-02-27 18:48 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-02-27 18:48 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-02-27 18:47 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-02-27 18:47 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-02-27 18:47 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-02-27 18:47 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-02-27 18:47 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-02-27 18:47 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-02-27 18:47 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-02-27 18:47 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-02-27 18:47 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-02-27 18:47 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-02-27 18:47 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-02-27 18:47 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-02-27 18:47 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-02-27 18:47 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-02-27 18:47 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-02-27 18:47 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-02-27 18:47 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-02-27 18:47 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-02-27 18:47 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-02-27 18:47 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-02-27 18:47 - 2009-03-09 16:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-02-27 18:47 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-02-27 18:47 - 2009-03-09 16:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-02-27 18:47 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-02-27 18:47 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-02-27 18:47 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-02-27 18:47 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-02-27 18:47 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-02-27 18:47 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-02-27 18:47 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-02-27 18:47 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-02-27 18:47 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-02-27 18:47 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-02-27 18:47 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-02-27 18:47 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-02-27 18:47 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-02-27 18:47 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-02-27 18:47 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-02-27 18:47 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-02-27 18:47 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-02-27 18:47 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-02-27 18:47 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-02-27 18:47 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-02-27 18:47 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-02-27 18:47 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-02-27 18:47 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-02-27 18:47 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-02-27 18:47 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-02-27 18:47 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-02-27 18:47 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-02-27 18:47 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-02-27 18:47 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-02-27 18:47 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-02-27 18:47 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-02-27 18:47 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-02-27 18:47 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-02-27 18:47 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-02-27 18:47 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-02-27 18:47 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-02-27 18:47 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-02-27 18:47 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-02-27 18:47 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-02-27 18:47 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-02-27 18:47 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-02-27 18:47 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-02-27 18:47 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-02-27 18:47 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-02-27 18:47 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-02-27 18:47 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-02-27 18:47 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-02-27 18:47 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-02-27 18:47 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-02-27 18:47 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-02-27 18:47 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-02-27 18:47 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-02-27 18:47 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-02-27 18:47 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-02-27 18:47 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-02-27 18:47 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-02-27 18:47 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-02-27 18:47 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-02-27 18:47 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-02-27 18:47 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-02-27 18:47 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-02-27 18:47 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-02-27 18:47 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-02-27 18:47 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-02-27 18:47 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-02-27 18:47 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-02-27 18:47 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-02-27 18:47 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-02-27 18:47 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-02-27 18:47 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-02-27 18:47 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-02-27 18:47 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-02-27 18:47 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-02-27 18:47 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-02-27 18:47 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-02-27 18:47 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-02-27 18:47 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-02-27 18:47 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-02-27 18:47 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-02-27 18:47 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-02-27 18:47 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-02-27 18:47 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-02-27 18:47 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-02-27 18:47 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-02-27 18:47 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-02-27 18:47 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-02-27 18:47 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-02-27 18:47 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-02-27 18:47 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-02-27 18:47 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-02-27 18:47 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-02-27 18:47 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-02-27 18:47 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-02-27 18:47 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-02-27 18:47 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-02-27 18:47 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-02-27 18:47 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-02-27 18:47 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-02-27 18:47 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-02-27 18:47 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-02-27 18:46 - 2015-02-27 18:47 - 00010085 _____ () C:\Windows\DirectX.log
2015-02-27 18:46 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-02-27 18:46 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-02-27 18:46 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-02-27 18:46 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-02-27 18:46 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-02-27 18:46 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-02-27 18:46 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-02-27 18:46 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-02-27 18:46 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-02-27 18:46 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-02-27 18:46 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-02-27 18:46 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-02-27 18:46 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-02-27 18:46 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-02-27 18:46 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-02-27 18:46 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-02-27 18:46 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-02-27 18:46 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-02-27 18:04 - 2015-02-27 18:08 - 330423552 _____ () C:\Users\Anthony\Downloads\3_CyberLink_PowerDirector13_ContentPack_Premium_PCP140715-03.exe
2015-02-27 17:55 - 2015-03-18 21:49 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\CyberLink
2015-02-27 17:55 - 2015-02-27 18:14 - 00000000 ____D () C:\ProgramData\Temp
2015-02-27 17:46 - 2015-02-27 17:52 - 2836477976 _____ () C:\Users\Anthony\Downloads\2_CyberLink_PowerDirector13_ContentPack_Essential_PCP140715-01.exe
2015-02-27 17:46 - 2015-02-27 17:46 - 00000000 ____D () C:\Users\Anthony\AppData\Local\CyberLink
2015-02-27 17:45 - 2015-02-27 17:45 - 00002215 _____ () C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk
2015-02-27 17:45 - 2015-02-27 17:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2015-02-27 17:44 - 2015-02-27 17:44 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2015-02-27 17:44 - 2015-02-27 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-27 17:44 - 2015-02-27 17:44 - 00000000 ____D () C:\ProgramData\eSellerate
2015-02-27 17:44 - 2015-02-27 17:44 - 00000000 ____D () C:\Program Files (x86)\SmartSound Software
2015-02-27 17:43 - 2015-02-27 17:44 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-02-27 17:43 - 2015-02-27 17:43 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-27 17:43 - 2015-02-27 17:43 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-02-27 17:43 - 2015-02-27 17:43 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Apple
2015-02-27 17:43 - 2015-02-27 17:43 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-02-27 17:43 - 2015-02-27 17:43 - 00000000 ____D () C:\ProgramData\Apple
