Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Numerous redirects; proxy settings change


  • This topic is locked This topic is locked
12 replies to this topic

#1 daivddd

daivddd

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 02 May 2015 - 10:20 AM

I'm getting numerous Google redirects that seem various, random, and frequent.  Browser searches and window responses quite slow--long pauses when I press Enter untill a page shows, often the wrong page.  Multiple times "Use a proxy server..." in Google's LAN settings gets selected rendering internet access impossible.  I stumbled across this setting change from a Google error message when interentet access could not be had--it directed me to Settings > Advanced Settings > Network > Change Proxy Settings > LAN Setting > Use a proxy server for you LAN.  I don't use a proxy and I've never selected this choice.

 

I'd appreciate is you'd help find the cause of these problems.  This is my first Bleeping Computer post, so please tell me if I did something wrong.  Below is pasted the FRST.txt log and attached is Addition.txt.  (I'm unsure if the Addition.txt got attatched correctly, so let me know if I must try it again.)

 

Thank you,

David

 

[attachment=164413:Addition.txt]

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by David (administrator) on DAVIDSDESKTOP on 02-05-2015 07:37:44
Running from C:\Users\David\Downloads
Loaded Profiles: David (Available profiles: David & Visitor)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Free Desktop Clock\timeserv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Program Files\PerfectDisk\PDAgent.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
() C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ISW] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe [4652544 2013-06-27] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\volume.ahk.lnk [2013-08-11]
ShortcutTarget: volume.ahk.lnk -> C:\Program Files (x86)\volume.ahk ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.exe - Shortcut.lnk [2015-04-28]
ShortcutTarget: chrome.exe - Shortcut.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-04-28] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3085527945-139366052-3681144780-1000] => 127.0.0.1:8118
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC&q={searchTerms}
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC&q={searchTerms}
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC&q={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\DLLx64\SnagItBHO64.dll [2008-09-22] (TechSmith Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\SnagItBHO.dll [2008-09-22] (TechSmith Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\SnagItIEAddin.dll [2008-09-22] (TechSmith Corporation)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKU\S-1-5-21-3085527945-139366052-3681144780-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-3085527945-139366052-3681144780-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-3085527945-139366052-3681144780-1000 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ejo0j5g0.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: Sony Audio Restoration - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ejo0j5g0.default\Extensions\{CAF37501-D26C-D72F-89E5-184B145D46FE} [2015-04-28]
FF Extension: Firefox Helper - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\48ea8b2ccd6e0f909ab08cdbac8215c5 [2015-03-06]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-02-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-30]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-30]
CHR Extension: (Search by Image (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-04-30]
CHR Extension: (Mailto: for Gmail™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2015-04-30]
CHR Extension: (Faviconize Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijobgpmmkilncagclaejpjlccfhopdo [2015-04-30]
CHR Extension: (IE Tab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-04-30]
CHR Extension: (New Tab Redirect) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-04-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-27]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-27]
CHR Extension: (Stylist) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd [2015-04-30]
CHR Extension: (Wikinvest Portfolio Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpkgmnajebobcebngnagdabphfmooej [2015-04-30]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-30]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-05]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-05]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05]
CHR Extension: (Google Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-05]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - No Path Or update_url value
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-20] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtomicAlarmClock; C:\Program Files\Free Desktop Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-11-25] (CyberLink)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 PDAgent; C:\Program Files\PerfectDisk\PDAgent.exe [2610952 2011-03-15] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\PerfectDisk\PDEngine.exe [2266376 2011-03-15] (Raxco Software, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-18] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Ipswitch Scheduler; "C:\Program Files (x86)\Ipswitch\WS_FTP Server\scheduler.exe" [X]
S2 Ipswitch SSH Server; "C:\Program Files (x86)\Ipswitch\WS_FTP Server\sshserver.exe" [X]
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{DAF16854-75A9-4566-A775-B5D12FE1F288}
S3 usnjsvc; "C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cpuz135; C:\Program Files (x86)\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R3 HCW723x; C:\Windows\System32\DRIVERS\HCW723x.sys [1799552 2009-12-15] (Hauppauge Computer Works, Inc.)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-06-11] (Kaspersky Lab ZAO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RT80x86; C:\Windows\System32\DRIVERS\RT2860.sys [1883488 2010-07-21] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
U2 V2iMount; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-02 07:37 - 2015-05-02 07:38 - 00028016 _____ () C:\Users\David\Downloads\FRST.txt
2015-05-02 07:37 - 2015-05-02 07:37 - 00000000 ____D () C:\FRST
2015-05-02 07:36 - 2015-05-02 07:36 - 02101248 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2015-05-01 20:29 - 2015-05-01 20:46 - 32931840 _____ () C:\Users\David\Desktop\N5kVSKYD
2015-05-01 07:17 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-01 07:17 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-01 07:17 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-01 07:17 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-01 07:17 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-01 07:17 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-01 07:17 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-01 07:17 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-01 07:17 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-04-30 22:15 - 2015-04-30 22:16 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2015-04-30 22:15 - 2015-04-30 22:15 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-04-30 22:15 - 2015-04-30 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-04-30 22:15 - 2014-06-11 10:09 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-04-30 22:15 - 2014-06-11 10:09 - 00490592 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-04-30 22:15 - 2014-06-11 10:09 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-04-30 22:11 - 2015-04-30 22:15 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2015-04-30 21:38 - 2015-04-30 21:38 - 03402424 _____ (Check Point Software Technologies Ltd.) C:\Users\David\Downloads\zaSetupWeb_133_209_000.exe
2015-04-30 21:27 - 2015-04-30 21:27 - 14160536 _____ (Microsoft Corporation) C:\Users\David\Downloads\mseinstall.exe
2015-04-30 18:13 - 2015-05-01 11:38 - 00579400 _____ () C:\Users\David\AppData\Local\census.cache
2015-04-30 18:13 - 2015-05-01 11:38 - 00247605 _____ () C:\Users\David\AppData\Local\ars.cache
2015-04-30 15:34 - 2015-04-30 15:34 - 00061714 _____ () C:\Users\David\Downloads\regscanner.zip
2015-04-30 15:07 - 2015-04-30 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ipswitch WS_FTP 12
2015-04-30 15:07 - 2015-04-30 21:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-30 15:07 - 2015-04-30 21:18 - 00000000 ____D () C:\ProgramData\Ipswitch
2015-04-30 15:07 - 2015-04-30 21:18 - 00000000 ____D () C:\Program Files\Ipswitch
2015-04-30 15:07 - 2015-04-30 21:18 - 00000000 ____D () C:\Program Files (x86)\Ipswitch
2015-04-30 15:07 - 2015-04-30 15:07 - 00002000 _____ () C:\Users\Public\Desktop\Ipswitch WS_FTP 12.lnk
2015-04-30 15:05 - 2015-04-30 15:05 - 27686416 _____ () C:\Users\David\Downloads\wsftp12.4.1.1_English_SN63GANX02DVG42AMF640HBRM.exe
2015-04-30 14:43 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-04-30 14:35 - 2015-04-30 14:35 - 00006604 _____ () C:\Windows\system32\.crusader
2015-04-30 14:06 - 2015-04-30 14:06 - 00003168 _____ () C:\Windows\System32\Tasks\{67DBAF5A-0662-4A1F-BF30-990984231DF1}
2015-04-30 14:03 - 2015-04-30 14:03 - 00021087 _____ () C:\Users\David\Downloads\[kickass.to]hitmanpro.3.7.9.build.238.crack.s.extras.danhuk.torrent
2015-04-30 13:57 - 2015-04-30 13:57 - 00015809 _____ () C:\Users\David\Downloads\HitmanPro.torrent
2015-04-30 13:13 - 2015-04-30 13:13 - 00020316 _____ () C:\Users\David\Downloads\[kickass.to]hitman.pro.3.7.9.cracked.64.bit.danhuk.torrent
2015-04-30 13:04 - 2015-04-30 13:04 - 00171560 _____ (Jelbrus LLC) C:\Users\David\Downloads\HitmanPro_3.7.9_Build_224_(64-bit)_[XenoCoder]_[7T].exe
2015-04-30 07:33 - 2015-04-30 07:33 - 00001994 _____ () C:\Windows\DPINST.LOG
2015-04-29 19:21 - 2015-05-01 11:41 - 00000000 ____D () C:\Program Files (x86)\Alfasistem Memory
2015-04-29 19:21 - 2015-04-29 19:21 - 00003276 _____ () C:\Windows\System32\Tasks\Windows Defrag
2015-04-29 16:39 - 2015-04-29 16:39 - 00003288 _____ () C:\Windows\System32\Tasks\{B76A7A90-847E-4BC7-919F-7C65F2FDA17D}
2015-04-29 16:33 - 2015-04-29 16:33 - 00015829 _____ () C:\Users\David\Downloads\Partition Magic.torrent
2015-04-29 16:27 - 2015-04-29 16:27 - 00171560 _____ (Jelbrus LLC) C:\Users\David\Downloads\Partition_Magic_8.05_._serial.exe
2015-04-28 20:27 - 2015-04-28 20:27 - 00003156 _____ () C:\Windows\System32\Tasks\{1E79B445-B044-45E4-80B4-E4C99ED987D4}
2015-04-28 20:13 - 2015-04-28 20:13 - 00000206 _____ () C:\Users\David\Desktop\337GAMES.url
2015-04-28 20:10 - 2015-04-30 21:18 - 00000000 ____D () C:\Users\David\AppData\Local\Imvpsoft
2015-04-28 20:09 - 2015-04-30 20:53 - 00000000 ____D () C:\Users\David\AppData\Local\Ifdksoft
2015-04-28 17:55 - 2015-04-28 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2015-04-28 17:53 - 2015-04-28 17:53 - 00691576 _____ (Yahoo! Inc.) C:\Users\David\Downloads\msgr11us.exe
2015-04-28 09:30 - 2015-04-30 21:18 - 00000000 ____D () C:\Users\IPS_daivddd
2015-04-28 09:30 - 2015-04-28 09:30 - 00000020 ___SH () C:\Users\IPS_daivddd\ntuser.ini
2015-04-28 09:30 - 2015-03-07 09:01 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Local\Microsoft Help
2015-04-28 09:30 - 2015-02-19 21:54 - 00000000 ___RD () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-28 09:30 - 2015-02-19 21:54 - 00000000 ___RD () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-28 09:30 - 2015-02-19 21:54 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Roaming\TuneUp Software
2015-04-28 09:30 - 2015-02-19 21:54 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-04-28 09:30 - 2015-02-19 21:54 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Roaming\Macromedia
2015-04-28 09:30 - 2015-02-10 08:47 - 01706800 _____ (Microsoft Corporation) C:\Windows\gdiplus.dll
2015-04-28 09:30 - 2015-02-10 08:47 - 01060864 _____ (Microsoft Corporation) C:\Windows\MFC71.dll
2015-04-28 09:30 - 2015-02-10 08:47 - 00499712 _____ (Microsoft Corporation) C:\Windows\msvcp71.dll
2015-04-28 09:30 - 2015-02-10 08:47 - 00348160 _____ (Microsoft Corporation) C:\Windows\msvcr71.dll
2015-04-28 09:30 - 2014-01-03 17:02 - 00001974 _____ () C:\Users\IPS_daivddd\Desktop\ib.lnk
2015-04-28 09:30 - 2013-03-02 10:40 - 00002141 _____ () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2015-04-28 09:30 - 2011-04-19 11:32 - 00001974 _____ () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk
2015-04-28 09:29 - 2015-04-29 18:07 - 00000000 ____D () C:\Program Files (x86)\PostgreSQL
2015-04-28 09:29 - 2015-04-28 11:51 - 02617990 _____ () C:\Windows\SysWOW64\PostgreSQL.log
2015-04-28 09:28 - 2015-04-28 11:51 - 00217962 _____ () C:\log.log
2015-04-28 09:22 - 2015-04-29 17:16 - 00001819 _____ () C:\Windows\SysWOW64\WS_FTP_Install.LOG
2015-04-27 11:56 - 2015-04-27 11:56 - 00003406 _____ () C:\Windows\System32\Tasks\{8F8E29C4-01B4-420C-927B-2F927480E1E2}
2015-04-27 11:55 - 2015-04-27 11:55 - 00000000 ____D () C:\Windows\system32\Drivers\NBRTWizardx64
2015-04-27 11:55 - 2015-04-27 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
2015-04-27 11:55 - 2015-04-27 11:55 - 00000000 ____D () C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2015-04-27 11:52 - 2015-04-30 21:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-04-27 11:52 - 2015-04-28 12:03 - 00001383 _____ () C:\Users\David\Desktop\Norton Installation Files.lnk
2015-04-27 11:52 - 2015-04-27 11:52 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-04-27 09:14 - 2015-04-27 09:14 - 00000000 ____D () C:\Program Files (x86)\4066e076-67da-4a36-9b31-9ca5a84f9258
2015-04-27 09:03 - 2015-04-27 09:15 - 00001181 _____ () C:\Users\David\Desktop\Norton Ghost.lnk
2015-04-27 09:03 - 2015-04-27 09:03 - 00262144 _____ () C:\Windows\system32\config\elam
2015-04-26 08:06 - 2015-03-13 20:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-26 08:06 - 2015-03-13 20:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-26 08:06 - 2015-03-13 20:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-26 08:06 - 2015-03-13 20:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-04-26 08:06 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-26 08:06 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-24 20:40 - 2015-04-30 09:39 - 00007849 ____H () C:\Windows\SysWOW64\BTImages.dat
2015-04-24 19:12 - 2015-04-24 19:12 - 00000000 ____D () C:\Users\David\Documents\ForceField Shared Files
2015-04-24 18:36 - 2015-04-24 18:36 - 00000000 ____D () C:\Users\David\AppData\Local\Apple Computer
2015-04-23 12:56 - 2015-04-23 12:56 - 00000000 ____D () C:\Users\David\AppData\Local\Skype
2015-04-22 12:07 - 2015-04-22 12:15 - 00000000 ____D () C:\Users\David\Downloads\wifiinfoview
2015-04-22 10:34 - 2015-04-22 10:34 - 00002012 _____ () C:\Program Files (x86)\Desktop.lnk
2015-04-18 20:15 - 2015-04-18 20:15 - 00000000 ____D () C:\Users\David\AppData\Local\Apple
2015-04-15 17:06 - 2015-05-02 07:23 - 00000000 ____D () C:\Users\David\AppData\Local\Adobe
2015-04-15 07:49 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 07:49 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:49 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:49 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:49 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:49 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:49 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:49 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:49 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:49 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:49 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:49 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:49 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:49 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:49 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:49 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 07:49 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 07:49 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:49 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 07:49 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 07:49 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 07:49 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 07:49 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 07:49 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 07:49 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 07:49 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 07:49 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 07:49 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 07:49 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 07:49 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 07:49 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 07:49 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 07:49 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 07:49 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 07:49 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 07:49 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 07:49 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 07:49 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 07:49 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 07:49 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 07:49 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 07:49 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 07:49 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:49 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:49 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:49 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 07:49 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 07:49 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 07:49 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:49 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 07:49 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 07:49 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:49 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 07:49 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 07:49 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 07:49 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 07:49 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 07:49 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 07:49 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 07:49 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:49 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 07:49 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 07:49 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 07:49 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 07:49 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 07:49 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 07:49 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 07:49 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 07:49 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 07:49 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 07:49 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:49 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 07:49 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 07:49 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 07:49 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 07:49 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 07:49 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 07:49 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 07:49 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 07:49 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 07:49 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:49 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 07:49 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 07:49 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 07:49 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 07:49 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:49 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 07:49 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 07:49 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 07:49 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:49 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:49 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 07:49 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 07:49 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 07:49 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 07:49 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:49 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 07:49 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 07:49 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 07:49 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 07:49 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 07:49 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 17:27 - 2015-04-30 21:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\Free Desktop Clock 3
2015-04-14 17:27 - 2015-04-14 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Desktop Clock
2015-04-14 17:27 - 2015-04-14 17:27 - 00000000 ____D () C:\Program Files\Free Desktop Clock
2015-04-14 16:54 - 2015-04-14 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skin Clock
2015-04-14 16:53 - 2015-04-14 16:53 - 00000000 ____D () C:\Users\David\Downloads\skinclock-1_7
2015-04-14 16:42 - 2015-04-14 16:42 - 00002980 _____ () C:\Windows\System32\Tasks\{2BF7459B-D73E-467B-9B10-E55896AA9863}
2015-04-14 13:29 - 2015-04-14 13:29 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 12:28 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 12:28 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 12:28 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 12:28 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 12:28 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 12:28 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 12:28 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 12:27 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 11:15 - 2015-05-01 08:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Ipswitch
2015-04-06 19:39 - 2015-04-30 21:18 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 19:39 - 2015-04-06 19:39 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 11:40 - 2015-04-04 12:23 - 00000000 ____D () C:\Users\David\Downloads\Ares
2015-04-04 10:13 - 2015-04-04 10:14 - 00068440 _____ () C:\Users\David\Documents\Anything Goes.mp3.sfk
2015-04-04 09:33 - 2015-04-04 09:33 - 00000000 __SHD () C:\Users\David\AppData\Local\EmieBrowserModeList
2015-04-03 21:55 - 2015-04-03 21:55 - 00002644 _____ () C:\Users\David\Documents\Register Sound Forge.htm
2015-04-03 21:27 - 2015-04-03 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sound Forge Pro 10.0
2015-04-03 20:30 - 2015-04-03 20:30 - 00002644 _____ () C:\Users\David\Documents\Регистрация Sound Forge Pro.htm
2015-04-03 16:55 - 2015-04-03 17:25 - 00002592 _____ () C:\Users\David\Documents\Register Sound Forge Audio Studio.htm
2015-04-02 12:53 - 2015-04-05 12:01 - 00002524 _____ () C:\Users\David\Documents\Register Sound Forge Pro.htm
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-02 07:29 - 2014-11-12 11:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 07:21 - 2009-07-13 21:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 07:21 - 2009-07-13 21:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 07:19 - 2014-12-19 00:07 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 07:19 - 2014-08-12 15:59 - 00907308 _____ () C:\Windows\system32\perfh00A.dat
2015-05-02 07:19 - 2014-08-12 15:59 - 00203496 _____ () C:\Windows\system32\perfc00A.dat
2015-05-02 07:19 - 2009-07-13 22:13 - 02041672 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-02 07:17 - 2015-02-19 21:06 - 01434800 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 07:14 - 2014-12-19 00:07 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 07:13 - 2015-02-25 16:37 - 01079244 _____ () C:\Windows\setupact.log
2015-05-02 07:13 - 2015-02-23 10:24 - 00000200 _____ () C:\Windows\Tasks\AutoKMS.job
2015-05-02 07:13 - 2014-10-24 14:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDavid.job
2015-05-02 07:13 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 07:12 - 2015-02-19 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-01 16:22 - 2015-02-23 10:24 - 00000202 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2015-05-01 14:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-01 14:39 - 2014-09-12 14:18 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDavid
2015-05-01 14:39 - 2013-04-25 06:31 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-01 14:38 - 2013-04-25 06:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\HP Support Assistant
2015-05-01 14:38 - 2012-10-06 20:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\HpUpdate
2015-05-01 13:49 - 2015-03-01 12:25 - 00003710 _____ () C:\Windows\DtcInstall.log
2015-05-01 09:50 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-01 09:29 - 2012-10-12 12:14 - 00000000 ____D () C:\Users\David\Security
2015-05-01 08:48 - 2014-12-03 14:05 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2015-05-01 08:22 - 2015-02-26 20:10 - 00000010 _____ () C:\Users\David\AppData\Local\sponge.last.runtime.cache
2015-04-30 22:09 - 2015-02-25 16:37 - 00162272 _____ () C:\Windows\PFRO.log
2015-04-30 21:39 - 2013-09-09 11:29 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-04-30 21:24 - 2015-02-19 21:12 - 00000000 ____D () C:\Users\David
2015-04-30 21:18 - 2015-02-19 21:13 - 00000000 ____D () C:\Users\David\Backups
2015-04-30 21:18 - 2015-02-19 21:12 - 00000000 ____D () C:\Users\Visitor
2015-04-30 21:18 - 2013-04-15 21:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2015-04-30 21:18 - 2012-09-29 07:39 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-04-30 21:18 - 2011-04-19 11:41 - 00000000 ____D () C:\ProgramData\Norton
2015-04-30 21:18 - 2011-04-19 11:35 - 00000000 ____D () C:\ProgramData\RoxioNow
2015-04-30 20:17 - 2012-09-29 10:53 - 00033528 _____ () C:\Users\David\Documents\ToDo.xlsx
2015-04-30 14:03 - 2015-03-17 22:17 - 00000000 ____D () C:\Users\David\Downloads\µTorrent
2015-04-30 12:50 - 2015-02-22 19:20 - 00000000 ____D () C:\AdwCleaner
2015-04-30 07:32 - 2013-01-02 07:26 - 00000000 ____D () C:\ProgramData\Skype
2015-04-29 18:32 - 2011-04-19 11:28 - 00000000 ____D () C:\ProgramData\Temp
2015-04-28 21:00 - 2012-09-29 09:29 - 00000000 ____D () C:\Windows\pss
2015-04-28 11:36 - 2011-04-19 11:24 - 00000000 ___HD () C:\Program Files (x86)\ToDELETE--InstallShield Installation Information
2015-04-27 16:35 - 2012-09-29 07:43 - 00000000 ____D () C:\Users\David\AppData\Roaming\CheckPoint
2015-04-27 16:02 - 2012-09-29 10:53 - 00000000 ____D () C:\Users\David\Documents\Fitness
2015-04-27 13:07 - 2014-04-10 14:59 - 00015014 ____H () C:\Users\David\Documents\~WRL0004.tmp
2015-04-27 12:49 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-27 11:56 - 2014-10-31 15:08 - 00000000 ____D () C:\Program Files (x86)\Norton Ghost
2015-04-27 11:53 - 2012-10-01 10:56 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-04-27 11:17 - 2015-03-09 09:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-27 10:14 - 2014-01-03 18:19 - 00000578 __RSH () C:\ProgramData\ntuser.pol
2015-04-27 09:37 - 2014-11-24 16:38 - 00000000 ____D () C:\Users\David\AppData\Roaming\Opera Software
2015-04-27 09:37 - 2014-11-24 16:38 - 00000000 ____D () C:\Users\David\AppData\Local\Opera Software
2015-04-27 09:37 - 2014-11-24 16:37 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-27 09:16 - 2014-10-31 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Ghost
2015-04-27 09:15 - 2014-10-31 15:39 - 00001181 _____ () C:\Users\Visitor\Desktop\Norton Ghost.lnk
2015-04-27 09:15 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-04-27 09:14 - 2013-09-13 16:45 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-26 14:31 - 2013-01-02 07:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2015-04-26 08:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-24 21:48 - 2012-09-29 07:58 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-24 12:00 - 2015-03-04 13:00 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2015-04-23 08:23 - 2012-10-01 10:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-23 08:23 - 2012-10-01 10:43 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-20 14:49 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-04-20 13:48 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-20 13:48 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2015-04-20 13:39 - 2012-10-20 12:38 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-19 12:59 - 2012-10-02 12:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\TeamViewer
2015-04-18 15:07 - 2014-09-14 19:04 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
2015-04-16 21:04 - 2015-02-25 16:37 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-16 21:04 - 2014-10-21 16:53 - 00001908 _____ () C:\Windows\diagwrn.xml
2015-04-16 21:04 - 2014-10-21 16:53 - 00001908 _____ () C:\Windows\diagerr.xml
2015-04-15 17:19 - 2013-05-06 15:04 - 00000021 _____ () C:\Windows\SurCode.INI
2015-04-15 17:19 - 2011-07-12 05:49 - 00000000 ___HD () C:\Users\David\AppData\Local\i1VqavrmfKyW
2015-04-15 17:19 - 2011-01-27 19:59 - 00000000 ___HD () C:\Users\David\AppData\Local\VCHl52fb
2015-04-15 08:40 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 07:56 - 2015-02-21 21:12 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 07:56 - 2014-04-23 10:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 07:55 - 2012-09-29 11:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:53 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2015-04-14 21:55 - 2015-02-19 21:11 - 02020752 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 21:55 - 2013-07-21 11:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 21:48 - 2015-02-21 12:59 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 17:30 - 2012-09-29 13:44 - 00000000 ____D () C:\Program Files (x86)\Chameleon Clock
2015-04-14 16:54 - 2014-03-31 10:24 - 00000000 ____D () C:\Program Files (x86)\skinclock
2015-04-14 16:36 - 2012-09-29 13:49 - 00000000 ____D () C:\Users\David\Documents\Chameleon Clock Backup
2015-04-14 13:29 - 2014-06-13 07:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 13:29 - 2012-09-29 10:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 13:29 - 2012-09-29 10:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 13:47 - 2014-04-21 14:25 - 00000000 ____D () C:\Users\David\AppData\Local\IE Tab
2015-04-06 14:24 - 2013-08-06 08:45 - 00000638 _____ () C:\Program Files (x86)\volume.ahk
2015-04-05 11:58 - 2015-03-28 13:11 - 00000000 ____D () C:\ProgramData\Sony
2015-04-05 11:58 - 2012-10-01 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-04-05 11:57 - 2012-10-01 19:07 - 00000000 ____D () C:\Users\David\AppData\Roaming\Sony
2015-04-04 09:33 - 2014-09-28 10:29 - 00000000 __SHD () C:\Users\David\AppData\Local\EmieUserList
2015-04-04 09:33 - 2014-09-28 10:29 - 00000000 __SHD () C:\Users\David\AppData\Local\EmieSiteList
2015-04-03 21:56 - 2012-09-29 07:06 - 00000000 ____D () C:\Users\David\AppData\Local\VirtualStore
2015-04-03 21:55 - 2012-10-17 20:12 - 00000000 ____D () C:\Users\David\AppData\Local\Sony
2015-04-03 21:49 - 2012-10-01 19:09 - 00000000 ____D () C:\Program Files (x86)\VSTplugins
2015-04-03 21:48 - 2012-10-01 19:05 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-03 10:57 - 2015-02-21 13:01 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-04-02 16:14 - 2013-01-25 12:31 - 00000000 ____D () C:\Program Files (x86)\Audials 9
2015-04-02 13:51 - 2013-10-15 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-04-02 13:51 - 2013-07-08 17:41 - 00000000 ____D () C:\Program Files (x86)\3RVX
2015-04-02 13:51 - 2012-10-01 13:22 - 00000000 ____D () C:\ProgramData\RapidSolution
 