2015-02-27 17:43 - 2015-02-27 17:43 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-02-27 17:42 - 2015-02-27 17:42 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\proDAD
2015-02-27 17:42 - 2015-02-27 17:42 - 00000000 ____D () C:\ProgramData\proDAD
2015-02-27 17:42 - 2015-02-27 17:42 - 00000000 ____D () C:\Program Files\proDAD
2015-02-27 17:42 - 2014-11-07 15:42 - 00607256 _____ (proDAD GmbH) C:\Windows\system32\prodad-codec.dll
2015-02-27 17:42 - 2014-11-07 15:42 - 00375832 _____ (proDAD GmbH) C:\Windows\system32\proDAD-PA-Support.dll
2015-02-27 17:41 - 2015-02-27 18:13 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2015-02-27 17:41 - 2015-02-27 17:55 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-02-27 17:41 - 2015-02-27 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2015-02-27 17:41 - 2015-02-27 17:42 - 00000000 ____D () C:\Program Files\NewBlue
2015-02-27 17:41 - 2015-02-27 17:41 - 00002036 _____ () C:\Users\Public\Desktop\CyberLink PowerDirector 13 (64-bit).lnk
2015-02-27 17:41 - 2015-02-27 17:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 13
2015-02-27 17:41 - 2015-02-27 17:41 - 00000000 ____D () C:\Program Files\Common Files\NewBlue
2015-02-27 17:41 - 2015-02-27 17:41 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2015-02-27 17:37 - 2015-02-27 17:41 - 00000000 ____D () C:\Program Files\CyberLink
2015-02-27 17:27 - 2015-03-02 19:17 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-27 17:27 - 2015-02-27 18:13 - 00000000 ____D () C:\ProgramData\install_clap
2015-02-27 17:27 - 2015-02-27 17:45 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2015-02-27 16:43 - 2015-02-27 16:45 - 947810440 _____ () C:\Users\Anthony\Downloads\1_CyberLink_PowerDirector13_Ultimate_VDE141029-01.exe
2015-02-27 12:55 - 2015-02-27 18:35 - 107215454 _____ () C:\Users\Anthony\Desktop\Leonard Nimoy 1931-2015 by Anthony Larman.psd
2015-02-27 12:44 - 2015-02-27 12:44 - 00008778 _____ () C:\Users\Anthony\Downloads\allen-r-walden_final-frontier-old-style.zip
2015-02-27 12:38 - 2015-02-27 12:38 - 00010884 _____ () C:\Users\Anthony\Downloads\federation_classic.zip
2015-02-27 08:54 - 2015-02-27 08:54 - 45112928 _____ (Skype Technologies S.A.) C:\Users\Anthony\Downloads\SkypeSetupFull.exe
2015-02-27 08:48 - 2015-02-27 08:48 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Anthony\Downloads\SkypeSetup (6).exe
2015-02-26 22:30 - 2015-03-24 09:58 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Skype
2015-02-26 22:30 - 2015-03-18 09:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-26 22:30 - 2015-02-26 22:30 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-26 22:30 - 2015-02-26 22:30 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Skype
2015-02-26 22:30 - 2015-02-26 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-26 22:29 - 2015-03-18 09:22 - 00000000 ____D () C:\ProgramData\Skype
2015-02-26 22:28 - 2015-02-26 22:28 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Anthony\Downloads\SkypeSetup (5).exe
2015-02-26 21:12 - 2015-02-26 21:13 - 00000000 ____D () C:\Users\Anthony\Desktop\Conceptual Flat Icon_V.1.5
2015-02-26 21:12 - 2015-02-26 21:11 - 145352749 _____ () C:\Users\Anthony\Desktop\graphicriver-10511361-conceptual-flat-icons.zip
2015-02-26 21:11 - 2015-02-26 21:11 - 145352749 _____ () C:\Users\Anthony\Downloads\graphicriver-10511361-conceptual-flat-icons.zip
2015-02-26 16:44 - 2015-02-26 16:45 - 00000000 ____D () C:\Users\Anthony\Desktop\Set of Flat Business & Marketing Concepts
2015-02-26 16:44 - 2015-02-26 16:43 - 15417465 _____ () C:\Users\Anthony\Desktop\graphicriver-9195304-set-of-flat-business-marketing-concepts-.zip
2015-02-26 16:43 - 2015-02-26 16:43 - 15417465 _____ () C:\Users\Anthony\Downloads\graphicriver-9195304-set-of-flat-business-marketing-concepts-.zip
2015-02-26 16:32 - 2015-03-11 20:52 - 00000000 ____D () C:\Users\Anthony\Desktop\Shoelace Info Graphic
2015-02-26 15:29 - 2015-02-26 15:29 - 00261233 _____ () C:\Users\Anthony\Downloads\dosis.zip
2015-02-26 14:40 - 2015-02-26 14:40 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-02-26 14:34 - 2015-02-26 16:04 - 02227381 _____ () C:\Users\Anthony\Desktop\graphicriver-10241845-number-banners-modern-design-template.zip
2015-02-26 14:26 - 2015-02-26 14:26 - 01966054 _____ () C:\Users\Anthony\Downloads\graphicriver-10241845-number-banners-modern-design-template.zip
2015-02-26 14:01 - 2015-02-26 14:01 - 00001670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
2015-02-26 13:59 - 2015-02-26 13:59 - 00001546 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
2015-02-26 13:59 - 2015-02-26 13:59 - 00000000 ____D () C:\ProgramData\ALM
2015-02-26 13:53 - 2015-02-26 13:53 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-02-26 13:53 - 2015-02-26 13:53 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-26 13:53 - 2015-02-26 13:53 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-26 13:17 - 2015-02-26 13:17 - 00000000 ____D () C:\Users\Anthony\Desktop\Adobe Illustrator CS6
2015-02-26 12:07 - 2015-02-26 12:18 - 00000000 ____D () C:\Users\Anthony\Downloads\Adobe Illustrator CS6 (Windows) (2)
2015-02-26 12:05 - 2015-02-26 12:06 - 01552248 _____ (arvato digital services llc) C:\Users\Anthony\Downloads\Download_Adobe_Illustrator_CS6_(Windows) (1).exe
2015-02-26 10:58 - 2015-02-26 10:58 - 00007620 _____ () C:\Users\Anthony\Downloads\dental+marketing-phrase_fullsearch-us.csv
2015-02-26 10:35 - 2015-02-26 10:35 - 02462260 _____ () C:\Users\Anthony\Downloads\ada.org-domain_organic-us.csv
2015-02-26 09:52 - 2015-02-26 09:52 - 00002478 _____ () C:\Users\Anthony\Downloads\http%3A%2F%2Fcrawfordandobrien.com%2Fdental-internet-marketing%2F-url_organic-us.csv
2015-02-25 10:46 - 2015-02-25 10:46 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage005.bmp
2015-02-25 10:31 - 2015-02-25 10:31 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage004.bmp
2015-02-25 10:27 - 2015-02-25 10:27 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage003.bmp
2015-02-25 10:21 - 2015-02-25 10:21 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage002.bmp
2015-02-25 10:04 - 2015-02-25 10:04 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage001.bmp
2015-02-25 10:04 - 2015-02-25 10:04 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage000.bmp
2015-02-25 08:38 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 08:38 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 08:38 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 08:38 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 08:38 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 08:38 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-24 18:16 - 2015-02-24 18:16 - 02854447 _____ () C:\Users\Anthony\Downloads\cosmeticsurgery.3.0.150224.1842.zip
2015-02-24 09:31 - 2015-02-24 09:31 - 01030326 _____ () C:\Users\Anthony\Downloads\nxs-photopack-cosmeticsurgery-14.zip
2015-02-24 01:12 - 2015-02-24 01:12 - 18284092 _____ () C:\Users\Anthony\Desktop\Glass of Water.rif
2015-02-23 22:52 - 2015-02-23 22:52 - 00000637 _____ () C:\Users\Anthony\Downloads\photopack_readme_v3 (1).txt
2015-02-23 22:24 - 2015-02-23 22:24 - 00000637 _____ () C:\Users\Anthony\Downloads\photopack_readme_v3.txt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-25 18:35 - 2015-02-16 08:20 - 00000588 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001.job
2015-03-25 18:32 - 2015-02-12 13:42 - 01300686 _____ () C:\Windows\WindowsUpdate.log
2015-03-25 18:26 - 2015-02-12 23:21 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 18:22 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-25 15:59 - 2015-02-13 15:17 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Adobe
2015-03-25 15:59 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-25 15:58 - 2015-02-12 13:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C778EA3-B96F-44F1-ADD2-4E3DA0ED9A3C}
2015-03-25 15:54 - 2015-02-12 23:21 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 15:54 - 2015-02-12 13:37 - 00016992 _____ () C:\Windows\PFRO.log
2015-03-25 15:54 - 2013-08-22 07:46 - 00024052 _____ () C:\Windows\setupact.log
2015-03-25 15:54 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-24 16:36 - 2015-02-12 13:47 - 00003590 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-5524059-56250828-1699871848-1001
2015-03-24 14:03 - 2013-08-22 08:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-24 13:10 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-24 11:49 - 2015-02-12 23:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-24 11:01 - 2015-02-12 13:46 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 10:56 - 2015-02-12 13:42 - 00000000 ____D () C:\Users\Anthony
2015-03-23 14:14 - 2015-02-12 14:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-23 07:40 - 2015-02-14 14:06 - 00003504 _____ () C:\Windows\System32\Tasks\Seagate_Install_Launch
2015-03-23 07:40 - 2015-02-14 14:06 - 00003492 _____ () C:\Windows\System32\Tasks\Anthony DBAgent 2 0
2015-03-20 23:28 - 2015-02-12 23:21 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 17:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-15 19:29 - 2015-02-12 23:40 - 00000000 ____D () C:\ProgramData\Origin
2015-03-15 18:26 - 2015-02-12 23:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-15 11:22 - 2015-02-16 08:20 - 00003588 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001
2015-03-13 13:04 - 2015-02-12 13:42 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Adobe
2015-03-13 12:16 - 2015-02-16 09:34 - 00000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-03-12 08:24 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:59 - 2013-08-22 07:44 - 04996200 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 20:58 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 09:21 - 2015-02-15 15:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 09:14 - 2015-02-15 15:40 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-09 15:37 - 2015-02-16 20:50 - 00000840 _____ () C:\Users\Anthony\Desktop\Tixati.lnk
2015-03-04 14:24 - 2015-02-16 08:08 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2015-02-16 08:08 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 12:12 - 2015-02-13 15:25 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-04 12:12 - 2015-02-13 15:17 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-04 09:52 - 2015-02-13 15:22 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-04 09:41 - 2015-02-13 14:40 - 00000000 ____D () C:\ProgramData\Protexis
2015-03-03 06:17 - 2015-02-14 13:52 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-01 21:42 - 2015-02-12 17:25 - 00000000 ____D () C:\Users\Anthony\Documents\CyberLink
2015-03-01 16:30 - 2015-02-17 13:06 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-02-28 14:21 - 2015-02-13 15:24 - 00000000 ____D () C:\Program Files\Adobe
2015-02-28 14:20 - 2015-02-13 15:24 - 00001053 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-02-28 14:19 - 2015-02-13 15:22 - 00001531 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-02-28 14:16 - 2015-02-13 15:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-27 19:41 - 2015-02-12 17:27 - 00000000 ____D () C:\Users\Anthony\Documents\My Games
2015-02-26 13:57 - 2015-02-13 15:24 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-02-26 13:54 - 2015-02-13 15:23 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
 
==================== Files in the root of some directories =======
 
2015-03-13 12:26 - 2015-03-13 12:26 - 0000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-02-16 09:34 - 2015-03-13 12:16 - 0000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-03-13 13:04 - 2015-03-16 08:24 - 0001456 _____ () C:\Users\Anthony\AppData\Local\Adobe Save for Web 13.0 Prefs
 
Some content of TEMP:
====================
C:\Users\Anthony\AppData\Local\Temp\setup.exe
C:\Users\Anthony\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Anthony\AppData\Local\Temp\SpotifyUninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-22 13:13
 
==================== End Of Log ============================
 
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Anthony at 2015-03-25 18:40:10
Running from C:\Users\Anthony\Desktop\Cleaning
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
Corel Painter 13 - IPM (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 13 - IPM Content (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 (HKLM\...\_{DDB3F5F0-2583-426C-A652-8404AFF3A4D0}) (Version: 14.1.0.1105 - Corel Corporation)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2307.0 - CyberLink Corp.)
CyberLink PowerDirector 13 Content Pack Essential (HKLM-x32\...\InstallShield_{749B310F-A489-439D-9AEF-1332222F2E04}) (Version: 13 Essential - CyberLink Corp.)
CyberLink PowerDirector 13 Content Pack Premium (HKLM-x32\...\InstallShield_{9B866025-5082-4B88-8A62-F6FBBFCBBBA1}) (Version: 13 Premium - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.5 - Electronic Arts)
Evernote v. 5.8.4 (HKLM-x32\...\{C15841A6-C20A-11E4-977D-00163E98E7D6}) (Version: 5.8.4.6870 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.3.2457 (HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\GoToMeeting) (Version: 7.1.3.2457 - CitrixOnline)
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
join.me (HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\JoinMe) (Version: 1.20.0.116 - LogMeIn, Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Painter 2015 - Contentx64 (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Core (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Corex64 (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - CT (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - DE (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - EN (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - FR (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Setup Files (Version: 14.1.4 - Corel Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.0.1902.0 - Seagate)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tablet Driver V7.0 (HKLM-x32\...\TabletDriver) (Version:  - )
Tixati (HKLM-x32\...\tixati) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
X-Lite 4 (HKLM-x32\...\{1156777B-3307-4E6B-8EF5-10ED8E43D48B}) (Version: 45.7.1236 - CounterPath Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-5524059-56250828-1699871848-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anthony\AppData\Local\Citrix\GoToMeeting\2417\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Restore Points  =========================
 
04-03-2015 09:52:04 Installed Adobe Acrobat XI Pro.
09-03-2015 09:54:12 Installed Evernote v. 5.8.4
17-03-2015 08:00:25 Scheduled Checkpoint
23-03-2015 07:36:45 Installed Seagate Dashboard.
24-03-2015 13:04:13 Installed AVG 2015
24-03-2015 13:05:02 Installed AVG 2015
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {240AC5D6-E0E4-491F-93CD-779F4F59ED3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {42A057E2-DD0F-41D3-AA5F-1ADBB1D50F10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {5B559803-159F-4EFC-B332-9BF083FCD979} - System32\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001 => C:\Users\Anthony\AppData\Local\Citrix\GoToMeeting\2457\g2mupdate.exe [2015-03-15] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {64FBBF93-9C29-42C5-B54C-97A1AE9EAFEB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A12A462D-9AAD-4352-BDD1-3B98B32202F3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {DDD37BA7-6AA2-465F-9AFD-3D2FD92F97AB} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-02-13] (Seagate Technology LLC)
Task: {E2E395EB-1687-4260-891D-DA4ED92DF714} - System32\Tasks\AdobeAAMUpdater-1.0-Office-Anthony => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F83BA2DA-95A5-457A-9581-C9BC5AA46711} - System32\Tasks\Anthony DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-02-13] (Seagate Technology LLC)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001.job => C:\Users\Anthony\AppData\Local\Citrix\GoToMeeting\2457\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-07-04 22:33 - 2014-07-04 22:33 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-01-12 18:50 - 2014-01-12 18:50 - 00301888 _____ () C:\Windows\SYSTEM32\WinTab32.DLL
2015-03-20 23:28 - 2015-03-14 03:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-20 23:28 - 2015-03-14 03:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-20 23:28 - 2015-03-14 03:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-5524059-56250828-1699871848-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "DBAgent"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2AA0595218EF30A2508F1E549DA19CC6"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "Jing"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "Uploader"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "Steam"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-5524059-56250828-1699871848-500 - Administrator - Disabled)
Anthony (S-1-5-21-5524059-56250828-1699871848-1001 - Administrator - Enabled) => C:\Users\Anthony
Guest (S-1-5-21-5524059-56250828-1699871848-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/24/2015 01:56:40 PM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Installed Seagate Dashboard.).
 