==================== Files in the root of some directories =======
 
2012-10-01 11:28 - 2012-10-01 11:28 - 0050688 _____ (Atribune.org) C:\Program Files\ATF-Cleaner.exe
2013-07-22 12:02 - 2013-07-22 12:02 - 1898001 _____ () C:\Program Files\MGtools.exe
2013-07-21 15:33 - 2013-07-21 15:33 - 0347424 _____ (Microsoft Corporation) C:\Program Files\MicrosoftFixit.ProgramInstallUninstall.RNP.150297876445938925.3.2.Run.exe
2013-07-22 11:52 - 2013-07-22 11:52 - 3778560 _____ () C:\Program Files\RogueKillerX64.exe
2013-07-22 11:58 - 2013-07-22 11:58 - 2237968 _____ (Kaspersky Lab ZAO) C:\Program Files\tdsskiller.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0541536 _____ (Igor Pavlov) C:\Program Files (x86)\7za.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0797184 _____ () C:\Program Files (x86)\ac3filter.ax
2008-09-22 01:31 - 2008-09-22 01:31 - 0107848 _____ (TechSmith Corporation) C:\Program Files (x86)\AccessoryInstaller.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0124344 _____ () C:\Program Files (x86)\akrip32.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0448864 _____ () C:\Program Files (x86)\ArtistBrowserDataModel.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0488288 _____ (RapidSolution Software AG) C:\Program Files (x86)\Audials.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0443744 _____ () C:\Program Files (x86)\AudialsGUI.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 4839264 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudialsKernel.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0623968 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudialsPlayer.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0374624 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudialsShellExtension.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 8632672 _____ () C:\Program Files (x86)\AudialsStarter.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1175552 _____ () C:\Program Files (x86)\audialsTV.msi
2011-05-18 13:04 - 2011-05-18 13:04 - 0527712 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudioCutterCore.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0894816 _____ (RapidSolution Software) C:\Program Files (x86)\AudioCutterU.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 3294560 _____ (RapidSolution Software AG) C:\Program Files (x86)\AutoRip.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0537440 _____ (RapidSolution Software AG) C:\Program Files (x86)\autotag.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0000554 _____ () C:\Program Files (x86)\avifix.reg
2011-05-18 13:04 - 2011-05-18 13:04 - 0046944 _____ (RapidSolution Software) C:\Program Files (x86)\AxisU.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0095072 _____ (Microsoft) C:\Program Files (x86)\BuyNow.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0856928 _____ (RapidSolution Software AG) C:\Program Files (x86)\CallUninstallSurvey.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0643424 _____ (RapidSolution Software AG) C:\Program Files (x86)\Capture.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0017245 _____ () C:\Program Files (x86)\comreadme.doc
2011-05-18 13:04 - 2011-05-18 13:04 - 2660704 _____ (RapidSolution Software AG) C:\Program Files (x86)\ConvertFiles.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0044896 _____ () C:\Program Files (x86)\CrashHandlerNET.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0067424 _____ () C:\Program Files (x86)\CrashRpt.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0557408 _____ () C:\Program Files (x86)\CrashSender.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1080160 _____ (Microsoft Corporation) C:\Program Files (x86)\dbghelp.dll
2015-04-22 10:34 - 2015-04-22 10:34 - 0002012 _____ () C:\Program Files (x86)\Desktop.lnk
2011-05-18 13:04 - 2011-05-18 13:04 - 2959376 _____ (Microsoft Corporation) C:\Program Files (x86)\dotnetfx35setup.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0975200 _____ (RapidSolution Software AG) C:\Program Files (x86)\DotNetPrerequisiteChecker.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0370016 _____ (RapidSolution Software AG) C:\Program Files (x86)\DownloadManager.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0000128 _____ () C:\Program Files (x86)\dsblacklist.txt
2011-05-18 13:04 - 2011-05-18 13:04 - 2336096 _____ (RapidSolution Software AG) C:\Program Files (x86)\EncodingBackend.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0439648 _____ (RapidSolution Software AG) C:\Program Files (x86)\EncodingProfiles.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 7403360 _____ () C:\Program Files (x86)\ffmpeg.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0039264 _____ () C:\Program Files (x86)\ffmpegrunner.exe
2001-09-05 21:00 - 2001-09-05 21:00 - 1700352 _____ (Microsoft Corporation) C:\Program Files (x86)\gdiplus.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0538464 _____ (RapidSolution Software AG) C:\Program Files (x86)\GlobalPlayer.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0996192 _____ (RapidSolution Software AG) C:\Program Files (x86)\ImportA4Settings.exe
2008-09-22 01:30 - 2008-09-22 01:30 - 0027792 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfbmp15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0024720 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfcal15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0390496 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfcmp15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0025232 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfeps15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0103776 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lffax15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0033424 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfgif15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0030352 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfica15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0014992 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfimg15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0066192 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfjbg15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0013968 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfmsp15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0064656 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpct15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0021136 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpcx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0126096 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpng15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0056464 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpsd15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0016016 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfras15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0011920 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfraw15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0018576 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lftga15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0152928 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lftif15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0015504 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfwfx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0025744 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfwmf15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0015504 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfwpg15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0013431 _____ () C:\Program Files (x86)\License.txt
2011-05-18 13:04 - 2011-05-18 13:04 - 0641376 _____ (RapidSolution Software AG) C:\Program Files (x86)\LivePlay.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 2496352 _____ (RapidSolution Software AG) C:\Program Files (x86)\LongAudioStreamCutter.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 1715344 _____ (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltclr15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0267616 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltdis15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0257168 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltefx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0189792 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltfil15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0212112 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgclr15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0357728 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgcor15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0208016 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgefx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0134288 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgutl15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0488800 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltkrn15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0138384 _____ (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltscr15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0122000 _____ (LEAD Technologies, Inc.) C:\Program Files (x86)\Lttwn15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0265368 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lvkrn15u.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0065024 _____ () C:\Program Files (x86)\lzma.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0031584 _____ () C:\Program Files (x86)\ManagedInterfaces.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0623968 _____ (RapidSolution Software AG) C:\Program Files (x86)\MetaWeb.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 1101824 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc80.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0040960 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80CHS.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0045056 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80CHT.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0065536 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80DEU.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0057344 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80ENU.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80ESP.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80FRA.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80ITA.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80JPN.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80KOR.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 1093120 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc80u.dll
2013-04-10 10:53 - 2013-04-10 10:53 - 1898001 _____ () C:\Program Files (x86)\MGtools.exe
2008-09-22 00:02 - 2008-09-22 00:02 - 0001869 _____ () C:\Program Files (x86)\Microsoft.VC80.CRT.manifest
2008-09-22 00:02 - 2008-09-22 00:02 - 0002371 _____ () C:\Program Files (x86)\Microsoft.VC80.MFC.manifest
2008-09-22 00:02 - 2008-09-22 00:02 - 0001240 _____ () C:\Program Files (x86)\Microsoft.VC80.MFCLOC.manifest
2011-05-18 13:04 - 2011-05-18 13:04 - 0059232 _____ () C:\Program Files (x86)\MiniProfilerNET.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 8371712 _____ () C:\Program Files (x86)\mjpeg.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0897888 _____ (RapidSolution Software AG) C:\Program Files (x86)\MoKernel.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1717088 _____ (RapidSolution Software AG) C:\Program Files (x86)\MOP.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0097632 _____ (RapidSolution Software AG) C:\Program Files (x86)\MP3Normalizer.exe
2008-09-22 00:02 - 2008-09-22 00:02 - 0548864 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp80.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr80.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1736544 _____ (RapidSolution Software AG) C:\Program Files (x86)\MusicFinder.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1511264 _____ (RapidSolution Software AG) C:\Program Files (x86)\OptionsDlg.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0509280 _____ () C:\Program Files (x86)\PluginsManager.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1921888 _____ (RapidSolution Software AG) C:\Program Files (x86)\Podcasts.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1389920 _____ (RapidSolution Software AG) C:\Program Files (x86)\PostProcessing.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0019521 _____ () C:\Program Files (x86)\Readme.txt
2011-05-18 13:04 - 2011-05-18 13:04 - 0194912 _____ (RapidSolution Software) C:\Program Files (x86)\Restarter.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1864032 _____ (RapidSolution Software) C:\Program Files (x86)\RingtoneCreator.dll
2013-04-10 11:01 - 2013-04-10 11:01 - 0791040 _____ () C:\Program Files (x86)\RogueKillerX64.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0048480 _____ () C:\Program Files (x86)\RSControls.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1134432 _____ (RapidSolution Software AG) C:\Program Files (x86)\RSDriverManager.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0002158 _____ () C:\Program Files (x86)\RSDriverManager_AU.ini
2011-05-18 13:04 - 2011-05-18 13:04 - 1503584 _____ (RapidSolution Software AG) C:\Program Files (x86)\RsOfa.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1086304 _____ (RapidSolution Software AG) C:\Program Files (x86)\RSTagLib.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1431904 _____ (RapidSolution Software AG) C:\Program Files (x86)\SearchMusic.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0277344 _____ (RapidSolution Software AG) C:\Program Files (x86)\SetupFinalizer.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0807776 _____ (RapidSolution Software AG) C:\Program Files (x86)\SharedResources.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0027976 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagAA.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0104776 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagAA64.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0089688 _____ () C:\Program Files (x86)\SnagAdd.chm
2008-09-22 01:31 - 2008-09-22 01:31 - 0030536 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagDx.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0136008 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagDX64.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0020808 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagEx.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0092488 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagEx64.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0019968 _____ () C:\Program Files (x86)\SnagIt Add-in.dot
2008-09-22 01:30 - 2008-09-22 01:30 - 4088649 _____ () C:\Program Files (x86)\SnagIt.chm
2008-09-22 01:31 - 2008-09-22 01:31 - 6825288 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagIt32.exe
2008-09-22 01:30 - 2008-09-22 01:30 - 0117142 ____R () C:\Program Files (x86)\SnagItAccessories.ico
2008-09-22 01:31 - 2008-09-22 01:31 - 0025928 _____ () C:\Program Files (x86)\SnagItADMgr.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0066888 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItBHO.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 7335240 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItEditor.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 4511048 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItEditorRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0079176 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItET.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0226632 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItFramePlugin.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0066888 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItFramePluginRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0161096 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItIEAddin.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0116040 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItIEAddinRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0341320 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItOfficeAddin.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0116040 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItOfficeAddinRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0066888 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPI.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 0072520 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPI64.exe
2008-09-22 01:30 - 2008-09-22 01:30 - 0049334 ____R () C:\Program Files (x86)\SnagitProfiles.ico
2008-09-22 01:31 - 2008-09-22 01:31 - 0398664 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPt.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0464200 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPt64.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 2860360 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0087368 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItShellExt.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0029512 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItShellExtRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0083272 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItUtl.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0075080 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagPriv.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 0185672 _____ (TechSmith Corporation) C:\Program Files (x86)\SNAGTXNT.DLL
2008-09-22 01:31 - 2008-09-22 01:31 - 0109896 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagTxNT64.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0042848 _____ () C:\Program Files (x86)\SoundHook.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_mediaraptor.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_radiograbber.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_radiotracker.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_tunebite.bmp
2008-09-22 01:31 - 2008-09-22 01:31 - 0060232 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlcecompact35.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0139080 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlceer35EN.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0139592 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlceoledb35.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0563528 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlceqp35.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0308552 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlcese35.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0375136 _____ () C:\Program Files (x86)\SQLite3.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0543584 _____ () C:\Program Files (x86)\StreamingClient.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0395104 _____ (RapidSolution Software AG) C:\Program Files (x86)\StreamRecorder.dll
2013-03-23 18:27 - 2013-03-23 18:27 - 23909328 _____ (SUPERAntiSpyware.com) C:\Program Files (x86)\SUPERAntiSpyware.exe
2013-04-10 10:46 - 2013-04-10 10:46 - 2237968 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\tdsskiller.exe
2008-09-22 00:02 - 2008-09-22 00:02 - 0027991 _____ () C:\Program Files (x86)\template.swf
2011-05-18 13:04 - 2011-05-18 13:04 - 0084901 _____ () C:\Program Files (x86)\TestAudio.wma
2008-09-22 01:31 - 2008-09-22 01:31 - 0054600 _____ (TechSmith Corporation) C:\Program Files (x86)\TscHelp.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 0143176 _____ () C:\Program Files (x86)\TSMSIhlp.EXE
2011-05-18 13:04 - 2011-05-18 13:04 - 0035168 _____ ( RapidSolution Software AG) C:\Program Files (x86)\TunebiteHelper.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0586080 _____ (RapidSolution Software AG) C:\Program Files (x86)\update.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0989536 _____ (RapidSolution Software AG) C:\Program Files (x86)\USBUnplugMonitor.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0252768 _____ (RapidSolution Software AG) C:\Program Files (x86)\VCredistSmartChecker.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0213344 _____ (TODO: <Company name>) C:\Program Files (x86)\VCRedistSmartCheckerDll.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 4485976 _____ (Microsoft Corporation) C:\Program Files (x86)\vcredist_x86.exe
2013-12-28 22:22 - 2013-12-28 22:22 - 0000000 _____ () C:\Program Files (x86)\vocab.exe
2013-12-28 22:05 - 2013-12-28 21:27 - 0002098 _____ () C:\Program Files (x86)\Vocabulary - Copy.lnk
2013-12-28 21:23 - 2013-12-28 21:27 - 0002098 _____ () C:\Program Files (x86)\Vocabulary.lnk
2013-08-06 08:45 - 2015-04-06 14:24 - 0000638 _____ () C:\Program Files (x86)\volume.ahk
2011-05-18 13:04 - 2011-05-18 13:04 - 0078176 _____ (Microsoft) C:\Program Files (x86)\WPFSkinParser.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0505696 _____ (Microsoft Corp.) C:\Program Files (x86)\WPFToolkit.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0430760 _____ (Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com) C:\Program Files (x86)\XceedZip.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0118112 _____ (PJ Naughter) C:\Program Files (x86)\XTaskDialog.dll
2014-01-24 09:05 - 2014-01-24 09:05 - 0000162 ____H () C:\Program Files (x86)\~$agIt Add-in.dot
2015-03-03 13:00 - 2015-03-03 13:00 - 0000000 _____ () C:\Users\David\AppData\Roaming\6137.tmp
2013-04-25 13:49 - 2015-03-08 11:50 - 0000132 _____ () C:\Users\David\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-04-01 20:59 - 2015-03-29 13:12 - 0000132 _____ () C:\Users\David\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-28 12:02 - 2015-03-28 12:02 - 0009662 _____ () C:\Users\David\AppData\Roaming\em_64x64.ico
2012-09-29 15:08 - 2012-09-29 15:10 - 0000553 _____ () C:\Users\David\AppData\Roaming\FreeDesktopClock.ini
2013-12-30 07:59 - 2013-12-30 07:59 - 0000101 _____ () C:\Users\David\AppData\Roaming\WB.CFG
2015-04-30 18:13 - 2015-05-01 11:38 - 0247605 _____ () C:\Users\David\AppData\Local\ars.cache
2015-04-30 18:13 - 2015-05-01 11:38 - 0579400 _____ () C:\Users\David\AppData\Local\census.cache
2015-02-26 20:00 - 2015-02-26 20:00 - 0000036 _____ () C:\Users\David\AppData\Local\housecall.guid.cache
2015-02-26 20:10 - 2015-05-01 08:22 - 0000010 _____ () C:\Users\David\AppData\Local\sponge.last.runtime.cache
 
Files to move or delete:
====================
C:\ProgramData\RegistryReviver.exe
C:\Users\David\setup.exe
 
 
Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\A1AC.tmp.exe
C:\Users\David\AppData\Local\Temp\tasks.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-24 09:22
 
==================== End Of Log ============================


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:08 AM

Posted 03 May 2015 - 04:25 AM

Hi David & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Please post the Addition.txt as well. :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 daivddd

daivddd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 03 May 2015 - 02:04 PM

Hi [/size]Jürgen!  I replied once but got a notice it failed.  I apologize if this is a duplicate.  I thought I saw to attatch the Addition.txt.  This will be a good test to see if I know how to reply and post accompanying items.  Below is Addition.txt.
 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by David at 2015-05-02 07:38:58
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3085527945-139366052-3681144780-500 - Administrator - Disabled)
David (S-1-5-21-3085527945-139366052-3681144780-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-3085527945-139366052-3681144780-501 - Limited - Disabled)
Visitor (S-1-5-21-3085527945-139366052-3681144780-1002 - Limited - Enabled) => C:\Users\Visitor
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Active@ UNDELETE (HKLM-x32\...\{64B408B8-068B-4EE0-B16C-658A24E75B8B}) (Version: 7.3.3 - Active Data Recovery Software)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
Ares 2.1.8 (HKLM-x32\...\Ares) (Version: 2.1.8-Build#3042 - Ares Development Group)
Audials (HKLM-x32\...\{249C7D7F-96D7-4C5B-A64F-AFB26BE777C1}) (Version: 8.0.49702.200 - RapidSolution Software AG)
Audials (HKLM-x32\...\{BFCD8790-CBEE-485F-B151-BAA6B21D1CA0}) (Version: 9.1.31900.0 - Audials AG)
Audials TV (HKLM-x32\...\{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}) (Version: 1.3.10803.300 - RapidSolution Software AG)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
AVG 2013 (Version: 13.0.2591 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belarc Advisor 8.2 (HKLM-x32\...\Belarc Advisor) (Version: 8.2.7.17 - Belarc Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DriverIdentifier 4.2.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Perfection V500 Photo Scanner Driver Update (HKLM-x32\...\{25653817-9502-41A5-A24D-FED750611E98}) (Version:  - )
EPSON Perfection V500P User's Guide (HKLM-x32\...\Silent Package Run-Time Sample) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version:  - Drive Software Company)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Geosense for Windows (HKLM\...\{D617DF82-6046-44EB-AD4A-D3423319E12C}) (Version: 1.2.0.0 - Within Network, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Hoadley Options Strategy Evaluation Tool  (HKLM-x32\...\{50201BFF-7AB7-4D33-A682-DDCDB436A10F}) (Version: 1.0.116 - Hoadley Trading & Investment Tools)
Hoadley Options Strategy Evaluation Tool (HKLM-x32\...\Hoadley Options Strategy Evaluation Tool_is1) (Version:  - Peter Hoadley)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
Image Converter (HKLM-x32\...\Image Converter Image Converter) (Version: 1.0.0 - Image Converter)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.4 - Ipswitch)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Learning Essentials for Microsoft Office (HKLM-x32\...\{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}) (Version: 2.0 - Microsoft)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media converter (HKLM-x32\...\{08597792-778c-4af3-8e60-0d7a09ecf120}_is1) (Version:  - )
Media converter (HKLM-x32\...\{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Math (HKLM-x32\...\{07043840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Setup Bootstrapper 2010 (HKLM-x32\...\Microsoft Setup Bootstrapper 2010) (Version: 2010 - Microsoft Setup Bootstrapper)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NirSoft IconsExtract (HKLM-x32\...\NirSoft IconsExtract) (Version:  - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}) (Version: 2.0.628 - Sony)
Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 7.0.0.18 - Symantec Corporation)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
Norton Ghost 15 (HKLM-x32\...\Norton Ghost) (Version: 15 - )
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Olympus ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.6.3731 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
OptionsOracle (HKLM-x32\...\{2C31929A-D6AB-4D0B-ABF9-4812A045CE97}) (Version: 1.600 - SamoaSky)
Panda Antivirus Pro 2014 (x32 Version: 13.01.01 - Panda Security) Hidden
ParagoStockQuote (HKLM-x32\...\{B36A76C3-0399-498C-A45B-C5D73AED1CE1}) (Version: 1.0.0 - Parago)
Pazera Free MP4 to AVI Converter 1.6 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Pazera Jacek)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PerfectDisk 11 Professional (HKLM\...\{B7607FC8-72AD-486D-B6B7-A402D5876309}) (Version: 11.00.185 - Raxco Software Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7409 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.162 - ReviverSoft LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SDK Debuggers (x32 Version: 8.100.26837 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skin Clock 1.7 (HKLM-x32\...\Skin Clock_is1) (Version:  - Evgeny Kryukov)
SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation)
Sony Sound Forge 8.0b (HKLM-x32\...\{48EB9208-593D-4DC7-B613-9C5A210D87BA}) (Version: 8.0.110 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{4AEA9A23-D627-4699-8A0F-FC474308C2E6}) (Version: 9.0.441 - Sony)
Sound Forge Pro (HKLM-x32\...\Sound Forge Pro) (Version:  - )
Sound Forge Pro 11.0 (HKLM-x32\...\{3F1EEA40-9515-11E4-9B3B-F04DA23A5C58}) (Version: 11.0.299 - Sony)
Spotify (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
StockWatch (HKLM-x32\...\{EA53703E-564F-42E4-806C-F5D971A875DA}) (Version: 8.0 - BREAKTRU SOFTWARE)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1022 - SUPERAntiSpyware.com)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.39049 - TeamViewer)
TrayStatus 1.2.3 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 1.2.3.0 - Binary Fortress Software)
VB Runtimes Pack, release 7 (HKLM-x32\...\VB Runtimes Pack, release 7_is1) (Version: 7 - http://www.tnk-bootblock.co.uk)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
Video Mover (HKLM-x32\...\Video Mover_is1) (Version:  - )
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Pool 3 DL (HKLM-x32\...\{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}) (Version: 3.3.1.1 - Celeris)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Live installer (HKLM-x32\...\{9E1DDBE7-BF44-4AC8-87CA-3D25FC63C6E1}) (Version: 12.0.1471.1025 - Microsoft Corporation)
Windows Live Messenger (HKLM-x32\...\{FC411B47-30BF-428C-9C1E-F6C54A94EA7E}) (Version: 8.5.1302.1018 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{dfe9c941-2d53-42eb-8631-05ab80216136}) (Version: 8.100.26837 - Microsoft Corporation)
WinTools.net Premium version 14.0 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 14.0 - WinTools Software Engineering, Ltd.)
WPT Redistributables (x32 Version: 8.100.26837 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 10.2.078.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> No File Path
 
==================== Restore Points  =========================
 
03-04-2015 21:49:21 Installed Sony Sound Forge 9.0
03-04-2015 21:50:11 Installed Sony Noise Reduction Plug-In 2.0h
03-04-2015 22:01:42 Removed Sound Forge Pro 11.0
03-04-2015 22:02:34 Removed Sound Forge Pro 11.0
03-04-2015 22:12:41 Removed Sound Forge Pro 11.0
04-04-2015 08:40:55 Removed Sound Forge Pro 11.0
04-04-2015 08:58:47 Removed Sound Forge Pro 11.0
04-04-2015 09:05:13 Removed Noise Reduction Plug-In 2.0
04-04-2015 09:05:52 Removed Sound Forge Pro 11.0
05-04-2015 11:54:07 Removed Sound Forge Pro 11.0
05-04-2015 11:55:01 Removed Noise Reduction Plug-In 2.0
06-04-2015 09:19:06 Windows Update
06-04-2015 19:38:01 Windows Update
10-04-2015 07:23:21 Windows Update
13-04-2015 11:16:05 Windows Update
14-04-2015 11:14:06 Installed WS_FTP
14-04-2015 21:48:17 Windows Update
15-04-2015 07:50:45 Windows Update
18-04-2015 09:13:50 Windows Update
20-04-2015 13:46:58 Windows Modules Installer
20-04-2015 13:47:56 Windows Modules Installer
23-04-2015 08:16:12 Windows Update
23-04-2015 17:47:08 Removed Skype™ 7.4
24-04-2015 17:19:55 Installed AVG 2015
24-04-2015 17:20:12 Installed AVG 2015
24-04-2015 21:44:23 Removed AVG 2015
24-04-2015 21:45:51 Removed AVG 2015
26-04-2015 08:07:41 Windows Update
28-04-2015 09:28:49 Installed psqlODBC
28-04-2015 09:29:20 Installed PostgreSQL 8.3
28-04-2015 11:30:37 Removed PostgreSQL 8.3
28-04-2015 11:30:58 Removed PostgreSQL 8.3
28-04-2015 11:35:04 Removed psqlODBC
28-04-2015 11:50:35 Installed psqlODBC
28-04-2015 11:51:02 Installed PostgreSQL 8.3
29-04-2015 17:17:28 Removed WS_FTP
29-04-2015 18:04:53 Removed PostgreSQL 8.3
29-04-2015 18:07:47 Removed psqlODBC
29-04-2015 18:11:34 Revo Uninstaller's restore point - Update Service YourFileDownloader
30-04-2015 07:31:26 Removed Skype™ 4.2
30-04-2015 09:38:12 Removed Visual Studio 2012 x86 Redistributables
30-04-2015 09:38:26 Removed Visual Studio 2012 x64 Redistributables
30-04-2015 14:34:49 Checkpoint by HitmanPro
30-04-2015 15:06:52 Installed WS_FTP
30-04-2015 15:09:59 Revo Uninstaller's restore point - Ipswitch WS_FTP 12
30-04-2015 15:10:40 Removed WS_FTP
30-04-2015 20:25:10 Restore Operation
30-04-2015 21:32:25 Windows Update
01-05-2015 07:18:09 Windows Update
01-05-2015 09:43:18 Pre Housecall
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-09-30 15:43 - 2015-01-20 09:06 - 00001797 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
127.0.0.1                               125.252.224.91
127.0.0.1                               hl2rcv.adobe.com
127.0.0.1 www.celeris.com 
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00526196-06BC-41AA-8EDD-FA8427C3D126} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {044E6182-34F8-44B3-90D7-68F609F5564E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {04DD0151-A66A-45DA-9822-97F2BB8BC1B2} - \{06A63907-406B-435D-ACE8-39AC21EB346D} No Task File <==== ATTENTION
Task: {07C91F09-4BF1-429E-91CA-332D5C16BB20} - System32\Tasks\{FF48B526-56A6-4327-8F1E-F216EB7D21D1} => pcalua.exe -a "C:\Users\David\Downloads\µTorrent\Microsoft Office 2010 - No Key Needed [FULL]\setup.exe" -d "C:\Users\David\Downloads\µTorrent\Microsoft Office 2010 - No Key Needed [FULL]"
Task: {083C6B88-2D95-4048-9F60-631A2ED3F93F} - \{933BBA8A-0971-4E1A-A71C-92B19462283C} No Task File <==== ATTENTION
Task: {0E228524-946A-4083-ADA1-C2586E3F397A} - System32\Tasks\{F06BB283-7E84-4733-BD9F-9762B79AD883} => pcalua.exe -a "C:\Program Files (x86)\SarbyxTrayClock\unins000.exe" -d "C:\Program Files (x86)\SarbyxTrayClock"
Task: {11215680-BBD3-4952-AFFD-C539F5C5B8F1} - System32\Tasks\{51F24487-C6A1-49EB-A845-CF74741EFB6C} => pcalua.exe -a C:\Users\David\Downloads\ymsgr900_2162_us.exe -d C:\Users\David\Downloads
Task: {14FA7E96-09C8-4AF2-A4AD-DB1988CDBC3A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {1997F2BB-D829-465F-81C8-22128ADA79D1} - \{068D92D9-569F-451A-BAA6-F60C69C68BA0} No Task File <==== ATTENTION
Task: {1B3E7C3A-7CFA-4E93-A1FD-D3767517FBF5} - System32\Tasks\{D8DFE8E4-5FBB-433D-9501-36D5083A8B09} => pcalua.exe -a "C:\Users\David\Downloads\µTorrent\Virtual Pool 4.1.2.4\Virtual Pool 4.1.2.4\Virtual_Pool_4.4.1.2.4.exe" -d "C:\Users\David\Downloads\µTorrent\Virtual Pool 4.1.2.4\Virtual Pool 4.1.2.4"
Task: {1BE1FFFB-789F-453F-AB0C-66C0ACB42363} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1D4E2332-0A4C-4540-B6FB-4AC0B5D64344} - \{FBC76180-39F8-4CAA-A795-B005661070B2} No Task File <==== ATTENTION
Task: {1FF2902A-4B69-4AF8-BF24-E120BD7DCF89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-21] (Microsoft)
Task: {25C41713-0EB5-4C38-9BD3-772D46A18A57} - \{EA701D39-5D40-4671-922A-3F4A7FA2E824} No Task File <==== ATTENTION
Task: {27D2733C-0ED1-4F28-BD0A-A3596D062E54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {29814B97-D47A-4F91-B324-1A2DE602B196} - \{0F0373E3-57BB-459E-BB23-329C445D2C69} No Task File <==== ATTENTION
Task: {31C87186-2CD5-42F7-A398-DEBE527424C8} - \{F550838C-1057-4556-A86A-1A40DEABF409} No Task File <==== ATTENTION
Task: {3374512C-7C63-41E0-8F67-C0703A0DBA21} - System32\Tasks\{1FCE3520-3AAC-45C3-ADA9-50F10A1B5CEB} => pcalua.exe -a "C:\Windows\Registry Drill\uninstall.exe" -c "/U:C:\Program Files (x86)\Easy Desk Utilities\Registry Drill\irunin.xml"
Task: {33EEBD0A-2C59-4DE3-ADF3-FA46B95DE063} - \{90088514-8A04-466F-9380-99A2E0B31142} No Task File <==== ATTENTION
Task: {38E9C52E-4CFB-4E87-B447-DA1471F86617} - \{98B27F10-3D7E-401D-9C5B-430730BB3DDC} No Task File <==== ATTENTION
Task: {3C355016-64B9-4A81-AB1B-B87CB5C3BF7C} - \{944981C6-5284-41D7-8CD6-FA3E431B1BE8} No Task File <==== ATTENTION
Task: {40973872-AB12-49DD-956A-58EC071007D4} - System32\Tasks\{A407AB7A-9181-4EB8-AF69-9F21A9DBF712} => pcalua.exe -a C:\Users\David\Downloads\dotnetfx35.exe -d C:\Users\David\Downloads
Task: {441CE1C2-29E3-4860-B3E9-B80D4A88668D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\File validation => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-04-21] (Microsoft)
Task: {4CF3BF7B-32AB-4900-AB6A-C7A5F22DD3DE} - \{784EACE6-3035-42CF-88A7-F3A3580E210C} No Task File <==== ATTENTION
Task: {56973781-EA36-4F7A-8FEF-D03D37EB2520} - System32\Tasks\Anti Virus Installer Uninstaller => C:\Program Files (x86)\Anti Virus Installer\Anti VirusInstaller.exe [2015-04-08] (Secure Updater)
Task: {5A3BE3FA-8C6D-4F8C-AA72-359C9A46F402} - System32\Tasks\{F36665D0-D261-4F15-A05B-E424FB477930} => pcalua.exe -a "C:\Users\David\Local Settings\Application Data\Bundled software uninstaller\biSetup37198.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {5BBC6DBB-9FBD-43F0-A6DB-C183F41908D4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5E27EF44-BF40-4F38-BBED-B591F62FC391} - System32\Tasks\{2BF7459B-D73E-467B-9B10-E55896AA9863} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {5F29F95E-E920-48E3-998C-60BF6C16683F} - \{AAB044EA-1F38-4E1C-B457-84F20BD69065} No Task File <==== ATTENTION
Task: {618732A2-AB6D-4E30-BE73-76DF132B42EB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {63E7A93A-9EE1-4500-9F4F-ADF60386CD60} - System32\Tasks\{4F88C5A5-218E-4DE0-A736-ABF97ED3A829} => pcalua.exe -a C:\Users\David\Downloads\ymsgr900_1912_us.exe -d C:\Users\David\Downloads
Task: {67B524C6-1F6F-47E1-9E9D-9E91127E4F8D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3085527945-139366052-3681144780-1000
Task: {6B701271-065D-42B0-9981-64FE989D91D2} - System32\Tasks\{A3AFD38E-BA3D-4813-AB1D-04F8E4E4EAE1} => pcalua.exe -a C:\Users\David\Downloads\setup.exe -d C:\Users\David\Downloads
Task: {6E0DE7DD-05B0-48FE-913D-7C58A0824867} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {70425A1B-E879-4771-BFE9-6B5912FC7F4E} - System32\Tasks\{4C0E343D-BEC2-4977-8AFE-B601B0DB61B3} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {72EBC9E1-AD76-4997-91AB-76BB98ADB3AA} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {75B1C860-4B0E-462D-AB2A-4CB1A29FE0FD} - \SidebarExecute No Task File <==== ATTENTION
Task: {79FFA273-400E-41C3-8FD6-3118D9378FEC} - System32\Tasks\{FAAC5B65-4425-43A4-B3E4-2990CEB52316} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {7A3302CD-0E97-412D-8878-DDDAAB549B2B} - System32\Tasks\{8F8E29C4-01B4-420C-927B-2F927480E1E2} => pcalua.exe -a "C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard\Engine\7.0.0.18\Gear\GEARDIFx.exe" -d "C:\Program Files (x86)\Norton Ghost" -c INSTALL "NBRTWizard" "{A4274214-B468-482e-B2AC-24FCD2365C4B}"
Task: {7A60BDC9-48E5-4941-85DD-CF51B9CD6B75} - System32\Tasks\Grand Panda Updater => C:\Program Files (x86)\PrivateVPN\gpup.exe <==== ATTENTION
Task: {7C95E5D5-3769-45D7-BE6C-EB8FA85E1A36} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {7D088582-B4EF-4D7D-8984-2D3E28DD7B73} - \{51D40F7C-A9E5-49A2-B658-213116ACE6D2} No Task File <==== ATTENTION
Task: {84CCDC93-6745-4656-9AD6-50E582165F11} - \{835A3CB0-5F0A-41A1-90C7-3905DB2C7F44} No Task File <==== ATTENTION
Task: {86456E3E-B9BE-496D-A2BA-D974E8516A94} - System32\Tasks\{805E81EF-41EA-49E2-A851-4E818641D8B8} => pcalua.exe -a C:\Users\David\Downloads\winsdk_web.exe -d C:\Users\David\Downloads
Task: {8BE33FB2-A2F9-4C48-81DA-7CE5EE4EBC54} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {8C154798-B853-4E9B-BEC4-EEB34DB5DDC1} - System32\Tasks\{495182BE-EBEF-49A8-9275-4E008D84E929} => pcalua.exe -a "C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe" -d "C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag"
Task: {93643070-C63F-4B74-9162-F11FB6723CC7} - System32\Tasks\{67DBAF5A-0662-4A1F-BF30-990984231DF1} => pcalua.exe -a C:\Users\David\Backups\HitmanPro\HitmanPro.exe -d C:\Users\David\Backups\HitmanPro
Task: {98E1FAE4-C849-4EFE-8968-B71C93ED79D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9B58C2C6-5032-425F-B949-98F6D08317F0} - \{796C265D-E02C-4215-AC4E-F948143941BC} No Task File <==== ATTENTION
Task: {9B8B578D-11B1-479C-B188-644E648B526C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {9DB6B14D-DFBE-4050-90AB-26DF2293BFB3} - System32\Tasks\Alfasistem Memory Uninstaller => C:\Program Files (x86)\Alfasistem Memory\ tmjob.exe [2015-04-29] (SecureSoft)
Task: {B1D2EF0D-34E9-4A75-92F7-E6F42BCA4BCF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {B3F20913-0649-4169-B755-B5F1A52AE295} - System32\Tasks\{890BEE91-FCB8-4FE6-BB4D-0AAD8D3BECA0} => pcalua.exe -a C:\Users\David\Downloads\wlsetup-web.exe -d C:\Users\David\Downloads
Task: {B79F76CF-C347-40B0-A62A-56B041F3810F} - System32\Tasks\{576EEAD7-8857-4E0C-A4BF-3B721FAF7230} => pcalua.exe -a "C:\Users\David\Downloads\ymsgr900_2162_us (1).exe" -d C:\Users\David\Downloads
Task: {B88E832F-9C79-4286-B5DC-F7E68541073F} - System32\Tasks\{1E79B445-B044-45E4-80B4-E4C99ED987D4} => pcalua.exe -a C:\Users\David\AppData\Roaming\oursurfing\UninstallManager.exe -c  -ptid=exp
Task: {BA5B1014-2E14-4300-A531-030C4A70C6A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BEB2C3A8-E6A0-4F3A-93BC-63AFB3655BD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {C4A4261F-EEE4-43B6-9563-295763F63888} - \{84B993B4-12FA-4A59-AAA4-85D2E36F7370} No Task File <==== ATTENTION
Task: {C4F23D97-94DD-4066-BEE1-C570F50DE7B0} - System32\Tasks\Windows Defrag => C:\Users\David\AppData\Local\Updater\winupd.exe
Task: {C8FFBB24-90F0-4156-8C30-F0C6D815FF81} - System32\Tasks\{58A995F9-E330-41DE-989F-F652BFFBE9E9} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {CEAE30D7-38CE-4441-8883-A52E63E65906} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D3AAC07E-C77D-48A9-84DC-67A2427F90A6} - System32\Tasks\{B76A7A90-847E-4BC7-919F-7C65F2FDA17D} => pcalua.exe -a "C:\Users\David\Backups\Partition Magic\PartitionMagic_8.2\Partition Magic.exe" -d "C:\Users\David\Backups\Partition Magic\PartitionMagic_8.2"
Task: {D4685C50-4374-4601-8D77-16A7D068E84E} - System32\Tasks\{8CC51390-2E88-418E-B1AA-22461C09086A} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {E853FAD9-C449-4E1E-8602-C45A8F0B82AD} - \{4EFD2083-5A6A-4D09-95BA-3373750CF167} No Task File <==== ATTENTION
Task: {F0D37E9E-550B-4BE7-80F6-25630AC4C42C} - System32\Tasks\{460BE432-4E7D-46D8-8ACD-B061AFB6A561} => pcalua.exe -a C:\Users\David\Downloads\stock\setup.exe -d C:\Users\David\Downloads\stock
Task: {F41ABE9E-2449-4224-B503-6221387BD988} - \{AF643558-22CA-4D6D-8597-B47EE816ABAF} No Task File <==== ATTENTION
Task: {F4FCA02A-7252-467C-BA7F-1AA3A75410C6} - \{48759E32-5D38-4D56-877B-8E650B0AB795} No Task File <==== ATTENTION
Task: {FB4CD12A-A668-4669-9AEF-2EDA84A07D8B} - System32\Tasks\AdobeAAMUpdater-1.0-DavidsDesktop-David => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {FD6271B2-09EC-45AB-A3A7-A860BA8E0D62} - System32\Tasks\{75CBAD3F-18FD-41DA-9E62-1923597226C3} => pcalua.exe -a C:\Users\David\Downloads\dotnetfx.exe -d C:\Users\David\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-19 21:06 - 2015-02-05 12:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-14 17:27 - 2013-04-24 19:20 - 02007040 _____ () C:\Program Files\Free Desktop Clock\timeserv.exe
2015-04-28 20:09 - 2015-04-28 20:09 - 02466304 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-04-28 20:09 - 2015-04-28 20:09 - 02109440 _____ () C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll
2015-04-14 17:27 - 2013-06-07 20:20 - 01875968 _____ () C:\Program Files\Free Desktop Clock\Clock.dll
2015-04-14 17:27 - 2013-06-27 23:07 - 04652544 _____ () C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe
2013-07-06 08:00 - 2013-10-11 04:41 - 01303552 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2014-10-19 22:22 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-10-19 22:22 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libglesv2.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libegl.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\pdf.dll
2015-02-22 15:09 - 2015-02-22 15:09 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2011-04-19 11:28 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:073341D1
AlternateDataStreams: C:\Users\David\Cookies:RrlK0TyuxrABpC2j26MKYAiIs
AlternateDataStreams: C:\Users\David\AppData\Local\i1VqavrmfKyW:knIOkA0olWtH5HWb77m0XJD
AlternateDataStreams: C:\Users\David\AppData\Local\Temp:HJTQcNQKV3RM0urbcxVsr
AlternateDataStreams: C:\Users\David\AppData\Local\VCHl52fb:ULd3YMjwcNBbi5Ga8NHwCQbfJr
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 5232 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^3RVX.lnk => C:\Windows\pss\3RVX.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Chrome.lnk => C:\Windows\pss\Google Chrome.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^volume.ahk => C:\Windows\pss\volume.ahk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ares.exe - Shortcut.lnk => C:\Windows\pss\Ares.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk => C:\Windows\pss\crossbrowse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Download SONY Sound Forge Pro 11.0 Build 299 Torrent - KickassTorrents.lnk => C:\Windows\pss\Download SONY Sound Forge Pro 11.0 Build 299 Torrent - KickassTorrents.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^firefox - Shortcut.lnk => C:\Windows\pss\firefox - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamViewer.exe - Shortcut.lnk => C:\Windows\pss\TeamViewer.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ThePirateBay.TO, mp3, avi, bittorrent, torrent, torrents, movies, music, games,.lnk => C:\Windows\pss\ThePirateBay.TO, mp3, avi, bittorrent, torrent, torrents, movies, music, games,.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Ad-Aware Antivirus => 
[size=3]MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"[/size]
[size=3]MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"[/size]
[size=3]MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"[/size]
[size=3]MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin[/size]
[size=3]MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin[/size]
[size=3]MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\David\AppData\Local\Akamai\netsession_win.exe"[/size]
[size=3]MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"[/size]
[size=3]MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h[/size]
[size=3]MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices[/size]
[size=3]MSCONFIG\startupreg: BingSvc => C:\Users\David\AppData\Local\Microsoft\BingSvc\BingSvc.exe[/size]
[size=3]MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun[/size]
[size=3]MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun[/size]
[size=3]MSCONFIG\startupreg: BVRPLiveUpdate => "C:\Program Files (x86)\Avanquest update\Engine\RunLU.exe" -s /PATCH,/SRCUPDATEC:\PROGRA~3\SONYER~1\SONYER~2\LIVEUP~1\LISTOF~1.DAT,[/size]
[size=3]MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon[/size]
[size=3]MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR[/size]
[size=3]MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe[/size]
[size=3]MSCONFIG\startupreg: DriverScanner => [/size]
[size=3]MSCONFIG\startupreg: EEventManager => C:\PROGRA~2\EPSONS~1\EVENTM~1\EEVENT~1.EXE[/size]
[size=3]MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming[/size]
[size=3]MSCONFIG\startupreg: Google Update => [/size]
[size=3]MSCONFIG\startupreg: GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window[/size]
[size=3]MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe[/size]
[size=3]MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe[/size]
[size=3]MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe[/size]
[size=3]MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe[/size]
[size=3]MSCONFIG\startupreg: Icqgsoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\David\AppData\Local\Ifdksoft\MetaNotifier32.dll[/size]
[size=3]MSCONFIG\startupreg: Ifdksoft => C:\Users\David\AppData\Local\Ifdksoft\tmp2D4F.exe[/size]
[size=3]MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE[/size]
[size=3]MSCONFIG\startupreg: Iminent => [/size]
[size=3]MSCONFIG\startupreg: IminentMessenger => [/size]
[size=3]MSCONFIG\startupreg: Imvpsoft => regsvr32.exe C:\Users\David\AppData\Local\Imvpsoft\BassMainAgent.dll[/size]
[size=3]MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup[/size]
[size=3]MSCONFIG\startupreg: ISW => C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"[/size]
[size=3]MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"[/size]
[size=3]MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe[/size]
[size=3]MSCONFIG\startupreg: lollipop => [/size]
[size=3]MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"[/size]
[size=3]MSCONFIG\startupreg: mobilegeni daemon => [/size]
[size=3]MSCONFIG\startupreg: msnmsgr => [/size]
[size=3]MSCONFIG\startupreg: Norton Ghost 15.0 => "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"[/size]
[size=3]MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe[/size]
[size=3]MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"[/size]
[size=3]MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"[/size]
[size=3]MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup[/size]
[size=3]MSCONFIG\startupreg: PDF Complete => [/size]
[size=3]MSCONFIG\startupreg: PSafeAV => [/size]
[size=3]MSCONFIG\startupreg: PSafeTray => [/size]
[size=3]MSCONFIG\startupreg: PSafeWDS => [/size]
[size=3]MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime[/size]
[size=3]MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s[/size]
[size=3]MSCONFIG\startupreg: SarbyxTrayClock => [/size]
[size=3]MSCONFIG\startupreg: SBRegRebootCleaner => [/size]
[size=3]MSCONFIG\startupreg: Search Protection => "C:\Users\David\AppData\Roaming\Search Protection\SP.EXE" /autostart[/size]
[size=3]MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart[/size]
[size=3]MSCONFIG\startupreg: SkinClock => [/size]
[size=3]MSCONFIG\startupreg: Skype => [/size]
[size=3]MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background[/size]
[size=3]MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon[/size]
[size=3]MSCONFIG\startupreg: SpeedTray => C:\Users\David\AppData\Roaming\SpeedTray\speedtray.exe[/size]
[size=3]MSCONFIG\startupreg: SpeedUpMyPC => [/size]
[size=3]MSCONFIG\startupreg: Spotify => "C:\Users\David\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart[/size]
[size=3]MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"[/size]
[size=3]MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[/size]
[size=3]MSCONFIG\startupreg: TasksWatch => "C:\Users\David\AppData\Local\Temp\TasksWatch.exe"[/size]
[size=3]MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave[/size]
[size=3]MSCONFIG\startupreg: uTorrent => "C:\Users\David\Downloads\uTorrent.exe"  /MINIMIZED[/size]
[size=3]MSCONFIG\startupreg: VideoUsage => "C:\Program Files (x86)\DoubleOptMedia\VideoUsage.exe"[/size]
[size=3]MSCONFIG\startupreg: WinCheck => C:\Users\David\AppData\Local\00000012-1430125422-8015-BF5A-888888888788\bnsiCBF9.exe[/size]
 