Error: (03/17/2015 07:20:32 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error: (03/16/2015 06:58:04 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error: (03/15/2015 06:28:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: touchup.exe, version: 4.1.0.0, time stamp: 0x537fdb02
Faulting module name: msvcrt.dll, version: 7.0.9600.16384, time stamp: 0x52158ff5
Exception code: 0xc0000005
Fault offset: 0x00022438
Faulting process id: 0x2374
Faulting application start time: 0xtouchup.exe0
Faulting application path: touchup.exe1
Faulting module path: touchup.exe2
Report Id: touchup.exe3
Faulting package full name: touchup.exe4
Faulting package-relative application ID: touchup.exe5
 
Error: (03/15/2015 06:28:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: touchup.exe, version: 4.1.0.0, time stamp: 0x537fdb02
Faulting module name: Wpc.dll_unloaded, version: 6.3.9600.17236, time stamp: 0x53c4e04b
Exception code: 0xc00001a5
Fault offset: 0x0007074c
Faulting process id: 0x2374
Faulting application start time: 0xtouchup.exe0
Faulting application path: touchup.exe1
Faulting module path: touchup.exe2
Report Id: touchup.exe3
Faulting package full name: touchup.exe4
Faulting package-relative application ID: touchup.exe5
 
Error: (03/13/2015 08:23:46 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error: (03/12/2015 07:59:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider ProtectionManagement attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/microsoft/protectionManagement namespace does not exist. The query will be ignored.
 
Error: (03/12/2015 07:59:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/microsoft/protectionManagement namespace does not exist. The query will be ignored.
 
Error: (03/10/2015 09:01:46 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error: (03/06/2015 08:51:11 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
 
System errors:
=============
Error: (03/25/2015 04:59:32 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (03/25/2015 04:06:45 PM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (03/25/2015 04:06:15 PM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (03/25/2015 03:54:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:56:51 PM on ‎3/‎24/‎2015 was unexpected.
 
Error: (03/25/2015 03:54:22 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841084480
 
Error: (03/24/2015 08:57:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (03/24/2015 07:46:11 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (03/24/2015 06:10:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (03/24/2015 04:54:56 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (03/24/2015 00:51:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:19:50 PM on ‎3/‎24/‎2015 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (03/24/2015 01:56:40 PM) (Source: System Restore) (EventID: 8204) (User: )
Description: Installed Seagate Dashboard.
 
Error: (03/17/2015 07:20:32 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (03/16/2015 06:58:04 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (03/15/2015 06:28:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: touchup.exe4.1.0.0537fdb02msvcrt.dll7.0.9600.1638452158ff5c000000500022438237401d05f887ad8a4a9C:\PROGRA~2\ORIGIN~1\DRAGON~1\__INST~1\touchup.exeC:\Windows\SYSTEM32\msvcrt.dllbcaadb65-cb7b-11e4-8264-10c37b9b28c3
 
Error: (03/15/2015 06:28:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: touchup.exe4.1.0.0537fdb02Wpc.dll_unloaded6.3.9600.1723653c4e04bc00001a50007074c237401d05f887ad8a4a9C:\PROGRA~2\ORIGIN~1\DRAGON~1\__INST~1\touchup.exeWpc.dllbbb7d614-cb7b-11e4-8264-10c37b9b28c3
 
Error: (03/13/2015 08:23:46 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (03/12/2015 07:59:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement
 
Error: (03/12/2015 07:59:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement
 
Error: (03/10/2015 09:01:46 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (03/06/2015 08:51:11 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-8320 Eight-Core Processor 
Percentage of memory in use: 18%
Total physical RAM: 8090.15 MB
Available physical RAM: 6562.92 MB
Total Pagefile: 12954.15 MB
Available Pagefile: 10473.39 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.5 GB) (Free:961.44 GB) NTFS
Drive d: (Seagate Backup Plus Drive) (Fixed) (Total:4657.52 GB) (Free:3144.42 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 7B05F88E)
 
Partition: GPT Partition Type.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
==================== End Of Log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 26 March 2015 - 05:47 AM

goGMWSt.gifCRACKED SOFTWARE WARNING

Participating in the use of cracked/pirated/keygen software is not only illegal but also a security riskI do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their infections. I strongly recommend you refrain from participating in this activity; your computer will be repeatedly infected otherwise. Simply visiting a cracked software site can result in infection via drive-by exploits of vulnerable software.

Cracked software will make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some instances an infection may cause so much damage to your system that recovery is not possible and the only option is to reformat your Hard Drive and reinstall your Operating System. Please read the following articles for more information.

Step 1

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].

mbamv21.gif



Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


Edited by deeprybka, 26 March 2015 - 05:48 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 27 March 2015 - 07:47 PM

MBAM LOG:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/27/2015
Scan Time: 2:02:54 PM
Logfile: 
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.03.27.09
Rootkit Database: v2015.03.26.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Anthony
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 380329
Time Elapsed: 53 min, 11 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 

ESET ONLINE SCANNER LOG:

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=168d73d5fbcde9489d89572130f12431
# engine=23109
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-03-27 07:40:02
# local_time=2015-03-27 12:40:02 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 4481194 0 0
# scanned=428236
# found=7
# cleaned=0
# scan_time=52651
sh=15004530138D71F136FA48DC0C2C6255A70C368A ft=1 fh=3d9ab185c88904d3 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Anthony\Desktop\MM\FL Studio Producer Edition 11.0.0 Final - R2R [ChingLiu]\flstudio_11.exe"
sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Anthony\Downloads\ccsetup501.exe"
sh=B305BF3F7367E4A21DBF023560D34F34A789CCB5 ft=1 fh=526c59525792ad0a vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Anthony\Downloads\FreemakeAudioConverterSetup.exe"
sh=4EF4029B6E52B743855F21DAE2AE0446829B6FD3 ft=1 fh=8160d79d7f917e8d vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Anthony\Downloads\FreeYouTubeToMP3Converter(1).exe"
sh=4EF4029B6E52B743855F21DAE2AE0446829B6FD3 ft=1 fh=8160d79d7f917e8d vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Anthony\Downloads\FreeYouTubeToMP3Converter.exe"
sh=9DEF9E2A2B1C74C704A82B5413D7CEA69C57EF4F ft=0 fh=0000000000000000 vn="BAT/HostsChanger.A potentially unsafe application" ac=I fn="D:\Algernon\2-16-2015\Bay\Adobe After Effects CS4 (Final) [RH]\AAE_CS4_[RH]\Adobe After Effects CS4\ACS4MC- Keygen\Keygen (X-FORCE)\disable_activation.cmd"
sh=15004530138D71F136FA48DC0C2C6255A70C368A ft=1 fh=3d9ab185c88904d3 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="D:\Desktop\MM\FL Studio Producer Edition 11.0.0 Final - R2R [ChingLiu]\flstudio_11.exe"


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 28 March 2015 - 04:37 AM

No active malware has been found.

Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 29 March 2015 - 10:26 AM

Its a newly installed computer and ive bought the program there is an old HDD my friend gave me that has stuff on it , and how do I know what is and not pirated?



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 29 March 2015 - 10:34 AM

Adobe After Effects CS4 (Final) [RH]\AAE_CS4_[RH]\Adobe After Effects CS4\ACS4MC- Keygen\Keygen (X-FORCE)\disable_activation.cmd

However,

the computer isn't infected with Poweliks ("COM-Surrogate-Virus").


Edited by deeprybka, 29 March 2015 - 10:34 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 29 March 2015 - 11:09 AM

Where is that? So I can Delete it.



#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 29 March 2015 - 11:11 AM

I mean the related software (Adobe Photshop etc.)

But as you can see, your issue isn't related to malware.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 30 March 2015 - 12:45 PM

So What is the problem then?



#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 30 March 2015 - 12:52 PM

I don't know.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 30 March 2015 - 02:01 PM

So what happens now? Haha



#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:25 AM

Posted 30 March 2015 - 02:27 PM

We make a cleanup.

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 AlgernonTehMouse

AlgernonTehMouse
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 30 March 2015 - 03:47 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Anthony (administrator) on OFFICE on 30-03-2015 13:44:27
Running from C:\Users\Anthony\Desktop\Cleaning
Loaded Profiles: Anthony &  (Available profiles: Anthony)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\CS6\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [41280 2014-01-12] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-02-13] (Seagate Technology LLC)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [GoogleChromeAutoLaunch_2AA0595218EF30A2508F1E549DA19CC6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-02-13] (Seagate Technology LLC)
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_2AA0595218EF30A2508F1E549DA19CC6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-02-13] (Seagate Technology LLC)
Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-5524059-56250828-1699871848-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-5524059-56250828-1699871848-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Anthony\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-16] (Citrix Online)
FF Plugin HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Anthony\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-16] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-04]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-12]
CHR Extension: (Google Docs) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-12]
CHR Extension: (Google Drive) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-12]
CHR Extension: (YouTube) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-12]
CHR Extension: (Google Search) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-12]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-05]
CHR Extension: (Google Sheets) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-12]
CHR Extension: (AdBlock) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-18]
CHR Extension: (LastPass Vault) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2015-02-12]
CHR Extension: (Save to Pocket) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-12]
CHR Extension: (Gmail) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-15] (Electronic Arts)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-11-06] (CyberLink)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-02-13] (Seagate Technology LLC)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-30 11:23 - 2015-03-30 11:23 - 01192321 _____ () C:\Users\Anthony\Downloads\raleway.zip
2015-03-30 10:59 - 2015-03-30 10:59 - 00000000 ____D () C:\Users\Anthony\Desktop\graphicriver-7883083-corporate-web-ad-marketing-banners
2015-03-30 10:53 - 2015-03-30 10:44 - 01007178 _____ () C:\Users\Anthony\Desktop\graphicriver-7883083-corporate-web-ad-marketing-banners.zip
2015-03-30 10:44 - 2015-03-30 10:44 - 01007178 _____ () C:\Users\Anthony\Downloads\graphicriver-7883083-corporate-web-ad-marketing-banners.zip
2015-03-30 08:10 - 2015-03-30 08:10 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Anthony\Downloads\mbam-setup-2.1.4.1018 (3).exe
2015-03-29 08:24 - 2015-03-29 08:24 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Anthony\Downloads\mbam-setup-2.1.4.1018 (2).exe
2015-03-27 07:29 - 2015-03-27 07:31 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Anthony\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-03-26 08:36 - 2015-03-26 08:36 - 02347384 _____ (ESET) C:\Users\Anthony\Downloads\esetsmartinstaller_enu.exe
2015-03-26 08:36 - 2015-03-26 08:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-26 08:20 - 2015-03-26 08:20 - 00045652 _____ () C:\Users\Anthony\Downloads\mailed to - Sheet1 (1).csv
2015-03-26 08:18 - 2015-03-26 08:18 - 00067080 _____ () C:\Users\Anthony\Downloads\mailed to.xlsx
2015-03-26 07:36 - 2015-03-30 13:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-26 07:36 - 2015-03-26 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-26 07:35 - 2015-03-26 07:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-26 07:35 - 2015-03-26 07:35 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Anthony\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-26 07:35 - 2015-03-26 07:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-26 07:35 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-26 07:35 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-26 07:35 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-25 22:56 - 2015-03-25 22:56 - 16430492 _____ () C:\Users\Anthony\Desktop\Top 5 ways to get Patient Testimonials.psd
2015-03-25 22:12 - 2015-03-25 22:12 - 00116232 _____ () C:\Users\Anthony\Downloads\lobster.zip
2015-03-25 20:59 - 2015-03-25 20:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-25 18:38 - 2015-03-30 13:44 - 00000000 ____D () C:\FRST
2015-03-25 18:37 - 2015-03-25 18:37 - 02095616 _____ (Farbar) C:\Users\Anthony\Downloads\FRST64.exe
2015-03-25 18:34 - 2015-03-30 13:44 - 00000000 ____D () C:\Users\Anthony\Desktop\Cleaning
2015-03-25 18:34 - 2015-03-25 18:34 - 00221384 _____ (ESET) C:\Users\Anthony\Downloads\ESETPoweliksCleaner.exe
2015-03-24 13:07 - 2015-03-24 13:07 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\TuneUp Software
2015-03-24 13:02 - 2015-03-25 15:54 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-24 13:02 - 2015-03-24 13:02 - 04816784 _____ (AVG Technologies) C:\Users\Anthony\Downloads\avg_isc_stb_all_2015_ltst_206.exe
2015-03-24 13:02 - 2015-03-24 13:02 - 00000000 ____D () C:\Users\Anthony\AppData\Local\MFAData
2015-03-24 08:58 - 2015-03-24 08:58 - 00002567 _____ () C:\Users\Anthony\Desktop\GoToMeeting Quick Connect.lnk
2015-03-23 17:18 - 2015-03-23 17:19 - 00032929 _____ () C:\Users\Anthony\Downloads\mailed to - Sheet1.csv
2015-03-23 14:14 - 2015-03-23 14:14 - 00001125 _____ () C:\Users\Public\Desktop\X-Lite.lnk
2015-03-23 14:14 - 2015-03-23 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CounterPath X-Lite
2015-03-23 14:14 - 2015-03-23 14:14 - 00000000 ____D () C:\Program Files (x86)\CounterPath
2015-03-23 14:09 - 2015-03-23 14:09 - 45781544 _____ (CounterPath Corporation ) C:\Users\Anthony\Downloads\X-Lite_Win32_4.5.5._71236.exe
2015-03-23 07:39 - 2015-03-23 07:39 - 00002733 _____ () C:\Users\Public\Desktop\Seagate Dashboard.lnk
2015-03-23 07:39 - 2015-03-23 07:39 - 00000000 ____D () C:\ProgramData\Nero
2015-03-23 07:39 - 2015-03-23 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
2015-03-20 10:32 - 2015-03-20 10:32 - 00002585 _____ () C:\Users\Anthony\Downloads\Dental_Marketing_Ideas_For_Your_Practice_Transcript.txt
2015-03-20 10:32 - 2015-03-20 10:32 - 00001546 _____ () C:\Users\Anthony\Downloads\Why_Use_Us_Transcript.txt
2015-03-20 10:05 - 2015-03-20 10:05 - 00005048 _____ () C:\Users\Anthony\Downloads\envato_marketplace_statement_2015-01-01_to_2015-03-21.csv
2015-03-18 22:41 - 2015-03-18 22:41 - 00001654 _____ () C:\Users\Anthony\Desktop\The Traveller.wve
2015-03-18 22:40 - 2015-03-18 22:40 - 11444752 _____ () C:\Users\Anthony\Desktop\the traveller.wav
2015-03-18 09:23 - 2015-03-18 09:23 - 00000000 ____D () C:\Users\Anthony\Tracing
2015-03-17 10:28 - 2015-03-17 10:55 - 00000000 ____D () C:\Users\Anthony\Desktop\CL ADs
2015-03-16 07:24 - 2015-03-16 07:24 - 01652636 _____ () C:\Users\Anthony\Downloads\woocommerce.zip
2015-03-16 07:12 - 2015-03-16 07:12 - 05182704 _____ () C:\Users\Anthony\Desktop\AttendeeViewerImage006.bmp