[size=3]==================== FirewallRules (whitelisted) ===============[/size]
 
[size=3](If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)[/size]
 
[size=3]FirewallRules: [{07B21A5E-FAFA-4F67-A5B9-408E6BCA2331}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe[/size]
[size=3]FirewallRules: [{C760FB51-26C2-4AD6-9FE7-6BDEA94275E7}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe[/size]
[size=3]FirewallRules: [{B4AD560D-BA2A-4836-98BB-DCDD8F8A2BB7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe[/size]
[size=3]FirewallRules: [{45358139-5AE8-41BA-BDFD-38AD7871DE87}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe[/size]
[size=3]FirewallRules: [{16E2C9F1-8C23-4399-A0DF-63F915B575D6}] => (Allow) LPort=49194[/size]
[size=3]FirewallRules: [TCP Query User{152D3D3B-B435-456B-976C-6AD95E7DF033}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe[/size]
[size=3]FirewallRules: [UDP Query User{BF16B5FB-6BE7-46B8-9711-5E6BE212AA31}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe[/size]
[size=3]FirewallRules: [{08D57846-5C4C-4EC6-BD8C-57F6EFA20F05}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/size]
[size=3]FirewallRules: [TCP Query User{D8268983-16A3-4A32-86EE-8BF5B6BD1210}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe[/size]
[size=3]FirewallRules: [UDP Query User{4C7DA643-52C6-4B06-AD11-E78136041B4A}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe[/size]
[size=3]FirewallRules: [{7D0670D1-DF21-4DAD-8DE4-21322C990864}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe[/size]
[size=3]FirewallRules: [{5CE654D1-D6CD-45BF-9B38-2F0CB5F40B61}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe[/size]
[size=3]FirewallRules: [{47262A21-C5DD-46F5-A48A-FE74ABF2973D}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe[/size]
[size=3]FirewallRules: [{A9078591-8FD3-4A3E-8F84-F5A022E0CFD0}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe[/size]
[size=3]FirewallRules: [{01E6317D-9A93-4D66-9013-5861C12FA1BC}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe[/size]
[size=3]FirewallRules: [{1532E59D-990E-4167-A8D8-B3143CE97250}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[/size]
[size=3]FirewallRules: [{1CA89A19-84BB-41E8-9C9C-6EB97AC2C601}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[/size]
[size=3]FirewallRules: [{BDB0289D-3936-47C8-9FDD-88885613083D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[/size]
[size=3]FirewallRules: [{D4067AD5-9DE3-41E8-94C9-F408B0E7CBAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[/size]
[size=3]FirewallRules: [{1A2471F9-BCBD-42FA-9141-12BC2D2EDB69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe[/size]
[size=3]FirewallRules: [{9C1D8383-BADC-4538-A1E7-9D02C0199B29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe[/size]
[size=3]FirewallRules: [{61C6BFC4-6897-4772-80FB-AF175301B475}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe[/size]
[size=3]FirewallRules: [{C60F8C93-932B-41D2-B539-F8F2AC3E2627}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe[/size]
[size=3]FirewallRules: [{DEF96A4A-51FA-4E14-AC85-88A725286142}] => (Allow) C:\Users\David\AppData\Local\Temp\utt6A43.tmp.exe[/size]
[size=3]FirewallRules: [{1B2AC955-CA6E-4F14-A1A7-063F494D08D4}] => (Allow) C:\Users\David\AppData\Local\Temp\utt6A43.tmp.exe[/size]
[size=3]FirewallRules: [{5E5F64E0-6989-4C64-A0CD-0C92603AC8D2}] => (Allow) C:\Program Files (x86)\Virtual Pool 3\vp3.exe[/size]
[size=3]FirewallRules: [{E822C01F-648D-4579-B427-7F1C8D6777DE}] => (Allow) C:\Program Files (x86)\Virtual Pool 3\vp3.exe[/size]
[size=3]FirewallRules: [TCP Query User{78CB2699-61BD-4192-87F3-DFC182A972A6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe[/size]
[size=3]FirewallRules: [UDP Query User{76704175-E022-474A-94EE-F5B84092AF7E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe[/size]
[size=3]FirewallRules: [TCP Query User{51F1C06C-B72B-4512-90CB-DEF0F2B719C8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe[/size]
[size=3]FirewallRules: [UDP Query User{C4CBF2EB-918B-4E65-964D-E8E585B46206}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe[/size]
[size=3]FirewallRules: [{C72A8621-A183-4191-9F09-5A55F7B94DED}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe[/size]
[size=3]FirewallRules: [{BBE37BB2-7F13-4CA8-ACAA-38018DD76417}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe[/size]
[size=3]FirewallRules: [TCP Query User{6E440633-881B-40B4-B4CD-9F6AADCDB563}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe[/size]
[size=3]FirewallRules: [UDP Query User{5E49F338-674F-4209-AF88-49FF59BF378F}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe[/size]
[size=3]FirewallRules: [TCP Query User{FFAFDCB4-C7BB-4E1E-B5CD-56F188ED382A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe[/size]
[size=3]FirewallRules: [UDP Query User{796B9676-A388-4B98-B06A-DCEE23EEF89A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe[/size]
[size=3]FirewallRules: [TCP Query User{8635ED3F-B4F8-4F4E-92EA-6308B68258C2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe[/size]
[size=3]FirewallRules: [UDP Query User{7DF40EB0-73E5-4650-987F-B31AFEC4006E}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe[/size]
[size=3]FirewallRules: [{1CD6FC34-E403-4F53-9424-74486FFA7F73}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe[/size]
[size=3]FirewallRules: [{6C93253A-7B98-496E-894C-37EAF4AE7E1A}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe[/size]
[size=3]FirewallRules: [{A12FBD68-BBDD-41A2-A99B-60A1A08082EE}] => (Allow) LPort=1045[/size]
[size=3]FirewallRules: [{4F0FF8D0-A7A2-4095-B593-A8C2C6CEDCC0}] => (Allow) LPort=5000[/size]
[size=3]FirewallRules: [{7CB163B0-E284-499B-A79C-1A40D27CC22C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[/size]
[size=3]FirewallRules: [{C46B6CB6-94D8-467A-B345-8A862EA0AC2B}] => (Allow) svchost.exe[/size]
[size=3]FirewallRules: [{19463956-D194-4D78-A29F-5A05BBC72615}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\livecall.exe[/size]
[size=3]FirewallRules: [{DCC3136F-AA5C-49FA-8B4B-9BF4E6CECCD3}] => (Allow) C:\Program Files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\officestp.exe[/size]
[size=3]FirewallRules: [{32452F92-5047-4326-8911-438A01FFF3F1}] => (Allow) C:\Program Files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\officestp.exe[/size]
[size=3]FirewallRules: [{09565D35-BDBA-4A06-831B-AABA0A69C3CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE[/size]
[size=3]FirewallRules: [{6F8E929A-E3B0-43FA-BDF6-1ACA259D4636}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE[/size]
[size=3]FirewallRules: [{3BF6AAB0-84F7-4BED-A815-693CABFE7212}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE[/size]
[size=3]FirewallRules: [{82E337C8-891E-42A0-8D4A-1FA5CFB7A9B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE[/size]
[size=3]FirewallRules: [{E626B0EE-E05C-44C2-9B85-5698A702E96E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe[/size]
[size=3]FirewallRules: [{A1500943-CA90-46B1-B2D1-DF66C76D2A17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[/size]
[size=3]FirewallRules: [{52E8B821-AEE3-4453-A3FB-21FB9C500738}] => (Allow) C:\Program Files\iTunes\iTunes.exe[/size]
[size=3]FirewallRules: [{E9CD2477-F432-43C9-8526-FE1DDE55DBB4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe[/size]
[size=3]FirewallRules: [{C86A9E6D-92D3-44F3-87E3-39D8B9E7FC7B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe[/size]
[size=3]FirewallRules: [{2519892A-AF80-46D4-B44F-D7E4E856E5C3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe[/size]
[size=3]FirewallRules: [{943EFB3C-5A52-43BF-80EA-8ACFEDB6B2E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe[/size]
[size=3]FirewallRules: [TCP Query User{6C11DE40-0FEB-46FC-95E2-A9D35DD5B28E}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe[/size]
[size=3]FirewallRules: [UDP Query User{993C064D-57C1-42D6-99C0-4EBFC9191E42}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe[/size]
[size=3]FirewallRules: [{84B2949E-1832-447A-84E2-10E92CEF6308}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe[/size]
[size=3]FirewallRules: [{D86120F2-14A5-40BE-9786-2C3E66A8BFBA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe[/size]
[size=3]FirewallRules: [{87967369-B92E-4159-B508-B8F188F4AA76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe[/size]
[size=3]FirewallRules: [{88C9A603-11FF-44E0-92D5-2E2172BD0E2A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe[/size]
[size=3]FirewallRules: [{001ECCEE-29D4-46A3-AE06-78488CF17717}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe[/size]
[size=3]FirewallRules: [{54711368-EB48-4865-88A1-3F835A4B6FD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe[/size]
[size=3]FirewallRules: [{640F00AD-1D81-45D2-9EBB-1C146AA9A81F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe[/size]
[size=3]FirewallRules: [{A5BBD902-D0BE-4056-B74C-5D7A17307B62}] => (Allow) C:\Windows\explorer.exe[/size]
[size=3]FirewallRules: [{4975C0CE-FFD0-4FAF-9C8C-EDA544DE816B}] => (Allow) C:\Windows\system32\rundll32.exe[/size]
[size=3]FirewallRules: [{B62BCBB0-9F15-497C-A144-40578AF78210}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe[/size]
[size=3]FirewallRules: [{9D138210-4901-42F5-886B-D6AB9C021D44}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe[/size]
[size=3]FirewallRules: [{DE6F480F-CC88-46BE-8CD4-13CDB4DBB483}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe[/size]
[size=3]FirewallRules: [{AFED154C-52BE-44DE-9A3C-B7A6FDC0AA80}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe[/size]
[size=3]FirewallRules: [{774EC35C-2D95-43BD-A2BD-203ADA9B4512}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[/size]
[size=3]FirewallRules: [{43430412-C832-41D8-A8B5-D143E8C01B69}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[/size]
[size=3]FirewallRules: [{A1A5E099-B7C9-463C-95F8-71A76D185268}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[/size]
[size=3]FirewallRules: [{D9D6DD35-3AE6-4D2B-ABC9-0B2912C586DA}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[/size]
 
[size=3]==================== Faulty Device Manager Devices =============[/size]
 
 
[size=3]==================== Event log errors: =========================[/size]
 
[size=3]Application errors:[/size]
[size=3]==================[/size]
[size=3]Error: (05/02/2015 07:14:27 AM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (05/01/2015 01:52:11 PM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (05/01/2015 08:48:08 AM) (Source: Application Error) (EventID: 1000) (User: )[/size]
[size=3]Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4[/size]
[size=3]Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b864[/size]
[size=3]Exception code: 0xc0000374[/size]
[size=3]Fault offset: 0x00000000000bf922[/size]
[size=3]Faulting process id: 0x1204[/size]
[size=3]Faulting application start time: 0xExplorer.EXE0[/size]
[size=3]Faulting application path: Explorer.EXE1[/size]
[size=3]Faulting module path: Explorer.EXE2[/size]
[size=3]Report Id: Explorer.EXE3[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".[/size]
[size=3]Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.[/size]
[size=3]Please use sxstrace.exe for detailed diagnosis.[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".[/size]
[size=3]Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.[/size]
[size=3]Please use sxstrace.exe for detailed diagnosis.[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".[/size]
[size=3]Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.[/size]
[size=3]Please use sxstrace.exe for detailed diagnosis.[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".[/size]
[size=3]Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.[/size]
[size=3]Please use sxstrace.exe for detailed diagnosis.[/size]
 
[size=3]Error: (05/01/2015 07:21:59 AM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (05/01/2015 07:10:02 AM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (04/30/2015 10:11:32 PM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
 
[size=3]System errors:[/size]
[size=3]=============[/size]
[size=3]Error: (05/02/2015 07:15:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )[/size]
[size=3]Description: The Google Update Service (gupdate) service failed to start due to the following error: [/size]
[size=3]%%2[/size]
 
[size=3]Error: (05/01/2015 01:53:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )[/size]
[size=3]Description: The Google Update Service (gupdate) service failed to start due to the following error: [/size]
[size=3]%%2[/size]
 
[size=3]Error: (05/01/2015 07:23:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )[/size]
[size=3]Description: The Google Update Service (gupdate) service failed to start due to the following error: [/size]
[size=3]%%2[/size]
 
[size=3]Error: (05/01/2015 07:22:43 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)[/size]
[size=3]Description: Failed to start language pack setup wizard. Please restart the system and try running the wizard again.[/size]
 
[size=3]Error: (05/01/2015 07:22:43 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)[/size]
[size=3]Description: CBS Client initialization failed. Last error: 0x80080005[/size]
 
[size=3]Error: (05/01/2015 07:22:43 AM) (Source: DCOM) (EventID: 10010) (User: )[/size]
[size=3]Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}[/size]
 
[size=3]Error: (05/01/2015 07:22:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )[/size]
[size=3]Description: The Windows Modules Installer service terminated with the following error: [/size]
[size=3]%%16405[/size]
 
[size=3]Error: (05/01/2015 07:11:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )[/size]
[size=3]Description: The Google Update Service (gupdate) service failed to start due to the following error: [/size]
[size=3]%%2[/size]
 
[size=3]Error: (04/30/2015 10:12:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )[/size]
[size=3]Description: The Google Update Service (gupdate) service failed to start due to the following error: [/size]
[size=3]%%2[/size]
 
[size=3]Error: (04/30/2015 09:53:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )[/size]
[size=3]Description: The Google Update Service (gupdate) service failed to start due to the following error: [/size]
[size=3]%%2[/size]
 
 
[size=3]Microsoft Office Sessions:[/size]
[size=3]=========================[/size]
[size=3]Error: (05/02/2015 07:14:27 AM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (05/01/2015 01:52:11 PM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (05/01/2015 08:48:08 AM) (Source: Application Error) (EventID: 1000) (User: )[/size]
[size=3]Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.187985507b864c000037400000000000bf922120401d0841a61c826baC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll75db8748-f019-11e4-8ffb-e069955bb6d0[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKEngine.dll[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKCmdFS.dll[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKCmdDefrag.dll[/size]
 
[size=3]Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )[/size]
[size=3]Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKCmdCaps.dll[/size]
 
[size=3]Error: (05/01/2015 07:21:59 AM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (05/01/2015 07:10:02 AM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
[size=3]Error: (04/30/2015 10:11:32 PM) (Source: WinMgmt) (EventID: 10) (User: )[/size]
[size=3]Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003[/size]
 
 
[size=3]CodeIntegrity Errors:[/size]
[size=3]===================================[/size]
[size=3]  Date: 2015-04-24 22:09:19.348[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 22:00:34.557[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 21:22:28.948[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 20:59:03.176[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 20:01:28.454[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 19:40:43.494[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 19:32:09.272[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 19:22:09.977[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 19:04:01.329[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
[size=3]  Date: 2015-04-24 18:54:04.856[/size]
[size=3]  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.[/size]
 
 
[size=3]==================== Memory info =========================== [/size]
 
[size=3]Processor: Intel® Core™ i7 CPU X 990 @ 3.47GHz[/size]
[size=3]Percentage of memory in use: 14%[/size]
[size=3]Total physical RAM: 24567.06 MB[/size]
[size=3]Available physical RAM: 20975.43 MB[/size]
[size=3]Total Pagefile: 74565.25 MB[/size]
[size=3]Available Pagefile: 70831.18 MB[/size]
[size=3]Total Virtual: 8192 MB[/size]
[size=3]Available Virtual: 8191.8 MB[/size]
 
[size=3]==================== Drives ================================[/size]
 
[size=3]Drive c: (OS) (Fixed) (Total:1849.67 GB) (Free:1240.75 GB) NTFS ==>[System with boot components (obtained from reading drive)][/size]
[size=3]Drive d: (HP_RECOVERY) (Fixed) (Total:13.25 GB) (Free:13.15 GB) NTFS[/size]
 
[size=3]==================== MBR & Partition Table ==================[/size]
 
[size=3]========================================================[/size]
[size=3]Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF1B7EF2)[/size]
[size=3]Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)[/size]
[size=3]Partition 2: (Not Active) - (Size=1849.7 GB) - (Type=07 NTFS)[/size]
[size=3]Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)[/size]
 
[size=3]==================== End Of Log ============================[/size]

To: **********
Subject: A new reply has been posted to Numerous redirects; proxy settings change
Date: Sun, 3 May 2015 05:25:04 -0400
From: bleep@bleepingcomputer.com

BleepingComputer.com
daivddd,

deeprybka has just posted a reply to a topic that you have subscribed to titled "Numerous redirects; proxy settings change".

The topic can be found here: 
http://www.bleepingcomputer.com/forums/t/575051/numerous-redirects;-proxy-settings-change/?view=getnewpost

Hi David & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully:  :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Please post the Addition.txt as well. :)


If you have configured in your control panel to receive immediate topic reply notifications, you may receive an
email for each reply made to this topic. Otherwise, only 1 email is sent per board visit for each subscribed topic.
This is to limit the amount of mail that is sent to your inbox.

You can unsubscribe at any time here:http://www.bleepingcomputer.com/forums/unsubscribe/Zm9ydW1zO3RvcGljczs1NzUwNTE7OTUxNDk0Ozk1MTQ5NDtkcm5yZEBob3RtYWlsLmNvbQ,,/
BleepingComputer.com


Edited by deeprybka, 03 May 2015 - 02:10 PM.
email has beem removed *


#4 daivddd

daivddd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 03 May 2015 - 02:10 PM

Hi Jürgen!  I thought I saw to attatch the Addition.txt.  This will be a good test to see if I know how to reply and post accompanying items.  Below is Addition.txt.

 

 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by David at 2015-05-02 07:38:58
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3085527945-139366052-3681144780-500 - Administrator - Disabled)
David (S-1-5-21-3085527945-139366052-3681144780-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-3085527945-139366052-3681144780-501 - Limited - Disabled)
Visitor (S-1-5-21-3085527945-139366052-3681144780-1002 - Limited - Enabled) => C:\Users\Visitor
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Active@ UNDELETE (HKLM-x32\...\{64B408B8-068B-4EE0-B16C-658A24E75B8B}) (Version: 7.3.3 - Active Data Recovery Software)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
Ares 2.1.8 (HKLM-x32\...\Ares) (Version: 2.1.8-Build#3042 - Ares Development Group)
Audials (HKLM-x32\...\{249C7D7F-96D7-4C5B-A64F-AFB26BE777C1}) (Version: 8.0.49702.200 - RapidSolution Software AG)
Audials (HKLM-x32\...\{BFCD8790-CBEE-485F-B151-BAA6B21D1CA0}) (Version: 9.1.31900.0 - Audials AG)
Audials TV (HKLM-x32\...\{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}) (Version: 1.3.10803.300 - RapidSolution Software AG)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
AVG 2013 (Version: 13.0.2591 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belarc Advisor 8.2 (HKLM-x32\...\Belarc Advisor) (Version: 8.2.7.17 - Belarc Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DriverIdentifier 4.2.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Perfection V500 Photo Scanner Driver Update (HKLM-x32\...\{25653817-9502-41A5-A24D-FED750611E98}) (Version:  - )
EPSON Perfection V500P User's Guide (HKLM-x32\...\Silent Package Run-Time Sample) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version:  - Drive Software Company)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Geosense for Windows (HKLM\...\{D617DF82-6046-44EB-AD4A-D3423319E12C}) (Version: 1.2.0.0 - Within Network, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Hoadley Options Strategy Evaluation Tool  (HKLM-x32\...\{50201BFF-7AB7-4D33-A682-DDCDB436A10F}) (Version: 1.0.116 - Hoadley Trading & Investment Tools)
Hoadley Options Strategy Evaluation Tool (HKLM-x32\...\Hoadley Options Strategy Evaluation Tool_is1) (Version:  - Peter Hoadley)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
Image Converter (HKLM-x32\...\Image Converter Image Converter) (Version: 1.0.0 - Image Converter)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.4 - Ipswitch)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Learning Essentials for Microsoft Office (HKLM-x32\...\{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}) (Version: 2.0 - Microsoft)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media converter (HKLM-x32\...\{08597792-778c-4af3-8e60-0d7a09ecf120}_is1) (Version:  - )
Media converter (HKLM-x32\...\{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Math (HKLM-x32\...\{07043840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Setup Bootstrapper 2010 (HKLM-x32\...\Microsoft Setup Bootstrapper 2010) (Version: 2010 - Microsoft Setup Bootstrapper)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NirSoft IconsExtract (HKLM-x32\...\NirSoft IconsExtract) (Version:  - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}) (Version: 2.0.628 - Sony)
Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 7.0.0.18 - Symantec Corporation)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
Norton Ghost 15 (HKLM-x32\...\Norton Ghost) (Version: 15 - )
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Olympus ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.6.3731 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
OptionsOracle (HKLM-x32\...\{2C31929A-D6AB-4D0B-ABF9-4812A045CE97}) (Version: 1.600 - SamoaSky)
Panda Antivirus Pro 2014 (x32 Version: 13.01.01 - Panda Security) Hidden
ParagoStockQuote (HKLM-x32\...\{B36A76C3-0399-498C-A45B-C5D73AED1CE1}) (Version: 1.0.0 - Parago)
Pazera Free MP4 to AVI Converter 1.6 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Pazera Jacek)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PerfectDisk 11 Professional (HKLM\...\{B7607FC8-72AD-486D-B6B7-A402D5876309}) (Version: 11.00.185 - Raxco Software Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7409 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.162 - ReviverSoft LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SDK Debuggers (x32 Version: 8.100.26837 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skin Clock 1.7 (HKLM-x32\...\Skin Clock_is1) (Version:  - Evgeny Kryukov)
SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation)
Sony Sound Forge 8.0b (HKLM-x32\...\{48EB9208-593D-4DC7-B613-9C5A210D87BA}) (Version: 8.0.110 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{4AEA9A23-D627-4699-8A0F-FC474308C2E6}) (Version: 9.0.441 - Sony)
Sound Forge Pro (HKLM-x32\...\Sound Forge Pro) (Version:  - )
Sound Forge Pro 11.0 (HKLM-x32\...\{3F1EEA40-9515-11E4-9B3B-F04DA23A5C58}) (Version: 11.0.299 - Sony)
Spotify (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
StockWatch (HKLM-x32\...\{EA53703E-564F-42E4-806C-F5D971A875DA}) (Version: 8.0 - BREAKTRU SOFTWARE)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1022 - SUPERAntiSpyware.com)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.39049 - TeamViewer)
TrayStatus 1.2.3 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 1.2.3.0 - Binary Fortress Software)
VB Runtimes Pack, release 7 (HKLM-x32\...\VB Runtimes Pack, release 7_is1) (Version: 7 - http://www.tnk-bootblock.co.uk)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
Video Mover (HKLM-x32\...\Video Mover_is1) (Version:  - )
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Pool 3 DL (HKLM-x32\...\{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}) (Version: 3.3.1.1 - Celeris)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Live installer (HKLM-x32\...\{9E1DDBE7-BF44-4AC8-87CA-3D25FC63C6E1}) (Version: 12.0.1471.1025 - Microsoft Corporation)
Windows Live Messenger (HKLM-x32\...\{FC411B47-30BF-428C-9C1E-F6C54A94EA7E}) (Version: 8.5.1302.1018 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{dfe9c941-2d53-42eb-8631-05ab80216136}) (Version: 8.100.26837 - Microsoft Corporation)
WinTools.net Premium version 14.0 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 14.0 - WinTools Software Engineering, Ltd.)
WPT Redistributables (x32 Version: 8.100.26837 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 10.2.078.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> No File Path
 