2015-03-13 13:04 - 2015-03-26 12:15 - 00001456 _____ () C:\Users\Anthony\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-03-13 12:26 - 2015-03-13 12:26 - 00000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-03-12 17:25 - 2015-03-12 17:25 - 16899129 _____ () C:\Users\Anthony\Downloads\Manufacturing-Authority-Banners.zip
2015-03-12 10:21 - 2015-03-13 12:11 - 00000000 ____D () C:\Users\Anthony\Desktop\Manufacturing-Authority-Banners
2015-03-11 08:16 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 08:16 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 08:15 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:15 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:15 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:15 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 08:15 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 08:15 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 08:15 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 08:15 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 08:15 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 08:15 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 08:15 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 08:15 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 08:15 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 08:15 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 08:15 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 08:14 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:14 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:14 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:14 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 08:14 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:14 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:14 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:14 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:14 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:14 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:14 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:14 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:14 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 08:14 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:14 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:14 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:14 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:14 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:14 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 08:14 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:14 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:14 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:14 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 08:14 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 08:14 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 08:14 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:14 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:14 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:14 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:14 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:14 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 08:14 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 08:14 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:14 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 08:14 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:14 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:14 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:14 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:14 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:14 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:14 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:14 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:14 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:14 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 08:14 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 08:14 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 08:14 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 08:14 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 08:14 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 08:14 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 08:14 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:14 - 2015-01-29 20:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 08:14 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 08:14 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 08:14 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 08:14 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 08:14 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 08:14 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 08:14 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 08:14 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 08:14 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 08:14 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 08:14 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 08:14 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 08:14 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 08:14 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:14 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:14 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 08:14 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 08:14 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 08:14 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 08:14 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 08:14 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 08:14 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 08:14 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 08:14 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:14 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 08:14 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 08:14 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 08:14 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 08:14 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:14 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 08:14 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 08:14 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 08:14 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:14 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:14 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:14 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 08:14 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 08:14 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 08:14 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:14 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:14 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:14 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 08:14 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 08:14 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 08:14 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 08:14 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 08:14 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 08:14 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:14 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:14 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:14 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 08:14 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 08:14 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 08:14 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 08:14 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 08:14 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 08:14 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 08:14 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 08:14 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 08:14 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 08:14 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 08:14 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 08:14 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 08:14 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 08:14 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 08:14 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-09 09:55 - 2015-03-09 09:55 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Evernote
2015-03-09 09:54 - 2015-03-09 09:54 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2015-03-09 09:54 - 2015-03-09 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-03-09 09:54 - 2015-03-09 09:54 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-03-09 09:53 - 2015-03-09 09:53 - 99237384 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Anthony\Downloads\Evernote_5.8.4.6870.exe
2015-03-09 09:27 - 2015-03-09 09:27 - 14259381 _____ () C:\Users\Anthony\Downloads\Surfing.themepack