==================== Restore Points  =========================
 
03-04-2015 21:49:21 Installed Sony Sound Forge 9.0
03-04-2015 21:50:11 Installed Sony Noise Reduction Plug-In 2.0h
03-04-2015 22:01:42 Removed Sound Forge Pro 11.0
03-04-2015 22:02:34 Removed Sound Forge Pro 11.0
03-04-2015 22:12:41 Removed Sound Forge Pro 11.0
04-04-2015 08:40:55 Removed Sound Forge Pro 11.0
04-04-2015 08:58:47 Removed Sound Forge Pro 11.0
04-04-2015 09:05:13 Removed Noise Reduction Plug-In 2.0
04-04-2015 09:05:52 Removed Sound Forge Pro 11.0
05-04-2015 11:54:07 Removed Sound Forge Pro 11.0
05-04-2015 11:55:01 Removed Noise Reduction Plug-In 2.0
06-04-2015 09:19:06 Windows Update
06-04-2015 19:38:01 Windows Update
10-04-2015 07:23:21 Windows Update
13-04-2015 11:16:05 Windows Update
14-04-2015 11:14:06 Installed WS_FTP
14-04-2015 21:48:17 Windows Update
15-04-2015 07:50:45 Windows Update
18-04-2015 09:13:50 Windows Update
20-04-2015 13:46:58 Windows Modules Installer
20-04-2015 13:47:56 Windows Modules Installer
23-04-2015 08:16:12 Windows Update
23-04-2015 17:47:08 Removed Skype™ 7.4
24-04-2015 17:19:55 Installed AVG 2015
24-04-2015 17:20:12 Installed AVG 2015
24-04-2015 21:44:23 Removed AVG 2015
24-04-2015 21:45:51 Removed AVG 2015
26-04-2015 08:07:41 Windows Update
28-04-2015 09:28:49 Installed psqlODBC
28-04-2015 09:29:20 Installed PostgreSQL 8.3
28-04-2015 11:30:37 Removed PostgreSQL 8.3
28-04-2015 11:30:58 Removed PostgreSQL 8.3
28-04-2015 11:35:04 Removed psqlODBC
28-04-2015 11:50:35 Installed psqlODBC
28-04-2015 11:51:02 Installed PostgreSQL 8.3
29-04-2015 17:17:28 Removed WS_FTP
29-04-2015 18:04:53 Removed PostgreSQL 8.3
29-04-2015 18:07:47 Removed psqlODBC
29-04-2015 18:11:34 Revo Uninstaller's restore point - Update Service YourFileDownloader
30-04-2015 07:31:26 Removed Skype™ 4.2
30-04-2015 09:38:12 Removed Visual Studio 2012 x86 Redistributables
30-04-2015 09:38:26 Removed Visual Studio 2012 x64 Redistributables
30-04-2015 14:34:49 Checkpoint by HitmanPro
30-04-2015 15:06:52 Installed WS_FTP
30-04-2015 15:09:59 Revo Uninstaller's restore point - Ipswitch WS_FTP 12
30-04-2015 15:10:40 Removed WS_FTP
30-04-2015 20:25:10 Restore Operation
30-04-2015 21:32:25 Windows Update
01-05-2015 07:18:09 Windows Update
01-05-2015 09:43:18 Pre Housecall
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-09-30 15:43 - 2015-01-20 09:06 - 00001797 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
127.0.0.1                               125.252.224.91
127.0.0.1                               hl2rcv.adobe.com
127.0.0.1 www.celeris.com 
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00526196-06BC-41AA-8EDD-FA8427C3D126} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {044E6182-34F8-44B3-90D7-68F609F5564E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {04DD0151-A66A-45DA-9822-97F2BB8BC1B2} - \{06A63907-406B-435D-ACE8-39AC21EB346D} No Task File <==== ATTENTION
Task: {07C91F09-4BF1-429E-91CA-332D5C16BB20} - System32\Tasks\{FF48B526-56A6-4327-8F1E-F216EB7D21D1} => pcalua.exe -a "C:\Users\David\Downloads\µTorrent\Microsoft Office 2010 - No Key Needed [FULL]\setup.exe" -d "C:\Users\David\Downloads\µTorrent\Microsoft Office 2010 - No Key Needed [FULL]"
Task: {083C6B88-2D95-4048-9F60-631A2ED3F93F} - \{933BBA8A-0971-4E1A-A71C-92B19462283C} No Task File <==== ATTENTION
Task: {0E228524-946A-4083-ADA1-C2586E3F397A} - System32\Tasks\{F06BB283-7E84-4733-BD9F-9762B79AD883} => pcalua.exe -a "C:\Program Files (x86)\SarbyxTrayClock\unins000.exe" -d "C:\Program Files (x86)\SarbyxTrayClock"
Task: {11215680-BBD3-4952-AFFD-C539F5C5B8F1} - System32\Tasks\{51F24487-C6A1-49EB-A845-CF74741EFB6C} => pcalua.exe -a C:\Users\David\Downloads\ymsgr900_2162_us.exe -d C:\Users\David\Downloads
Task: {14FA7E96-09C8-4AF2-A4AD-DB1988CDBC3A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {1997F2BB-D829-465F-81C8-22128ADA79D1} - \{068D92D9-569F-451A-BAA6-F60C69C68BA0} No Task File <==== ATTENTION
Task: {1B3E7C3A-7CFA-4E93-A1FD-D3767517FBF5} - System32\Tasks\{D8DFE8E4-5FBB-433D-9501-36D5083A8B09} => pcalua.exe -a "C:\Users\David\Downloads\µTorrent\Virtual Pool 4.1.2.4\Virtual Pool 4.1.2.4\Virtual_Pool_4.4.1.2.4.exe" -d "C:\Users\David\Downloads\µTorrent\Virtual Pool 4.1.2.4\Virtual Pool 4.1.2.4"
Task: {1BE1FFFB-789F-453F-AB0C-66C0ACB42363} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1D4E2332-0A4C-4540-B6FB-4AC0B5D64344} - \{FBC76180-39F8-4CAA-A795-B005661070B2} No Task File <==== ATTENTION
Task: {1FF2902A-4B69-4AF8-BF24-E120BD7DCF89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-21] (Microsoft)
Task: {25C41713-0EB5-4C38-9BD3-772D46A18A57} - \{EA701D39-5D40-4671-922A-3F4A7FA2E824} No Task File <==== ATTENTION
Task: {27D2733C-0ED1-4F28-BD0A-A3596D062E54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {29814B97-D47A-4F91-B324-1A2DE602B196} - \{0F0373E3-57BB-459E-BB23-329C445D2C69} No Task File <==== ATTENTION
Task: {31C87186-2CD5-42F7-A398-DEBE527424C8} - \{F550838C-1057-4556-A86A-1A40DEABF409} No Task File <==== ATTENTION
Task: {3374512C-7C63-41E0-8F67-C0703A0DBA21} - System32\Tasks\{1FCE3520-3AAC-45C3-ADA9-50F10A1B5CEB} => pcalua.exe -a "C:\Windows\Registry Drill\uninstall.exe" -c "/U:C:\Program Files (x86)\Easy Desk Utilities\Registry Drill\irunin.xml"
Task: {33EEBD0A-2C59-4DE3-ADF3-FA46B95DE063} - \{90088514-8A04-466F-9380-99A2E0B31142} No Task File <==== ATTENTION
Task: {38E9C52E-4CFB-4E87-B447-DA1471F86617} - \{98B27F10-3D7E-401D-9C5B-430730BB3DDC} No Task File <==== ATTENTION
Task: {3C355016-64B9-4A81-AB1B-B87CB5C3BF7C} - \{944981C6-5284-41D7-8CD6-FA3E431B1BE8} No Task File <==== ATTENTION
Task: {40973872-AB12-49DD-956A-58EC071007D4} - System32\Tasks\{A407AB7A-9181-4EB8-AF69-9F21A9DBF712} => pcalua.exe -a C:\Users\David\Downloads\dotnetfx35.exe -d C:\Users\David\Downloads
Task: {441CE1C2-29E3-4860-B3E9-B80D4A88668D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\File validation => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-04-21] (Microsoft)
Task: {4CF3BF7B-32AB-4900-AB6A-C7A5F22DD3DE} - \{784EACE6-3035-42CF-88A7-F3A3580E210C} No Task File <==== ATTENTION
Task: {56973781-EA36-4F7A-8FEF-D03D37EB2520} - System32\Tasks\Anti Virus Installer Uninstaller => C:\Program Files (x86)\Anti Virus Installer\Anti VirusInstaller.exe [2015-04-08] (Secure Updater)
Task: {5A3BE3FA-8C6D-4F8C-AA72-359C9A46F402} - System32\Tasks\{F36665D0-D261-4F15-A05B-E424FB477930} => pcalua.exe -a "C:\Users\David\Local Settings\Application Data\Bundled software uninstaller\biSetup37198.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {5BBC6DBB-9FBD-43F0-A6DB-C183F41908D4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5E27EF44-BF40-4F38-BBED-B591F62FC391} - System32\Tasks\{2BF7459B-D73E-467B-9B10-E55896AA9863} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {5F29F95E-E920-48E3-998C-60BF6C16683F} - \{AAB044EA-1F38-4E1C-B457-84F20BD69065} No Task File <==== ATTENTION
Task: {618732A2-AB6D-4E30-BE73-76DF132B42EB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {63E7A93A-9EE1-4500-9F4F-ADF60386CD60} - System32\Tasks\{4F88C5A5-218E-4DE0-A736-ABF97ED3A829} => pcalua.exe -a C:\Users\David\Downloads\ymsgr900_1912_us.exe -d C:\Users\David\Downloads
Task: {67B524C6-1F6F-47E1-9E9D-9E91127E4F8D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3085527945-139366052-3681144780-1000
Task: {6B701271-065D-42B0-9981-64FE989D91D2} - System32\Tasks\{A3AFD38E-BA3D-4813-AB1D-04F8E4E4EAE1} => pcalua.exe -a C:\Users\David\Downloads\setup.exe -d C:\Users\David\Downloads
Task: {6E0DE7DD-05B0-48FE-913D-7C58A0824867} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {70425A1B-E879-4771-BFE9-6B5912FC7F4E} - System32\Tasks\{4C0E343D-BEC2-4977-8AFE-B601B0DB61B3} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {72EBC9E1-AD76-4997-91AB-76BB98ADB3AA} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {75B1C860-4B0E-462D-AB2A-4CB1A29FE0FD} - \SidebarExecute No Task File <==== ATTENTION
Task: {79FFA273-400E-41C3-8FD6-3118D9378FEC} - System32\Tasks\{FAAC5B65-4425-43A4-B3E4-2990CEB52316} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {7A3302CD-0E97-412D-8878-DDDAAB549B2B} - System32\Tasks\{8F8E29C4-01B4-420C-927B-2F927480E1E2} => pcalua.exe -a "C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard\Engine\7.0.0.18\Gear\GEARDIFx.exe" -d "C:\Program Files (x86)\Norton Ghost" -c INSTALL "NBRTWizard" "{A4274214-B468-482e-B2AC-24FCD2365C4B}"
Task: {7A60BDC9-48E5-4941-85DD-CF51B9CD6B75} - System32\Tasks\Grand Panda Updater => C:\Program Files (x86)\PrivateVPN\gpup.exe <==== ATTENTION
Task: {7C95E5D5-3769-45D7-BE6C-EB8FA85E1A36} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {7D088582-B4EF-4D7D-8984-2D3E28DD7B73} - \{51D40F7C-A9E5-49A2-B658-213116ACE6D2} No Task File <==== ATTENTION
Task: {84CCDC93-6745-4656-9AD6-50E582165F11} - \{835A3CB0-5F0A-41A1-90C7-3905DB2C7F44} No Task File <==== ATTENTION
Task: {86456E3E-B9BE-496D-A2BA-D974E8516A94} - System32\Tasks\{805E81EF-41EA-49E2-A851-4E818641D8B8} => pcalua.exe -a C:\Users\David\Downloads\winsdk_web.exe -d C:\Users\David\Downloads
Task: {8BE33FB2-A2F9-4C48-81DA-7CE5EE4EBC54} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {8C154798-B853-4E9B-BEC4-EEB34DB5DDC1} - System32\Tasks\{495182BE-EBEF-49A8-9275-4E008D84E929} => pcalua.exe -a "C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe" -d "C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag"
Task: {93643070-C63F-4B74-9162-F11FB6723CC7} - System32\Tasks\{67DBAF5A-0662-4A1F-BF30-990984231DF1} => pcalua.exe -a C:\Users\David\Backups\HitmanPro\HitmanPro.exe -d C:\Users\David\Backups\HitmanPro
Task: {98E1FAE4-C849-4EFE-8968-B71C93ED79D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9B58C2C6-5032-425F-B949-98F6D08317F0} - \{796C265D-E02C-4215-AC4E-F948143941BC} No Task File <==== ATTENTION
Task: {9B8B578D-11B1-479C-B188-644E648B526C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {9DB6B14D-DFBE-4050-90AB-26DF2293BFB3} - System32\Tasks\Alfasistem Memory Uninstaller => C:\Program Files (x86)\Alfasistem Memory\ tmjob.exe [2015-04-29] (SecureSoft)
Task: {B1D2EF0D-34E9-4A75-92F7-E6F42BCA4BCF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {B3F20913-0649-4169-B755-B5F1A52AE295} - System32\Tasks\{890BEE91-FCB8-4FE6-BB4D-0AAD8D3BECA0} => pcalua.exe -a C:\Users\David\Downloads\wlsetup-web.exe -d C:\Users\David\Downloads
Task: {B79F76CF-C347-40B0-A62A-56B041F3810F} - System32\Tasks\{576EEAD7-8857-4E0C-A4BF-3B721FAF7230} => pcalua.exe -a "C:\Users\David\Downloads\ymsgr900_2162_us (1).exe" -d C:\Users\David\Downloads
Task: {B88E832F-9C79-4286-B5DC-F7E68541073F} - System32\Tasks\{1E79B445-B044-45E4-80B4-E4C99ED987D4} => pcalua.exe -a C:\Users\David\AppData\Roaming\oursurfing\UninstallManager.exe -c  -ptid=exp
Task: {BA5B1014-2E14-4300-A531-030C4A70C6A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BEB2C3A8-E6A0-4F3A-93BC-63AFB3655BD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {C4A4261F-EEE4-43B6-9563-295763F63888} - \{84B993B4-12FA-4A59-AAA4-85D2E36F7370} No Task File <==== ATTENTION
Task: {C4F23D97-94DD-4066-BEE1-C570F50DE7B0} - System32\Tasks\Windows Defrag => C:\Users\David\AppData\Local\Updater\winupd.exe
Task: {C8FFBB24-90F0-4156-8C30-F0C6D815FF81} - System32\Tasks\{58A995F9-E330-41DE-989F-F652BFFBE9E9} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {CEAE30D7-38CE-4441-8883-A52E63E65906} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D3AAC07E-C77D-48A9-84DC-67A2427F90A6} - System32\Tasks\{B76A7A90-847E-4BC7-919F-7C65F2FDA17D} => pcalua.exe -a "C:\Users\David\Backups\Partition Magic\PartitionMagic_8.2\Partition Magic.exe" -d "C:\Users\David\Backups\Partition Magic\PartitionMagic_8.2"
Task: {D4685C50-4374-4601-8D77-16A7D068E84E} - System32\Tasks\{8CC51390-2E88-418E-B1AA-22461C09086A} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {E853FAD9-C449-4E1E-8602-C45A8F0B82AD} - \{4EFD2083-5A6A-4D09-95BA-3373750CF167} No Task File <==== ATTENTION
Task: {F0D37E9E-550B-4BE7-80F6-25630AC4C42C} - System32\Tasks\{460BE432-4E7D-46D8-8ACD-B061AFB6A561} => pcalua.exe -a C:\Users\David\Downloads\stock\setup.exe -d C:\Users\David\Downloads\stock
Task: {F41ABE9E-2449-4224-B503-6221387BD988} - \{AF643558-22CA-4D6D-8597-B47EE816ABAF} No Task File <==== ATTENTION
Task: {F4FCA02A-7252-467C-BA7F-1AA3A75410C6} - \{48759E32-5D38-4D56-877B-8E650B0AB795} No Task File <==== ATTENTION
Task: {FB4CD12A-A668-4669-9AEF-2EDA84A07D8B} - System32\Tasks\AdobeAAMUpdater-1.0-DavidsDesktop-David => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {FD6271B2-09EC-45AB-A3A7-A860BA8E0D62} - System32\Tasks\{75CBAD3F-18FD-41DA-9E62-1923597226C3} => pcalua.exe -a C:\Users\David\Downloads\dotnetfx.exe -d C:\Users\David\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-19 21:06 - 2015-02-05 12:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-14 17:27 - 2013-04-24 19:20 - 02007040 _____ () C:\Program Files\Free Desktop Clock\timeserv.exe
2015-04-28 20:09 - 2015-04-28 20:09 - 02466304 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-04-28 20:09 - 2015-04-28 20:09 - 02109440 _____ () C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll
2015-04-14 17:27 - 2013-06-07 20:20 - 01875968 _____ () C:\Program Files\Free Desktop Clock\Clock.dll
2015-04-14 17:27 - 2013-06-27 23:07 - 04652544 _____ () C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe
2013-07-06 08:00 - 2013-10-11 04:41 - 01303552 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2014-10-19 22:22 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-10-19 22:22 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libglesv2.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libegl.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\pdf.dll
2015-02-22 15:09 - 2015-02-22 15:09 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2011-04-19 11:28 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:073341D1
AlternateDataStreams: C:\Users\David\Cookies:RrlK0TyuxrABpC2j26MKYAiIs
AlternateDataStreams: C:\Users\David\AppData\Local\i1VqavrmfKyW:knIOkA0olWtH5HWb77m0XJD
AlternateDataStreams: C:\Users\David\AppData\Local\Temp:HJTQcNQKV3RM0urbcxVsr
AlternateDataStreams: C:\Users\David\AppData\Local\VCHl52fb:ULd3YMjwcNBbi5Ga8NHwCQbfJr
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 5232 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^3RVX.lnk => C:\Windows\pss\3RVX.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Chrome.lnk => C:\Windows\pss\Google Chrome.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^volume.ahk => C:\Windows\pss\volume.ahk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ares.exe - Shortcut.lnk => C:\Windows\pss\Ares.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk => C:\Windows\pss\crossbrowse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Download SONY Sound Forge Pro 11.0 Build 299 Torrent - KickassTorrents.lnk => C:\Windows\pss\Download SONY Sound Forge Pro 11.0 Build 299 Torrent - KickassTorrents.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^firefox - Shortcut.lnk => C:\Windows\pss\firefox - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamViewer.exe - Shortcut.lnk => C:\Windows\pss\TeamViewer.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ThePirateBay.TO, mp3, avi, bittorrent, torrent, torrents, movies, music, games,.lnk => C:\Windows\pss\ThePirateBay.TO, mp3, avi, bittorrent, torrent, torrents, movies, music, games,.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Ad-Aware Antivirus => 
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\David\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BingSvc => C:\Users\David\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: BVRPLiveUpdate => "C:\Program Files (x86)\Avanquest update\Engine\RunLU.exe" -s /PATCH,/SRCUPDATEC:\PROGRA~3\SONYER~1\SONYER~2\LIVEUP~1\LISTOF~1.DAT,
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DriverScanner => 
MSCONFIG\startupreg: EEventManager => C:\PROGRA~2\EPSONS~1\EVENTM~1\EEVENT~1.EXE
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => 
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Icqgsoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\David\AppData\Local\Ifdksoft\MetaNotifier32.dll
MSCONFIG\startupreg: Ifdksoft => C:\Users\David\AppData\Local\Ifdksoft\tmp2D4F.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Iminent => 
MSCONFIG\startupreg: IminentMessenger => 
MSCONFIG\startupreg: Imvpsoft => regsvr32.exe C:\Users\David\AppData\Local\Imvpsoft\BassMainAgent.dll
MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
MSCONFIG\startupreg: ISW => C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: lollipop => 
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: mobilegeni daemon => 
MSCONFIG\startupreg: msnmsgr => 
MSCONFIG\startupreg: Norton Ghost 15.0 => "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: PDF Complete => 
MSCONFIG\startupreg: PSafeAV => 
MSCONFIG\startupreg: PSafeTray => 
MSCONFIG\startupreg: PSafeWDS => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SarbyxTrayClock => 
MSCONFIG\startupreg: SBRegRebootCleaner => 
MSCONFIG\startupreg: Search Protection => "C:\Users\David\AppData\Roaming\Search Protection\SP.EXE" /autostart
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SkinClock => 
MSCONFIG\startupreg: Skype => 
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: SpeedTray => C:\Users\David\AppData\Roaming\SpeedTray\speedtray.exe
MSCONFIG\startupreg: SpeedUpMyPC => 
MSCONFIG\startupreg: Spotify => "C:\Users\David\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TasksWatch => "C:\Users\David\AppData\Local\Temp\TasksWatch.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: uTorrent => "C:\Users\David\Downloads\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VideoUsage => "C:\Program Files (x86)\DoubleOptMedia\VideoUsage.exe"
MSCONFIG\startupreg: WinCheck => C:\Users\David\AppData\Local\00000012-1430125422-8015-BF5A-888888888788\bnsiCBF9.exe
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{07B21A5E-FAFA-4F67-A5B9-408E6BCA2331}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C760FB51-26C2-4AD6-9FE7-6BDEA94275E7}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4AD560D-BA2A-4836-98BB-DCDD8F8A2BB7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{45358139-5AE8-41BA-BDFD-38AD7871DE87}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{16E2C9F1-8C23-4399-A0DF-63F915B575D6}] => (Allow) LPort=49194
FirewallRules: [TCP Query User{152D3D3B-B435-456B-976C-6AD95E7DF033}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{BF16B5FB-6BE7-46B8-9711-5E6BE212AA31}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{08D57846-5C4C-4EC6-BD8C-57F6EFA20F05}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{D8268983-16A3-4A32-86EE-8BF5B6BD1210}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [UDP Query User{4C7DA643-52C6-4B06-AD11-E78136041B4A}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [{7D0670D1-DF21-4DAD-8DE4-21322C990864}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{5CE654D1-D6CD-45BF-9B38-2F0CB5F40B61}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{47262A21-C5DD-46F5-A48A-FE74ABF2973D}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{A9078591-8FD3-4A3E-8F84-F5A022E0CFD0}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{01E6317D-9A93-4D66-9013-5861C12FA1BC}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{1532E59D-990E-4167-A8D8-B3143CE97250}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1CA89A19-84BB-41E8-9C9C-6EB97AC2C601}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDB0289D-3936-47C8-9FDD-88885613083D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D4067AD5-9DE3-41E8-94C9-F408B0E7CBAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1A2471F9-BCBD-42FA-9141-12BC2D2EDB69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9C1D8383-BADC-4538-A1E7-9D02C0199B29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61C6BFC4-6897-4772-80FB-AF175301B475}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C60F8C93-932B-41D2-B539-F8F2AC3E2627}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DEF96A4A-51FA-4E14-AC85-88A725286142}] => (Allow) C:\Users\David\AppData\Local\Temp\utt6A43.tmp.exe
FirewallRules: [{1B2AC955-CA6E-4F14-A1A7-063F494D08D4}] => (Allow) C:\Users\David\AppData\Local\Temp\utt6A43.tmp.exe
FirewallRules: [{5E5F64E0-6989-4C64-A0CD-0C92603AC8D2}] => (Allow) C:\Program Files (x86)\Virtual Pool 3\vp3.exe
FirewallRules: [{E822C01F-648D-4579-B427-7F1C8D6777DE}] => (Allow) C:\Program Files (x86)\Virtual Pool 3\vp3.exe
FirewallRules: [TCP Query User{78CB2699-61BD-4192-87F3-DFC182A972A6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{76704175-E022-474A-94EE-F5B84092AF7E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{51F1C06C-B72B-4512-90CB-DEF0F2B719C8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{C4CBF2EB-918B-4E65-964D-E8E585B46206}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{C72A8621-A183-4191-9F09-5A55F7B94DED}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{BBE37BB2-7F13-4CA8-ACAA-38018DD76417}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{6E440633-881B-40B4-B4CD-9F6AADCDB563}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5E49F338-674F-4209-AF88-49FF59BF378F}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{FFAFDCB4-C7BB-4E1E-B5CD-56F188ED382A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{796B9676-A388-4B98-B06A-DCEE23EEF89A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{8635ED3F-B4F8-4F4E-92EA-6308B68258C2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{7DF40EB0-73E5-4650-987F-B31AFEC4006E}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [{1CD6FC34-E403-4F53-9424-74486FFA7F73}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{6C93253A-7B98-496E-894C-37EAF4AE7E1A}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A12FBD68-BBDD-41A2-A99B-60A1A08082EE}] => (Allow) LPort=1045
FirewallRules: [{4F0FF8D0-A7A2-4095-B593-A8C2C6CEDCC0}] => (Allow) LPort=5000
FirewallRules: [{7CB163B0-E284-499B-A79C-1A40D27CC22C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C46B6CB6-94D8-467A-B345-8A862EA0AC2B}] => (Allow) svchost.exe
FirewallRules: [{19463956-D194-4D78-A29F-5A05BBC72615}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\livecall.exe
FirewallRules: [{DCC3136F-AA5C-49FA-8B4B-9BF4E6CECCD3}] => (Allow) C:\Program Files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\officestp.exe
FirewallRules: [{32452F92-5047-4326-8911-438A01FFF3F1}] => (Allow) C:\Program Files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\officestp.exe
FirewallRules: [{09565D35-BDBA-4A06-831B-AABA0A69C3CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{6F8E929A-E3B0-43FA-BDF6-1ACA259D4636}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{3BF6AAB0-84F7-4BED-A815-693CABFE7212}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{82E337C8-891E-42A0-8D4A-1FA5CFB7A9B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{E626B0EE-E05C-44C2-9B85-5698A702E96E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{A1500943-CA90-46B1-B2D1-DF66C76D2A17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{52E8B821-AEE3-4453-A3FB-21FB9C500738}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E9CD2477-F432-43C9-8526-FE1DDE55DBB4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{C86A9E6D-92D3-44F3-87E3-39D8B9E7FC7B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{2519892A-AF80-46D4-B44F-D7E4E856E5C3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{943EFB3C-5A52-43BF-80EA-8ACFEDB6B2E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6C11DE40-0FEB-46FC-95E2-A9D35DD5B28E}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{993C064D-57C1-42D6-99C0-4EBFC9191E42}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{84B2949E-1832-447A-84E2-10E92CEF6308}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{D86120F2-14A5-40BE-9786-2C3E66A8BFBA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{87967369-B92E-4159-B508-B8F188F4AA76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{88C9A603-11FF-44E0-92D5-2E2172BD0E2A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{001ECCEE-29D4-46A3-AE06-78488CF17717}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{54711368-EB48-4865-88A1-3F835A4B6FD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{640F00AD-1D81-45D2-9EBB-1C146AA9A81F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A5BBD902-D0BE-4056-B74C-5D7A17307B62}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{4975C0CE-FFD0-4FAF-9C8C-EDA544DE816B}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{B62BCBB0-9F15-497C-A144-40578AF78210}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{9D138210-4901-42F5-886B-D6AB9C021D44}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{DE6F480F-CC88-46BE-8CD4-13CDB4DBB483}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{AFED154C-52BE-44DE-9A3C-B7A6FDC0AA80}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{774EC35C-2D95-43BD-A2BD-203ADA9B4512}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{43430412-C832-41D8-A8B5-D143E8C01B69}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A1A5E099-B7C9-463C-95F8-71A76D185268}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{D9D6DD35-3AE6-4D2B-ABC9-0B2912C586DA}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/02/2015 07:14:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/01/2015 01:52:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/01/2015 08:48:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b864
Exception code: 0xc0000374
Fault offset: 0x00000000000bf922
Faulting process id: 0x1204
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/01/2015 07:21:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/01/2015 07:10:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/30/2015 10:11:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/02/2015 07:15:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/01/2015 01:53:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/01/2015 07:23:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/01/2015 07:22:43 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Failed to start language pack setup wizard. Please restart the system and try running the wizard again.
 
Error: (05/01/2015 07:22:43 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
Description: CBS Client initialization failed. Last error: 0x80080005
 
Error: (05/01/2015 07:22:43 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (05/01/2015 07:22:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error: 
%%16405
 
Error: (05/01/2015 07:11:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (04/30/2015 10:12:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (04/30/2015 09:53:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (05/02/2015 07:14:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/01/2015 01:52:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/01/2015 08:48:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.187985507b864c000037400000000000bf922120401d0841a61c826baC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll75db8748-f019-11e4-8ffb-e069955bb6d0
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKEngine.dll
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKCmdFS.dll
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKCmdDefrag.dll
 
Error: (05/01/2015 08:02:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"c:\program files (x86)\Adobe\adobe onlocation cs5.1\Setup\resources\libraries\ARKCmdCaps.dll
 
Error: (05/01/2015 07:21:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/01/2015 07:10:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/30/2015 10:11:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-04-24 22:09:19.348
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 22:00:34.557
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 21:22:28.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 20:59:03.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 20:01:28.454
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 19:40:43.494
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 19:32:09.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 19:22:09.977
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 19:04:01.329
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-24 18:54:04.856
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU X 990 @ 3.47GHz
Percentage of memory in use: 14%
Total physical RAM: 24567.06 MB
Available physical RAM: 20975.43 MB
Total Pagefile: 74565.25 MB
Available Pagefile: 70831.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:1849.67 GB) (Free:1240.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.25 GB) (Free:13.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF1B7EF2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1849.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:08 AM

Posted 03 May 2015 - 02:14 PM

Step 1

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 daivddd

daivddd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 03 May 2015 - 05:47 PM

Hi deeprybka, I just want to see if I have a problem or if I need to be more patient.  A coupld of times I ran Combofix, but it seems that it hangs.  I get to the blue screen that lists Stage 1, Stage 2, Stage 3, and Stage 4 but then nothing else.  I read it typically takes 10 mins but easily could take twice that.  Howevere, I've let in run for hours.  Shall I try for longer or get other plans?



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:08 AM

Posted 04 May 2015 - 05:43 AM

Please re-run FRST for new logs.

 

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

Edited by deeprybka, 04 May 2015 - 05:43 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 daivddd

daivddd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 04 May 2015 - 08:43 AM

Sorry I hope I didn't confuse things.  I started Combofix again and let it run overnight.  It completed this time.

 

 

ComboFix 15-04-28.01 - David 05/03/2015  22:15:41.4.12 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.24567.21301 [GMT -7:00]
Running from: c:\users\David\Desktop\ComboFix.exe
AV: ZoneAlarm Antivirus *Disabled/Updated* {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
FW: ZoneAlarm Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\David\AppData\Roaming\6137.tmp
c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3RVX.lnk
c:\users\David\Documents\~WRL0003.tmp
c:\users\David\Documents\~WRL0004.tmp
c:\users\David\Documents\~WRL2468.tmp
c:\users\Public\sdelevURL.tmp
c:\windows\SysWow64\c
c:\windows\SysWow64\C\Yahoo!\Messenger\logs\voice_David_0.log
c:\windows\SysWow64\PostgreSQL.log
c:\windows\SysWow64\SET654E.tmp
c:\windows\SysWow64\SET702E.tmp
c:\windows\SysWow64\X86
.
.
(((((((((((((((((((((((((   Files Created from 2015-04-04 to 2015-05-04  )))))))))))))))))))))))))))))))
.
.
2015-05-04 05:22 . 2015-05-04 05:22 -------- d-----w- c:\users\Visitor\AppData\Local\temp
2015-05-04 05:22 . 2015-05-04 05:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-04 05:14 . 2015-05-04 05:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDFF5AC7-19B9-4C41-8118-AA0D02C45C8E}\offreg.dll
2015-05-02 14:37 . 2015-05-02 14:39 -------- d-----w- C:\FRST
2015-05-01 14:18 . 2015-04-20 07:58 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDFF5AC7-19B9-4C41-8118-AA0D02C45C8E}\mpengine.dll
2015-05-01 14:17 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-01 14:17 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-01 14:17 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-01 14:17 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-01 14:17 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-01 14:17 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-01 14:17 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-05-01 14:17 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-01 14:17 . 2015-02-18 07:04 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-01 05:15 . 2014-06-11 17:09 7717984 ----a-w- c:\windows\system32\drivers\kl1.sys
2015-05-01 05:15 . 2014-06-11 17:09 92768 ----a-w- c:\windows\system32\drivers\klflt.sys
2015-05-01 05:15 . 2014-06-11 17:09 490592 ----a-w- c:\windows\system32\drivers\klif.sys
2015-05-01 05:11 . 2015-05-03 07:36 -------- d-----w- c:\program files (x86)\CheckPoint
2015-04-30 22:07 . 2015-05-01 04:18 -------- d-----w- c:\programdata\Ipswitch
2015-04-30 22:07 . 2015-05-01 04:18 -------- d-----w- c:\program files\Ipswitch
2015-04-30 22:07 . 2015-05-01 04:18 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2015-04-30 22:07 . 2015-05-01 04:18 -------- d-----w- c:\program files (x86)\Ipswitch
2015-04-30 21:43 . 2013-09-28 02:56 285208 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2015-04-30 02:21 . 2015-05-03 07:36 -------- d-----w- c:\program files (x86)\Alfasistem Memory
2015-04-29 03:10 . 2015-05-03 07:22 -------- d-----w- c:\users\David\AppData\Local\Imvpsoft
2015-04-29 03:09 . 2015-05-03 07:22 -------- d-----w- c:\users\David\AppData\Local\Ifdksoft
2015-04-29 03:09 . 2015-04-29 03:09 2109440 ----a-w- c:\programdata\Microsoft\Performance\Monitor\SecurityHelper.dll
2015-04-28 16:30 . 2015-02-10 15:47 499712 ----a-w- c:\windows\msvcp71.dll
2015-04-28 16:30 . 2015-02-10 15:47 348160 ----a-w- c:\windows\msvcr71.dll
2015-04-28 16:30 . 2015-02-10 15:47 1706800 ----a-w- c:\windows\gdiplus.dll
2015-04-28 16:30 . 2015-02-10 15:47 1060864 ----a-w- c:\windows\MFC71.dll
2015-04-28 16:30 . 2015-05-03 07:36 -------- d-----w- c:\users\IPS_daivddd
2015-04-28 16:29 . 2015-04-30 01:07 -------- d-----w- c:\program files (x86)\PostgreSQL
2015-04-27 18:55 . 2015-04-27 18:55 -------- d-----w- c:\windows\system32\drivers\NBRTWizardx64
2015-04-27 18:55 . 2015-04-27 18:55 -------- d-----w- c:\program files (x86)\Norton Bootable Recovery Tool Wizard
2015-04-27 18:55 . 2015-04-27 18:55 -------- d-----w- c:\program files (x86)\NortonInstaller
2015-04-27 16:14 . 2015-04-27 16:14 -------- d-----w- c:\program files (x86)\4066e076-67da-4a36-9b31-9ca5a84f9258
2015-04-26 15:06 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-26 15:06 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-26 15:06 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-26 15:06 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-26 15:06 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-26 15:06 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-26 15:06 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-25 01:36 . 2015-04-25 01:36 -------- d-----w- c:\users\David\AppData\Local\Apple Computer
2015-04-23 19:56 . 2015-04-23 19:56 -------- d-----w- c:\users\David\AppData\Local\Skype
2015-04-23 15:24 . 2015-04-23 15:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-04-19 03:15 . 2015-04-19 03:15 -------- d-----w- c:\users\David\AppData\Local\Apple
2015-04-16 00:06 . 2015-05-02 14:23 -------- d-----w- c:\users\David\AppData\Local\Adobe
2015-04-15 00:27 . 2015-05-03 07:36 -------- d-----w- c:\users\David\AppData\Roaming\Free Desktop Clock 3
2015-04-15 00:27 . 2015-04-15 00:27 -------- d-----w- c:\program files\Free Desktop Clock
2015-04-14 20:29 . 2015-04-14 20:29 18178736 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-14 19:28 . 2015-03-10 03:25 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-14 19:28 . 2015-03-10 03:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-04-14 19:28 . 2015-03-10 03:08 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-04-14 19:28 . 2015-03-10 03:05 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-04-14 19:28 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-14 19:28 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-14 19:28 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-14 19:27 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-14 18:15 . 2015-05-01 15:46 -------- d-----w- c:\users\David\AppData\Roaming\Ipswitch
2015-04-08 19:02 . 2015-04-08 19:02 -------- d-----w- c:\program files (x86)\Anti Virus Installer
2015-04-07 02:39 . 2015-05-03 07:36 -------- d-s---w- c:\windows\system32\GWX
2015-04-07 02:39 . 2015-04-07 02:39 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-04 16:33 . 2015-04-04 16:33 -------- d-sh--w- c:\users\David\AppData\Local\EmieBrowserModeList
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-27 18:17 . 2015-03-09 16:22 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-24 19:00 . 2015-03-04 20:00 73728 ----a-w- c:\windows\SysWow64\tasks.dll
2015-04-23 15:23 . 2012-10-01 17:43 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-15 04:48 . 2015-02-21 19:59 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-14 20:29 . 2012-09-29 17:59 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 20:29 . 2012-09-29 17:59 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-28 03:13 . 2015-03-28 03:13 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-03-28 03:13 . 2015-03-28 03:13 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-03-28 03:13 . 2015-03-28 03:13 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-03-28 03:13 . 2015-03-28 03:13 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-03-28 03:13 . 2015-03-28 03:13 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-03-28 03:13 . 2015-03-28 03:13 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-03-28 03:13 . 2015-03-28 03:13 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-03-28 03:13 . 2015-03-28 03:13 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-03-28 03:13 . 2015-03-28 03:13 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-03-28 03:13 . 2015-03-28 03:13 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-03-28 03:13 . 2015-03-28 03:13 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-03-28 03:13 . 2015-03-28 03:13 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-03-28 03:13 . 2015-03-28 03:13 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-03-28 03:13 . 2015-03-28 03:13 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-03-28 03:13 . 2015-03-28 03:13 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-03-28 03:13 . 2015-03-28 03:13 247808 ----a-w- c:\windows\system32\msls31.dll
2015-03-28 03:13 . 2015-03-28 03:13 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-03-28 03:13 . 2015-03-28 03:13 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-03-28 03:13 . 2015-03-28 03:13 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-03-28 03:13 . 2015-03-28 03:13 81408 ----a-w- c:\windows\system32\icardie.dll
2015-03-28 03:13 . 2015-03-28 03:13 774144 ----a-w- c:\windows\system32\jscript.dll
2015-03-28 03:13 . 2015-03-28 03:13 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-03-28 03:13 . 2015-03-28 03:13 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-03-28 03:13 . 2015-03-28 03:13 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-03-28 03:13 . 2015-03-28 03:13 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-03-28 03:13 . 2015-03-28 03:13 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-03-28 03:13 . 2015-03-28 03:13 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-03-28 03:13 . 2015-03-28 03:13 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-03-28 03:13 . 2015-03-28 03:13 243200 ----a-w- c:\windows\system32\webcheck.dll
2015-03-28 03:13 . 2015-03-28 03:13 235520 ----a-w- c:\windows\system32\url.dll
2015-03-28 03:13 . 2015-03-28 03:13 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-03-28 03:13 . 2015-03-28 03:13 147968 ----a-w- c:\windows\system32\occache.dll
2015-03-28 03:13 . 2015-03-28 03:13 143872 ----a-w- c:\windows\system32\wextract.exe
2015-03-28 03:13 . 2015-03-28 03:13 13824 ----a-w- c:\windows\system32\mshta.exe
2015-03-28 03:13 . 2015-03-28 03:13 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-03-28 03:13 . 2015-03-28 03:13 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-03-28 03:13 . 2015-03-28 03:13 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-03-28 03:13 . 2015-03-28 03:13 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-03-28 03:13 . 2015-03-28 03:13 101376 ----a-w- c:\windows\system32\inseng.dll
2015-03-17 04:56 . 2015-04-15 14:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-04 04:41 . 2015-05-01 14:17 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-01 14:17 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-05-01 14:17 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-01 14:17 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-01 14:17 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-02-26 05:26 . 2014-11-26 04:17 273310 ----a-w- C:\MGlogs.zip
2015-02-26 03:25 . 2015-03-16 00:18 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-25 23:08 . 2014-11-26 05:31 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-25 23:03 . 2014-11-26 17:29 1990720 ----a-w- C:\MGtools.exe
2015-02-24 11:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-21 20:11 . 2015-02-21 20:11 68608 ----a-w- c:\windows\system32\taskhost.exe
2015-02-20 04:41 . 2015-03-16 00:18 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-16 00:18 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-16 00:18 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-16 00:18 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-16 00:18 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-16 00:18 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-16 00:18 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-16 00:18 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 04:10 . 2015-02-20 04:10 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2015-02-20 03:29 . 2015-03-16 00:18 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-16 00:18 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 22:26 . 2015-02-17 22:26 1217184 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-16 00:19 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-05 21:01 . 2015-03-06 15:40 995248 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-02-05 21:01 . 2015-03-06 15:40 877816 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-02-05 21:01 . 2015-03-06 15:40 353224 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-02-05 21:01 . 2015-03-06 15:40 32106640 ----a-w- c:\windows\system32\nvoglv64.dll
2015-02-05 21:01 . 2015-03-06 15:40 305136 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-02-05 21:01 . 2015-03-06 15:40 24768144 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-02-05 21:01 . 2015-03-06 15:40 18575880 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-02-05 21:01 . 2015-03-06 15:40 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-02-05 21:01 . 2015-03-06 15:40 13294528 ----a-w- c:\windows\system32\nvopencl.dll
2015-02-05 21:01 . 2015-03-06 15:40 10773704 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-02-05 21:01 . 2015-03-06 15:40 969872 ----a-w- c:\windows\system32\NvIFR64.dll
2015-02-05 21:01 . 2015-03-06 15:40 943760 ----a-w- c:\windows\system32\NvFBC64.dll
2015-02-05 21:01 . 2015-03-06 15:40 929936 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-02-05 21:01 . 2015-03-06 15:40 908104 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-02-05 21:01 . 2015-03-06 15:40 3610768 ----a-w- c:\windows\system32\nvcuvid.dll
2015-02-05 21:01 . 2015-03-06 15:40 3247248 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-02-05 21:01 . 2015-03-06 15:40 2902784 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-02-05 21:01 . 2015-03-06 15:40 25460880 ----a-w- c:\windows\system32\nvcompiler.dll
2015-02-05 21:01 . 2015-03-06 15:40 20466496 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-02-05 21:01 . 2015-03-06 15:40 1895240 ----a-w- c:\windows\system32\nvdispco6434752.dll
2015-02-05 21:01 . 2015-03-06 15:40 177624 ----a-w- c:\windows\system32\nvinitx.dll
2015-02-05 21:01 . 2015-03-06 15:40 17253848 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-02-05 21:01 . 2015-03-06 15:40 164752 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-02-05 21:01 . 2015-03-06 15:40 1557648 ----a-w- c:\windows\system32\nvdispgenco6434752.dll
2015-02-05 21:01 . 2015-03-06 15:40 13208200 ----a-w- c:\windows\system32\nvcuda.dll
2015-02-05 21:01 . 2015-03-06 15:40 10713256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-02-05 21:01 . 2015-03-06 15:40 10284872 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-02-05 21:01 . 2014-12-25 07:21 16017040 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-02-05 21:01 . 2014-12-25 07:21 3299512 ----a-w- c:\windows\system32\nvapi64.dll
2015-02-05 21:01 . 2014-12-25 07:21 14119744 ----a-w- c:\windows\SysWow64\nvd3dum.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrayStatus"="c:\program files (x86)\TrayStatus\TrayStatus.exe" [2011-05-18 283032]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928]
"AtomicAlarmClock6"="c:\program files\Free Desktop Clock\FreeDesktopClock.exe" [2013-06-28 4652544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-08-13 137352]
.
c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
chrome.exe - Shortcut.lnk - c:\program files (x86)\Google\Chrome\Application\chrome.exe [2014-12-19 809288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
volume.ahk.lnk - c:\program files (x86)\volume.ahk [2013-8-6 638]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0bootdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 AtomicAlarmClock;Atomic Alarm Clock Time;c:\program files\Free Desktop Clock\timeserv.exe;c:\program files\Free Desktop Clock\timeserv.exe [x]
R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/04/19 11:33;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Ipswitch Scheduler;Ipswitch Scheduler;c:\program files (x86)\Ipswitch\WS_FTP Server\scheduler.exe;c:\program files (x86)\Ipswitch\WS_FTP Server\scheduler.exe [x]
R2 Ipswitch SSH Server;Ipswitch SSH Server;c:\program files (x86)\Ipswitch\WS_FTP Server\sshserver.exe;c:\program files (x86)\Ipswitch\WS_FTP Server\sshserver.exe [x]
R3 cpuz135;cpuz135;c:\program files (x86)\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\PC Wizard 2012\pcwiz_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\DRIVERS\RT2860.sys;c:\windows\SYSNATIVE\DRIVERS\RT2860.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe;c:\windows\SYSNATIVE\dllhost.exe [x]
R3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [x]
S2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service;c:\program files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [x]
S2 AdobeActiveFileMonitor13.0;Adobe Active File Monitor V13;c:\program files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe;c:\program files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [x]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys;c:\windows\SYSNATIVE\DRIVERS\GenericMount.sys [x]
S3 HCW723x;Hauppauge WinTV 723x PCIe Card;c:\windows\system32\DRIVERS\HCW723x.sys;c:\windows\SYSNATIVE\DRIVERS\HCW723x.sys [x]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_C6F09094
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 20:29]
.
2015-05-03 c:\windows\Tasks\HPCeeScheduleForDavid.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0PerformanceMonitor]
@="{3B5B973C-92A4-4855-9D3F-0F3D23332208}"
[HKEY_CLASSES_ROOT\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}]
2015-04-29 03:09 2466304 ----a-w- c:\programdata\Microsoft\Performance\Monitor\PerformanceMonitor.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
uDefault_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC&q={searchTerms}
mDefault_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC&q={searchTerms}
mDefault_Page_URL = hxxp://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
mStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1430277178&from=exp&uid=0CLA332XXXXXXXXXXXXXXXXXXXX_T1UC&q={searchTerms}
uInternet Settings,ProxyServer = 127.0.0.1:8118
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKLM-Run-ISW - (no file)
AddRemove-InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E} - c:\program files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe
AddRemove-InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} - c:\program files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe
AddRemove-InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} - c:\program files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe
AddRemove-InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0} - c:\program files (x86)\InstallShield Installation Information\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\setup.exe
AddRemove-InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} - c:\program files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe
AddRemove-InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095} - c:\program files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe
AddRemove-InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} - c:\program files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe
AddRemove-InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} - c:\program files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe
AddRemove-Microsoft Setup Bootstrapper 2010 - c:\program files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\Uninstall.exe
AddRemove-VB Runtimes Pack, release 7_is1 - c:\windows\system32\unins000.exe
AddRemove-{3023EBDA-BF1B-4831-B347-E5018555F26E} - c:\program files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe
AddRemove-{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} - c:\program files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe
AddRemove-{64B408B8-068B-4EE0-B16C-658A24E75B8B} - c:\program files (x86)\InstallShield Installation Information\{64B408B8-068B-4EE0-B16C-658A24E75B8B}\setup.exe
AddRemove-{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} - c:\program files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe
AddRemove-{89A43E80-AC6C-4DA8-9800-F4B30ED577C0} - c:\program files (x86)\InstallShield Installation Information\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\setup.exe
AddRemove-{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0} - c:\program files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}\setup.exe
AddRemove-{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} - c:\program files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2931368 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{D12E3E7F-1B13-4933-A915-16C7DD37A095} - c:\program files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe
AddRemove-{DCCAD079-F92C-44DA-B258-624FC6517A5A} - c:\program files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} - c:\program files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe
AddRemove-{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} - c:\program files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe
AddRemove-Akamai - c:\users\David\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Learning Essentials\1.0]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\ahead\Nero Home\MediaBrowser\Burning]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Microsoft\AudioCompressionManager\DriverCache]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:ac,98,1e,2f,ac,ca,12,3d,88,10,d0,d2,7f,6e,c1,e4,bf,f1,a1,19,19,
   5c,e5,57,5c,1c,2a,1c,f1,96,f4,0a,13,61,35,9d,9c,19,d6,50,1e,82,b1,a5,fe,0b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-05-03  22:25:49
ComboFix-quarantined-files.txt  2015-05-04 05:25
.
Pre-Run: 1,330,622,619,648 bytes free
Post-Run: 1,330,887,364,608 bytes free
.
- - End Of File - - 8C372CAF90C0B241557F9A871CF57212


#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:08 AM

Posted 04 May 2015 - 11:23 AM

Sorry I hope I didn't confuse things.  I started Combofix again and let it run overnight.  It completed this time.


:thumbup2:
 
Ok, then do the following please:
 
Step 1

Scan with adwcleaner.png AdwCleaner (by Xplode).
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 2

v21logo.PNG

Please download and install Malwarebytes Anti-Malware. (NEW VERSION)
  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 daivddd

daivddd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 05 May 2015 - 07:39 PM

I sure hope I'm posting these logs correctly!  I should say that I already see a reduction in redirects!  But oddly enough just this afternoon the box was agained checked in Googles settings to use a proxy.

 

I got an error that this was too long, so I cut it in half hoping to send it half by half

 

 

 

# AdwCleaner v4.203 - Logfile created 05/05/2015 at 16:49:49
# Updated 30/04/2015 by Xplode
# Database : 2015-05-05.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : David - DAVIDSDESKTOP
# Running from : C:\Users\David\Downloads\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\4474401328398893039
Folder Deleted : C:\ProgramData\{044d0f9e-627b-c8bf-044d-d0f9e6273e79}
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\Program Files (x86)\EZDownloader
Folder Deleted : C:\Program Files (x86)\bestadblocker
Folder Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Folder Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dchmpbaclbiioedakpcldenooikekokm
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fjpdnoojnohifgekbkmnfbiobhcbedka
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icpgjfneehieebagbmdbhnlpiopdcmna
File Deleted : C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icpgjfneehieebagbmdbhnlpiopdcmna
File Deleted : C:\Users\Public\Desktop\EZDownloader.lnk
 
***** [ Scheduled tasks ] *****
 
Task Deleted : Bidaily Synchronize Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\P4054bad6_4d68_4488_ace7_242026c46979_.P4054bad6_4d68_4488_ace7_242026c46979_
Key Deleted : HKLM\SOFTWARE\Classes\P4054bad6_4d68_4488_ace7_242026c46979_.P4054bad6_4d68_4488_ace7_242026c46979_.9
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4054bad6-4d68-4488-ace7-242026c46979}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4054bad6-4d68-4488-ace7-242026c46979}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4054bad6-4d68-4488-ace7-242026c46979}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4054bad6-4d68-4488-ace7-242026c46979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4054bad6-4d68-4488-ace7-242026c46979}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4054bad6-4d68-4488-ace7-242026c46979}
Key Deleted : HKLM\SOFTWARE\AIM Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 127.0.0.1:8118
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v41.0.2272.76
 
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : dajedkncpodkggklbegccjpmnglmnflm
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : icpgjfneehieebagbmdbhnlpiopdcmna
 
-\\ Comodo Dragon v
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [24775 bytes] - [22/02/2015 20:35:42]
AdwCleaner[R1].txt - [5974 bytes] - [25/02/2015 14:44:57]
AdwCleaner[R2].txt - [23333 bytes] - [27/04/2015 16:33:11]
AdwCleaner[R3].txt - [2309 bytes] - [27/04/2015 16:39:36]
AdwCleaner[R4].txt - [12400 bytes] - [30/04/2015 12:38:33]
AdwCleaner[R5].txt - [12460 bytes] - [30/04/2015 12:40:03]
AdwCleaner[R6].txt - [3430 bytes] - [30/04/2015 12:49:22]
AdwCleaner[R7].txt - [5743 bytes] - [05/05/2015 16:48:09]
AdwCleaner[S0].txt - [25241 bytes] - [22/02/2015 20:38:56]
AdwCleaner[S1].txt - [11332 bytes] - [27/04/2015 16:35:12]
AdwCleaner[S2].txt - [2389 bytes] - [27/04/2015 16:41:51]
AdwCleaner[S3].txt - [5919 bytes] - [30/04/2015 12:41:59]
AdwCleaner[S4].txt - [4785 bytes] - [05/05/2015 16:49:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [4844  bytes] ##########
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/5/2015
Scan Time: 5:01:20 PM
Logfile: Malwarebytes.txt
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.05.05.05
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: David
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 610977
Time Elapsed: 14 min, 6 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Warn
 
Processes: 0
(No malicious items detected)
 