2015-03-06 11:15 - 2015-03-06 11:15 - 05894184 _____ () C:\Users\Anthony\Downloads\Lato2OFL.zip
2015-03-06 10:43 - 2015-03-06 11:26 - 74034069 _____ () C:\Users\Anthony\Desktop\LL Outside.psd
2015-03-06 10:43 - 2015-03-06 11:26 - 22096091 _____ () C:\Users\Anthony\Desktop\LL Inside.psd
2015-03-05 07:53 - 2015-03-06 10:43 - 22089829 _____ () C:\Users\Anthony\Desktop\LL Back.psd
2015-03-05 07:53 - 2015-03-05 07:53 - 73722060 _____ () C:\Users\Anthony\Desktop\LL 2.psd
2015-03-05 07:52 - 2015-03-06 09:41 - 74033803 _____ () C:\Users\Anthony\Desktop\LL Front.psd
2015-03-04 16:33 - 2015-03-04 16:33 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2015-03-04 09:54 - 2015-03-04 09:54 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002230 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002160 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-03-04 09:54 - 2015-03-04 09:54 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2015-03-04 09:44 - 2015-03-04 09:45 - 00000000 ____D () C:\Users\Anthony\Desktop\Adobe Acrobat XI
2015-03-04 09:42 - 2015-03-04 09:44 - 00000000 ____D () C:\Users\Anthony\Downloads\Adobe Acrobat XI Professional (Windows) (2)
2015-03-04 09:40 - 2015-03-04 09:40 - 01546944 _____ (arvato digital services llc) C:\Users\Anthony\Downloads\Download_Adobe_Acrobat_XI_Professional_(Windows) (1).exe
2015-03-04 09:24 - 2015-03-04 09:25 - 05881925 _____ () C:\Users\Anthony\Downloads\001_domain-name-registration (1).zip
2015-03-03 10:58 - 2015-03-03 10:58 - 00001072 _____ () C:\Users\Anthony\Desktop\join.me.lnk
2015-03-03 10:58 - 2015-03-03 10:58 - 00001072 _____ () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2015-03-03 09:51 - 2015-03-03 09:51 - 00000000 ____D () C:\Users\Anthony\AppData\Local\LogMeIn
2015-03-03 09:51 - 2015-03-03 09:51 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-03-03 09:47 - 2015-03-03 10:58 - 00000000 ____D () C:\Users\Anthony\AppData\Local\join.me
2015-03-03 09:11 - 2015-03-03 09:11 - 00187417 _____ () C:\Users\Anthony\Desktop\shepard and parker.psd
2015-03-03 09:01 - 2015-03-03 09:01 - 00000000 ____D () C:\Users\Anthony\Desktop\graphicriver-9690247-digital-mind-logo
2015-03-03 09:00 - 2015-03-03 09:00 - 03366795 _____ () C:\Users\Anthony\Desktop\graphicriver-9690247-digital-mind-logo.zip
2015-03-03 01:39 - 2015-03-03 01:39 - 29552324 _____ () C:\Users\Anthony\Downloads\audiojungle-10489465-inspiring-.zip
2015-03-02 21:57 - 2015-03-02 21:57 - 740805952 _____ () C:\Users\Anthony\Downloads\videohive-8729240-light-bulb-explosion-logo-reveal.zip
2015-03-02 08:39 - 2015-03-02 08:39 - 00000000 _____ () C:\Users\Anthony\Desktop\New Text Document.txt
2015-03-01 17:19 - 2015-03-01 17:19 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-01 17:16 - 2015-03-03 09:19 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\vlc
2015-03-01 17:10 - 2015-03-01 17:14 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\tixati
2015-03-01 17:10 - 2015-03-01 17:10 - 00020427 _____ () C:\Users\Anthony\Downloads\[kickass.to]camtasia.studio.8.3.0.build.1471.key.torrent
2015-03-01 16:30 - 2015-03-01 16:30 - 28509232 _____ () C:\Users\Anthony\Downloads\vlc-2.2.0-win32.exe
2015-02-28 17:39 - 2015-02-28 17:39 - 05489127 _____ () C:\Users\Anthony\Downloads\graphicriver-10481382-creative-corporate-trifold-brochure-vol-30.zip
2015-02-28 17:39 - 2015-02-28 17:39 - 05489127 _____ () C:\Users\Anthony\Desktop\graphicriver-10481382-creative-corporate-trifold-brochure-vol-30.zip
2015-02-28 17:39 - 2015-02-28 17:39 - 00000000 ____D () C:\Users\Anthony\Desktop\graphicriver-10481382-creative-corporate-trifold-brochure-vol-30
2015-02-28 14:38 - 2015-03-12 21:49 - 00000000 ____D () C:\Users\Anthony\Desktop\Plastic Surgeons
2015-02-28 14:29 - 2015-02-28 14:30 - 158071223 _____ () C:\Users\Anthony\Downloads\videohive-9326939-simple-slideshow.zip
2015-02-28 14:21 - 2015-02-28 14:21 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2015-02-28 14:19 - 2015-02-28 14:19 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2015-02-28 14:03 - 2015-02-28 14:03 - 00000000 ____D () C:\Users\Anthony\Desktop\Adobe CS6
2015-02-28 13:54 - 2015-02-28 14:01 - 00000000 ____D () C:\Users\Anthony\Downloads\Adobe After Effects CS6 (Windows) (2)
2015-02-28 13:54 - 2015-02-28 13:54 - 01550712 _____ (arvato digital services llc) C:\Users\Anthony\Downloads\Download_Adobe_After_Effects_CS6_(Windows) (1).exe
2015-02-28 13:48 - 2015-02-28 13:48 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Apple Computer
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-30 13:32 - 2015-02-16 08:20 - 00000588 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001.job
2015-03-30 13:29 - 2015-02-12 13:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C778EA3-B96F-44F1-ADD2-4E3DA0ED9A3C}
2015-03-30 13:26 - 2015-02-12 23:21 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-30 13:03 - 2015-02-26 22:30 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Skype
2015-03-30 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-30 12:31 - 2015-02-12 13:42 - 01907416 _____ () C:\Windows\WindowsUpdate.log
2015-03-30 08:02 - 2013-08-22 07:46 - 00028375 _____ () C:\Windows\setupact.log
2015-03-30 07:40 - 2015-02-16 08:20 - 00003588 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001
2015-03-30 07:15 - 2015-02-12 23:21 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 08:22 - 2015-02-13 15:17 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Adobe
2015-03-26 09:51 - 2015-02-12 13:47 - 00003590 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-5524059-56250828-1699871848-1001
2015-03-25 18:49 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-25 15:54 - 2015-02-12 13:37 - 00016992 _____ () C:\Windows\PFRO.log
2015-03-25 15:54 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-24 14:03 - 2013-08-22 08:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-24 13:10 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-24 11:49 - 2015-02-12 23:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-24 11:01 - 2015-02-12 13:46 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 10:56 - 2015-02-12 13:42 - 00000000 ____D () C:\Users\Anthony
2015-03-23 14:14 - 2015-02-12 14:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-23 07:40 - 2015-02-14 14:06 - 00003504 _____ () C:\Windows\System32\Tasks\Seagate_Install_Launch
2015-03-23 07:40 - 2015-02-14 14:06 - 00003492 _____ () C:\Windows\System32\Tasks\Anthony DBAgent 2 0
2015-03-20 23:28 - 2015-02-12 23:21 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-18 21:49 - 2015-02-27 17:55 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\CyberLink
2015-03-18 09:22 - 2015-02-26 22:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-18 09:22 - 2015-02-26 22:29 - 00000000 ____D () C:\ProgramData\Skype
2015-03-17 17:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-15 19:29 - 2015-02-12 23:40 - 00000000 ____D () C:\ProgramData\Origin
2015-03-15 18:26 - 2015-02-12 23:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-13 13:04 - 2015-02-12 13:42 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Adobe
2015-03-13 12:16 - 2015-02-16 09:34 - 00000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-03-12 08:24 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:59 - 2013-08-22 07:44 - 04996200 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 20:58 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 20:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 20:52 - 2015-02-26 16:32 - 00000000 ____D () C:\Users\Anthony\Desktop\Shoelace Info Graphic
2015-03-11 09:21 - 2015-02-15 15:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 09:14 - 2015-02-15 15:40 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-09 15:37 - 2015-02-16 20:50 - 00000840 _____ () C:\Users\Anthony\Desktop\Tixati.lnk
2015-03-04 14:24 - 2015-02-16 08:08 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2015-02-16 08:08 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 12:12 - 2015-02-13 15:25 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-04 12:12 - 2015-02-13 15:17 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-04 09:52 - 2015-02-13 15:22 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-04 09:41 - 2015-02-13 14:40 - 00000000 ____D () C:\ProgramData\Protexis
2015-03-03 06:17 - 2015-02-14 13:52 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 19:17 - 2015-02-27 17:27 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-01 21:42 - 2015-02-12 17:25 - 00000000 ____D () C:\Users\Anthony\Documents\CyberLink
2015-03-01 16:30 - 2015-02-17 13:06 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-02-28 14:21 - 2015-02-13 15:24 - 00000000 ____D () C:\Program Files\Adobe
2015-02-28 14:20 - 2015-02-13 15:24 - 00001053 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-02-28 14:19 - 2015-02-13 15:22 - 00001531 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-02-28 14:16 - 2015-02-13 15:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe
 
==================== Files in the root of some directories =======
 
2015-03-13 12:26 - 2015-03-13 12:26 - 0000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-02-16 09:34 - 2015-03-13 12:16 - 0000132 _____ () C:\Users\Anthony\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-03-13 13:04 - 2015-03-26 12:15 - 0001456 _____ () C:\Users\Anthony\AppData\Local\Adobe Save for Web 13.0 Prefs
 
Some content of TEMP:
====================
C:\Users\Anthony\AppData\Local\Temp\setup.exe
C:\Users\Anthony\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Anthony\AppData\Local\Temp\SpotifyUninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-22 13:13
 
==================== End Of Log ============================
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Anthony at 2015-03-30 13:45:32
Running from C:\Users\Anthony\Desktop\Cleaning
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
Corel Painter 13 - IPM (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 13 - IPM Content (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 (HKLM\...\_{DDB3F5F0-2583-426C-A652-8404AFF3A4D0}) (Version: 14.1.0.1105 - Corel Corporation)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2307.0 - CyberLink Corp.)
CyberLink PowerDirector 13 Content Pack Essential (HKLM-x32\...\InstallShield_{749B310F-A489-439D-9AEF-1332222F2E04}) (Version: 13 Essential - CyberLink Corp.)
CyberLink PowerDirector 13 Content Pack Premium (HKLM-x32\...\InstallShield_{9B866025-5082-4B88-8A62-F6FBBFCBBBA1}) (Version: 13 Premium - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.5 - Electronic Arts)
Evernote v. 5.8.4 (HKLM-x32\...\{C15841A6-C20A-11E4-977D-00163E98E7D6}) (Version: 5.8.4.6870 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.5.2491 (HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.1.5.2491 - CitrixOnline)
GoToMeeting 7.1.6.2492 (HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\GoToMeeting) (Version: 7.1.6.2492 - CitrixOnline)
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
join.me (HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\JoinMe) (Version: 1.20.0.116 - LogMeIn, Inc.)
join.me (HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\JoinMe) (Version: 1.20.0.116 - LogMeIn, Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Painter 2015 - Contentx64 (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Core (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Corex64 (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - CT (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - DE (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - EN (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - FR (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Setup Files (Version: 14.1.4 - Corel Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.0.1902.0 - Seagate)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tablet Driver V7.0 (HKLM-x32\...\TabletDriver) (Version:  - )
Tixati (HKLM-x32\...\tixati) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
X-Lite 4 (HKLM-x32\...\{1156777B-3307-4E6B-8EF5-10ED8E43D48B}) (Version: 45.7.1236 - CounterPath Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-5524059-56250828-1699871848-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anthony\AppData\Local\Citrix\GoToMeeting\2417\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Restore Points  =========================
 
09-03-2015 09:54:12 Installed Evernote v. 5.8.4
17-03-2015 08:00:25 Scheduled Checkpoint
23-03-2015 07:36:45 Installed Seagate Dashboard.
24-03-2015 13:04:13 Installed AVG 2015
24-03-2015 13:05:02 Installed AVG 2015
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {240AC5D6-E0E4-491F-93CD-779F4F59ED3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {42A057E2-DD0F-41D3-AA5F-1ADBB1D50F10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {5B559803-159F-4EFC-B332-9BF083FCD979} - System32\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001 => C:\Users\Anthony\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe [2015-03-30] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {64FBBF93-9C29-42C5-B54C-97A1AE9EAFEB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE8AB5FB-EB59-42FA-A858-D3CD79FD6F90} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {DDD37BA7-6AA2-465F-9AFD-3D2FD92F97AB} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-02-13] (Seagate Technology LLC)
Task: {E2E395EB-1687-4260-891D-DA4ED92DF714} - System32\Tasks\AdobeAAMUpdater-1.0-Office-Anthony => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F83BA2DA-95A5-457A-9581-C9BC5AA46711} - System32\Tasks\Anthony DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-02-13] (Seagate Technology LLC)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-5524059-56250828-1699871848-1001.job => C:\Users\Anthony\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-07-04 22:33 - 2014-07-04 22:33 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 07:59 - 2013-07-26 07:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-03-15 03:09 - 2012-03-15 03:09 - 00703664 _____ () C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\CIT\Plug-ins\FaceDetection\FaceDetectorTBB.dll
2014-01-12 18:50 - 2014-01-12 18:50 - 00301888 _____ () C:\Windows\SYSTEM32\WinTab32.DLL
2014-01-12 18:50 - 2014-01-12 18:50 - 00301888 _____ () C:\Windows\system32\wintab32.dll
2015-03-20 23:28 - 2015-03-14 03:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-20 23:28 - 2015-03-14 03:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-20 23:28 - 2015-03-14 03:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-20 23:28 - 2015-03-14 03:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
2012-03-09 17:26 - 2012-03-09 17:26 - 00100352 _____ () C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-5524059-56250828-1699871848-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "DBAgent"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2AA0595218EF30A2508F1E549DA19CC6"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "Jing"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "Uploader"
HKU\S-1-5-21-5524059-56250828-1699871848-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2AA0595218EF30A2508F1E549DA19CC6"
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Jing"
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Uploader"
HKU\S-1-5-21-5524059-56250828-1699871848-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-5524059-56250828-1699871848-500 - Administrator - Disabled)
Anthony (S-1-5-21-5524059-56250828-1699871848-1001 - Administrator - Enabled) => C:\Users\Anthony
Guest (S-1-5-21-5524059-56250828-1699871848-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/29/2015 08:18:28 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error: (03/27/2015 06:04:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/27/2015 06:02:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 10:01:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 10:01:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 10:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 08:38:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 08:37:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 08:36:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (03/26/2015 08:36:39 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
 
System errors:
=============
Error: (03/30/2015 07:48:09 AM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (03/30/2015 07:47:39 AM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (03/29/2015 09:28:29 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
 
Error: (03/29/2015 08:31:42 AM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (03/29/2015 08:31:12 AM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (03/27/2015 06:07:47 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
 
Error: (03/27/2015 06:44:12 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (03/27/2015 05:57:53 AM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (03/27/2015 05:57:23 AM) (Source: DCOM) (EventID: 10010) (User: Office)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (03/27/2015 04:28:50 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
 
Microsoft Office Sessions:
=========================
Error: (03/29/2015 08:18:28 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (03/27/2015 06:04:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (03/27/2015 06:02:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (03/26/2015 10:01:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (03/26/2015 10:01:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Anthony\Desktop\Cleaning\esetsmartinstaller_enu.exe
 
Error: (03/26/2015 10:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Anthony\Desktop\Cleaning\esetsmartinstaller_enu.exe
 
Error: (03/26/2015 08:38:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Anthony\Desktop\Cleaning\esetsmartinstaller_enu.exe
 
Error: (03/26/2015 08:37:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Anthony\Desktop\Cleaning\esetsmartinstaller_enu.exe
 
Error: (03/26/2015 08:36:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Anthony\Desktop\Cleaning\esetsmartinstaller_enu.exe
 
Error: (03/26/2015 08:36:39 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Anthony\Desktop\Cleaning\esetsmartinstaller_enu.exe
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-8320 Eight-Core Processor 
Percentage of memory in use: 55%
Total physical RAM: 8090.15 MB
Available physical RAM: 3610 MB
Total Pagefile: 12954.15 MB
Available Pagefile: 4490.39 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.5 GB) (Free:957.99 GB) NTFS
Drive d: (Seagate Backup Plus Drive) (Fixed) (Total:4657.52 GB) (Free:3144.42 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 7B05F88E)
 
Partition: GPT Partition Type.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
==================== End Of Log ============================





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users