Modules: 6
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PrIcceMinUs\CCgtxYqiybif9D.dll, Delete-on-Reboot, [18f1504062288bab680ced19ea1cce32], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PrIcceMinUs\CCgtxYqiybif9D.dll, Delete-on-Reboot, [18f1504062288bab680ced19ea1cce32], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PriceMionuusu\owIK9R5TilcUoz.dll, Delete-on-Reboot, [cf3aefa1dbaf39fd254fc04637cfb44c], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PriceMionuusu\owIK9R5TilcUoz.dll, Delete-on-Reboot, [cf3aefa1dbaf39fd254fc04637cfb44c], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PPrriceMinus\YUKdrFyg8IEdUE.dll, Delete-on-Reboot, [a465fd93e9a163d30e66ce380ef84cb4], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PPrriceMinus\YUKdrFyg8IEdUE.dll, Delete-on-Reboot, [a465fd93e9a163d30e66ce380ef84cb4], 
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 15
PUP.Optional.MultiPlug.A, C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiicpdkmeclmgmlmbajefnkalcfageek\219, Quarantined, [f8119ef2cebcbb7b257bbca49f667888], 
PUP.Optional.MultiPlug.A, C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiicpdkmeclmgmlmbajefnkalcfageek, Quarantined, [f8119ef2cebcbb7b257bbca49f667888], 
PUP.Optional.MultiPlug.A, C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiicpdkmeclmgmlmbajefnkalcfageek\219, Quarantined, [e326f59b8bff3402099788d8778ebf41], 
PUP.Optional.MultiPlug.A, C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiicpdkmeclmgmlmbajefnkalcfageek, Quarantined, [e326f59b8bff3402099788d8778ebf41], 
PUP.Optional.MultiPlug, C:\ProgramData\hpnekcfomcaoiodcjkagfmgonhfaoklk, Quarantined, [2bde07894446a88ef9f99bc611f48779], 
PUP.Optional.MultiPlug, C:\ProgramData\iimdeknjdemgmmhmkcapgfpbcgbpcmge, Quarantined, [e227761a6921e551de145908c73e649c], 
PUP.Optional.MultiPlug, C:\ProgramData\llhjciaojbabcpbnjiehancaphpbfbkk, Quarantined, [9e6b1b753753f73f5a98aab7ef16718f], 
PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PPrriceMinus, Delete-on-Reboot, [9376662a137758deb0234d1728ddce32], 
PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PrIcceMinUs, Delete-on-Reboot, [bd4cb6daf397cb6b03d0cf9557ae14ec], 
PUP.Optional.Privoxy.A, C:\Program Files (x86)\Alfasistem Memory, Quarantined, [7198157b543682b44bc5f4d86d966e92], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor, Delete-on-Reboot, [5cad5739dbafe155b361f6d63ec501ff], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, Quarantined, [5cad5739dbafe155b361f6d63ec501ff], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, Quarantined, [5cad5739dbafe155b361f6d63ec501ff], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, Quarantined, [5cad5739dbafe155b361f6d63ec501ff], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp, Quarantined, [5cad5739dbafe155b361f6d63ec501ff], 
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2015
Ran by David (administrator) on DAVIDSDESKTOP on 05-05-2015 17:30:52
Running from C:\Users\David\Downloads
Loaded Profiles: David (Available profiles: David & Visitor)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Free Desktop Clock\timeserv.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Program Files\PerfectDisk\PDAgent.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Giornale info) C:\Users\David\AppData\Local\Ifdksoft\tmpDC7A.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Ipswitch) C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe [4652544 2013-06-27] ()
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [Icqgsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\David\AppData\Local\Ifdksoft\WsCryptApi.dll
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Run: [Imvpsoft] => regsvr32.exe C:\Users\David\AppData\Local\Imvpsoft\CatDBnt5.dll <===== ATTENTION
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\MountPoints2: {8c4403bb-0a3b-11e2-bdd6-806e6f6e6963} - F:\Belkin_Setup_and_Monitor_Install.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\volume.ahk.lnk [2013-08-11]
ShortcutTarget: volume.ahk.lnk -> C:\Program Files (x86)\volume.ahk ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome.exe - Shortcut.lnk [2015-04-28]
ShortcutTarget: chrome.exe - Shortcut.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\inSSIDer for Enterprise 4.2.0.12 + Crack + 100% Working.lnk [2015-05-05]
ShortcutTarget: inSSIDer for Enterprise 4.2.0.12 + Crack + 100% Working.lnk -> C:\ProgramData\{044d0f9e-627b-c8bf-044d-d0f9e6273e79}\inSSIDer for Enterprise 4.2.0.12 + Crack + 100% Working.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} =>  No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\DLLx64\SnagItBHO64.dll [2008-09-22] (TechSmith Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\SnagItBHO.dll [2008-09-22] (TechSmith Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\SnagItIEAddin.dll [2008-09-22] (TechSmith Corporation)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKU\S-1-5-21-3085527945-139366052-3681144780-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-3085527945-139366052-3681144780-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-3085527945-139366052-3681144780-1000 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ejo0j5g0.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: Sony Audio Restoration - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\ejo0j5g0.default\Extensions\{CAF37501-D26C-D72F-89E5-184B145D46FE} [2015-04-28]
FF Extension: Firefox Helper - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\48ea8b2ccd6e0f909ab08cdbac8215c5 [2015-03-06]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-02-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-30]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-30]
CHR Extension: (Mailto: for Gmail™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2015-04-30]
CHR Extension: (Faviconize Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijobgpmmkilncagclaejpjlccfhopdo [2015-04-30]
CHR Extension: (IE Tab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-04-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-27]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-27]
CHR Extension: (Stylist) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd [2015-04-30]
CHR Extension: (Wikinvest Portfolio Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpkgmnajebobcebngnagdabphfmooej [2015-04-30]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-30]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-05]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-05]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05]
CHR Extension: (Google Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-05]
CHR Extension: (Expensify Web Receipts) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiicpdkmeclmgmlmbajefnkalcfageek [2015-05-05]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - No Path Or update_url value
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-20] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtomicAlarmClock; C:\Program Files\Free Desktop Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-11-25] (CyberLink)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-03-12] (Microsoft Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 PDAgent; C:\Program Files\PerfectDisk\PDAgent.exe [2610952 2011-03-15] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\PerfectDisk\PDEngine.exe [2266376 2011-03-15] (Raxco Software, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-18] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation) [File not signed]
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{DAF16854-75A9-4566-A775-B5D12FE1F288}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cpuz135; C:\Program Files (x86)\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
R3 HCW723x; C:\Windows\System32\DRIVERS\HCW723x.sys [1847680 2012-08-17] (Hauppauge Computer Works, Inc.)
U0 ienxsriw; C:\Windows\System32\drivers\ncvlqit.sys [79064 2015-05-05] (Malwarebytes Corporation)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-06-11] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [136408 2015-05-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RT80x86; C:\Windows\System32\DRIVERS\RT2860.sys [1883488 2010-07-21] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-05 17:30 - 2015-05-05 17:31 - 00029511 _____ () C:\Users\David\Downloads\FRST.txt
2015-05-05 17:29 - 2015-05-05 17:29 - 02101248 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2015-05-05 17:20 - 2015-05-05 17:20 - 00003933 _____ () C:\Malwarebytes.txt
2015-05-05 17:16 - 2015-05-05 17:16 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\ncvlqit.sys
2015-05-05 17:00 - 2015-05-05 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-05 16:57 - 2015-05-05 16:57 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-05 16:45 - 2015-05-05 16:45 - 02204160 _____ () C:\Users\David\Downloads\adwcleaner_4.203 (1).exe
2015-05-05 16:44 - 2015-05-05 16:44 - 02204160 _____ () C:\Users\David\Downloads\adwcleaner_4.203.exe
2015-05-05 10:56 - 2015-05-05 10:56 - 00001541 _____ () C:\Users\David\Downloads\[kickass.to]inssider.for.enterprise.4.2.0.12.crack.100.working.torrent
2015-05-05 10:51 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\PPrriceMinus
2015-05-05 10:51 - 2015-05-05 10:51 - 00000000 ____D () C:\Windows\SysWOW64\X86
2015-05-05 10:51 - 2015-05-05 10:51 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2015-05-05 10:47 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-05 10:47 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-05 10:47 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-05 10:47 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-05 10:46 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-05 10:46 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-05 10:46 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-05 10:46 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-05 10:46 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-05 10:46 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-05 10:46 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-05 10:46 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-05 10:46 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-05 10:46 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-05 10:31 - 2015-05-05 10:31 - 00262144 _____ () C:\Windows\system32\config\elam
2015-05-05 10:27 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\PrIcceMinUs
2015-05-05 10:17 - 2015-05-05 10:17 - 00000037 ___SH () C:\Users\David\AppData\Local\70149b02515b3bb20dd492.47983420
2015-05-05 10:12 - 2015-05-05 10:12 - 00002493 _____ () C:\Users\Public\Desktop\inSSIDer Office.lnk
2015-05-05 10:12 - 2015-05-05 10:12 - 00001245 _____ () C:\Users\David\Registry Reviver.lnk
2015-05-05 10:12 - 2015-05-05 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-05-05 10:07 - 2015-05-05 10:07 - 00018005 _____ () C:\Users\David\Downloads\inSSIDer+4.0.0.20+Portable+%2B+inSSIDer+Office+3.1.1.6+%28with+Crack%29.torrent
2015-05-05 09:50 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\PriceMionuusu
2015-05-05 09:50 - 2015-05-05 17:05 - 00000000 ____D () C:\Program Files (x86)\Expensify Web Receipts
2015-05-05 07:18 - 2015-05-05 07:18 - 00000000 ____D () C:\ProgramData\Affinegy
2015-05-05 06:45 - 2015-05-05 06:45 - 00166728 _____ () C:\Users\Visitor\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-05 06:44 - 2015-05-05 06:44 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Ipswitch
2015-05-05 06:28 - 2015-05-05 06:28 - 00001450 _____ () C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-05 06:27 - 2015-05-05 06:28 - 00001484 _____ () C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-05 06:27 - 2015-05-05 06:27 - 00000020 ___SH () C:\Users\Visitor\ntuser.ini
2015-05-04 19:56 - 2015-05-04 19:56 - 00166728 _____ () C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-04 19:56 - 2015-05-04 19:56 - 00001484 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-04 19:56 - 2015-05-04 19:56 - 00001450 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-04 19:55 - 2015-05-04 19:55 - 00000020 ___SH () C:\Users\David\ntuser.ini
2015-05-04 19:35 - 2015-05-04 19:55 - 00000000 ____D () C:\Windows\Panther
2015-05-04 19:30 - 2015-05-04 19:30 - 00262144 _____ () C:\Windows\system32\config\userdiff
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-05-04 19:30 - 2015-05-04 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-04 19:23 - 2015-05-04 19:38 - 00000000 ___HD () C:\$WINDOWS.~Q
2015-05-04 19:12 - 2015-05-04 19:17 - 00000000 ___HD () C:\$INPLACE.~TR
2015-05-04 18:44 - 2015-05-05 11:28 - 00000000 ____D () C:\Users\David\Backups
2015-05-04 18:44 - 2015-05-04 19:29 - 00000000 ____D () C:\Users\David\My Scans
2015-05-04 18:42 - 2015-05-05 10:12 - 00000000 ____D () C:\Users\David
2015-05-04 18:42 - 2015-05-05 06:27 - 00000000 ____D () C:\Users\Visitor
2015-05-04 18:42 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 18:42 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 18:42 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-04 18:42 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-04 18:41 - 2015-05-04 19:58 - 00786916 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-04 18:41 - 2015-05-04 18:41 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-05-04 18:41 - 2015-05-04 18:41 - 00000000 ____D () C:\Windows\SysWOW64\URTTEMP
2015-05-04 18:40 - 2015-05-04 18:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-05-04 18:40 - 2015-05-04 18:40 - 00003870 _____ () C:\Windows\LkmdfCoInst.log
2015-05-04 18:40 - 2015-05-04 18:40 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-05-04 18:40 - 2015-05-04 18:40 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-05-04 18:39 - 2015-05-04 18:39 - 00001344 _____ () C:\Windows\system32\RaCoInst.log
2015-05-04 18:39 - 2015-05-04 18:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-05-04 18:39 - 2015-05-04 18:39 - 00000000 ____D () C:\Windows\system32\Hauppauge
2015-05-04 18:38 - 2015-05-05 17:00 - 00542836 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 18:38 - 2015-05-05 16:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-04 18:38 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-04 18:38 - 2015-02-05 12:07 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-04 18:38 - 2015-02-05 12:07 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-04 18:38 - 2015-02-05 12:07 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-04 18:38 - 2015-02-05 12:07 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-04 18:38 - 2015-02-05 12:07 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-04 18:38 - 2015-02-05 12:06 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-04 18:38 - 2015-02-05 05:50 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-04 18:37 - 2015-05-04 18:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-04 18:37 - 2015-05-04 18:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-04 18:37 - 2015-05-04 18:37 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-04 18:37 - 2015-05-04 18:37 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-05-04 18:37 - 2015-05-04 18:37 - 00000000 ____D () C:\Program Files\Realtek
2015-05-04 17:36 - 2015-05-04 19:38 - 00007736 _____ () C:\Windows\comsetup.log
2015-05-04 17:03 - 2015-05-04 17:18 - 00004218 _____ () C:\Users\David\Desktop\Windows Compatibility Report.htm
2015-05-04 16:37 - 2009-06-22 16:50 - 00291352 _____ (silex technology, Inc.) C:\Windows\system32\Drivers\sxuptp.sys
2015-05-04 08:34 - 2015-05-05 10:12 - 00000000 ____D () C:\Program Files (x86)\MetaGeek
2015-05-04 08:27 - 2015-05-04 08:27 - 00001541 _____ () C:\Users\David\Downloads\inSSIDer_for_Enterprise_4.2.0.12_+_Crack_+_100%_Working.torrent
2015-05-04 08:12 - 2015-05-04 08:12 - 00000000 __SHD () C:\Users\David\AppData\Local\icsxml
2015-05-04 08:11 - 2015-05-05 10:17 - 00000000 ____D () C:\Users\David\AppData\Local\MetaGeek,_LLC
2015-05-03 22:25 - 2015-05-03 22:25 - 00040038 _____ () C:\ComboFix.txt
2015-05-03 13:06 - 2015-05-04 19:03 - 00000000 ____D () C:\Windows\erdnt
2015-05-03 13:06 - 2015-05-03 22:25 - 00000000 ____D () C:\Qoobox
2015-05-02 07:37 - 2015-05-05 17:30 - 00000000 ____D () C:\FRST
2015-05-01 20:29 - 2015-05-01 20:46 - 32931840 _____ () C:\Users\David\Desktop\N5kVSKYD
2015-04-30 22:15 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-04-30 22:15 - 2015-05-04 13:16 - 00431396 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2015-04-30 22:15 - 2015-04-30 22:15 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-04-30 22:15 - 2014-06-11 10:09 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-04-30 22:15 - 2014-06-11 10:09 - 00490592 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-04-30 22:15 - 2014-06-11 10:09 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-04-30 22:11 - 2015-05-04 18:52 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2015-04-30 15:07 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ipswitch WS_FTP 12
2015-04-30 15:07 - 2015-05-04 19:02 - 00000000 ____D () C:\ProgramData\Ipswitch
2015-04-30 15:07 - 2015-05-04 18:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-30 15:07 - 2015-05-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Ipswitch
2015-04-30 15:07 - 2015-05-04 18:49 - 00000000 ____D () C:\Program Files\Ipswitch
2015-04-30 15:07 - 2015-04-30 15:07 - 00002000 _____ () C:\Users\Public\Desktop\Ipswitch WS_FTP 12.lnk
2015-04-30 14:43 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-04-30 14:35 - 2015-04-30 14:35 - 00006604 _____ () C:\Windows\system32\.crusader
2015-04-30 14:06 - 2015-04-30 14:06 - 00003168 _____ () C:\Windows\System32\Tasks\{67DBAF5A-0662-4A1F-BF30-990984231DF1}
2015-04-30 07:33 - 2015-04-30 07:33 - 00001994 _____ () C:\Windows\DPINST.LOG
2015-04-29 19:21 - 2015-04-29 19:21 - 00003276 _____ () C:\Windows\System32\Tasks\Windows Defrag
2015-04-29 16:39 - 2015-04-29 16:39 - 00003288 _____ () C:\Windows\System32\Tasks\{B76A7A90-847E-4BC7-919F-7C65F2FDA17D}
2015-04-28 20:27 - 2015-04-28 20:27 - 00003156 _____ () C:\Windows\System32\Tasks\{1E79B445-B044-45E4-80B4-E4C99ED987D4}
2015-04-28 20:13 - 2015-04-28 20:13 - 00000206 _____ () C:\Users\David\Desktop\337GAMES.url
2015-04-28 20:10 - 2015-05-05 09:02 - 00000000 ____D () C:\Users\David\AppData\Local\Imvpsoft
2015-04-28 20:09 - 2015-05-05 08:12 - 00000000 ____D () C:\Users\David\AppData\Local\Ifdksoft
2015-04-28 17:55 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2015-04-28 09:30 - 2015-05-04 19:03 - 00000000 ___RD () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-28 09:30 - 2015-05-04 19:03 - 00000000 ___RD () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-28 09:30 - 2015-05-04 19:03 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Roaming\TuneUp Software
2015-04-28 09:30 - 2015-05-04 19:03 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-04-28 09:30 - 2015-05-04 19:03 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Roaming\Macromedia
2015-04-28 09:30 - 2015-05-04 19:03 - 00000000 ____D () C:\Users\IPS_daivddd
2015-04-28 09:30 - 2015-04-28 09:30 - 00000020 ___SH () C:\Users\IPS_daivddd\ntuser.ini
2015-04-28 09:30 - 2015-03-07 09:01 - 00000000 ____D () C:\Users\IPS_daivddd\AppData\Local\Microsoft Help
2015-04-28 09:30 - 2015-02-10 08:47 - 01706800 _____ (Microsoft Corporation) C:\Windows\gdiplus.dll
2015-04-28 09:30 - 2015-02-10 08:47 - 01060864 _____ (Microsoft Corporation) C:\Windows\MFC71.dll
2015-04-28 09:30 - 2015-02-10 08:47 - 00499712 _____ (Microsoft Corporation) C:\Windows\msvcp71.dll
2015-04-28 09:30 - 2015-02-10 08:47 - 00348160 _____ (Microsoft Corporation) C:\Windows\msvcr71.dll
2015-04-28 09:30 - 2014-01-03 17:02 - 00001974 _____ () C:\Users\IPS_daivddd\Desktop\ib.lnk
2015-04-28 09:30 - 2013-03-02 10:40 - 00002141 _____ () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2015-04-28 09:30 - 2011-04-19 11:32 - 00001974 _____ () C:\Users\IPS_daivddd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk
2015-04-28 09:29 - 2015-05-04 18:58 - 00000000 ____D () C:\Program Files (x86)\PostgreSQL
2015-04-28 09:29 - 2015-04-28 11:51 - 02617990 _____ () C:\Windows\SysWOW64\PostgreSQL.log
2015-04-28 09:28 - 2015-04-28 11:51 - 00217962 _____ () C:\log.log
2015-04-28 09:22 - 2015-04-29 17:16 - 00001819 _____ () C:\Windows\SysWOW64\WS_FTP_Install.LOG
2015-04-27 11:56 - 2015-04-27 11:56 - 00003406 _____ () C:\Windows\System32\Tasks\{8F8E29C4-01B4-420C-927B-2F927480E1E2}
2015-04-27 11:55 - 2015-05-04 19:05 - 00000000 ____D () C:\Windows\system32\Drivers\NBRTWizardx64
2015-04-27 11:55 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
2015-04-27 11:55 - 2015-05-04 18:58 - 00000000 ____D () C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2015-04-27 11:52 - 2015-05-04 19:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-04-27 11:52 - 2015-05-04 19:03 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-04-27 11:52 - 2015-04-28 12:03 - 00001383 _____ () C:\Users\David\Desktop\Norton Installation Files.lnk
2015-04-27 09:14 - 2015-04-27 09:14 - 00000000 ____D () C:\Program Files (x86)\4066e076-67da-4a36-9b31-9ca5a84f9258
2015-04-27 09:03 - 2015-04-27 09:15 - 00001181 _____ () C:\Users\David\Desktop\Norton Ghost.lnk
2015-04-24 20:40 - 2015-04-30 09:39 - 00007849 ____H () C:\Windows\SysWOW64\BTImages.dat
2015-04-24 19:12 - 2015-04-24 19:12 - 00000000 ____D () C:\Users\David\Documents\ForceField Shared Files
2015-04-24 18:36 - 2015-05-04 19:20 - 00000000 ____D () C:\Users\David\AppData\Local\Apple Computer
2015-04-23 12:56 - 2015-05-04 19:21 - 00000000 ____D () C:\Users\David\AppData\Local\Skype
2015-04-22 12:07 - 2015-05-04 19:29 - 00000000 ____D () C:\Users\David\Downloads\wifiinfoview
2015-04-22 10:34 - 2015-04-22 10:34 - 00002012 _____ () C:\Program Files (x86)\Desktop.lnk
2015-04-18 20:15 - 2015-05-04 19:20 - 00000000 ____D () C:\Users\David\AppData\Local\Apple
2015-04-15 17:06 - 2015-05-04 19:20 - 00000000 ____D () C:\Users\David\AppData\Local\Adobe
2015-04-15 07:49 - 2015-03-24 20:24 - 00060416 ____N (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:49 - 2015-03-24 20:23 - 00012288 ____N (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:49 - 2015-03-22 20:25 - 00769536 ____N (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:49 - 2015-03-22 20:25 - 00726528 ____N (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00957952 ____N (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00419840 ____N (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:49 - 2015-03-22 20:24 - 00030720 ____N (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:49 - 2015-03-12 21:25 - 00004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 07:49 - 2015-03-12 21:08 - 00048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 07:49 - 2015-03-12 21:06 - 00088064 ____N (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 07:49 - 2015-03-12 20:54 - 00114688 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 07:49 - 2015-03-12 20:53 - 00814080 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 07:49 - 2015-03-12 20:50 - 06025216 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:49 - 2015-03-12 20:44 - 00968704 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 07:49 - 2015-03-12 20:32 - 00077824 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 07:49 - 2015-03-12 20:27 - 00047616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 07:49 - 2015-03-12 20:26 - 00064000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 07:49 - 2015-03-12 20:15 - 00620032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 07:49 - 2015-03-12 20:05 - 01359360 ____N (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 07:49 - 2015-03-12 20:01 - 00060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 07:49 - 2015-03-12 19:49 - 04305408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:49 - 2015-03-12 19:42 - 01155072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 17:27 - 2015-05-04 19:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\Free Desktop Clock 3
2015-04-14 17:27 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Desktop Clock
2015-04-14 17:27 - 2015-05-04 18:49 - 00000000 ____D () C:\Program Files\Free Desktop Clock
2015-04-14 16:54 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skin Clock
2015-04-14 16:53 - 2015-05-04 19:29 - 00000000 ____D () C:\Users\David\Downloads\skinclock-1_7
2015-04-14 16:42 - 2015-04-14 16:42 - 00002980 _____ () C:\Windows\System32\Tasks\{2BF7459B-D73E-467B-9B10-E55896AA9863}
2015-04-14 13:29 - 2015-04-14 13:29 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 11:15 - 2015-05-04 19:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\Ipswitch
2015-04-06 19:39 - 2015-05-04 19:05 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 19:39 - 2015-05-04 19:05 - 00000000 ___SD () C:\Windows\system32\GWX
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-05 17:29 - 2014-11-12 11:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 17:19 - 2014-12-19 00:07 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-05 17:16 - 2014-11-26 12:24 - 00000000 ____D () C:\Windows\ERUNT
2015-05-05 17:01 - 2015-03-09 09:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 17:00 - 2015-03-09 09:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-05 17:00 - 2009-07-13 21:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:00 - 2009-07-13 21:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 16:58 - 2009-07-13 22:13 - 00795138 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 16:53 - 2014-12-19 00:07 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 16:52 - 2015-02-23 10:24 - 00000200 _____ () C:\Windows\Tasks\AutoKMS.job
2015-05-05 16:52 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 16:52 - 2009-07-13 21:51 - 04306326 _____ () C:\Windows\setupact.log
2015-05-05 16:49 - 2015-02-22 19:20 - 00000000 ____D () C:\AdwCleaner
2015-05-05 16:47 - 2013-04-15 21:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2015-05-05 16:22 - 2015-02-23 10:24 - 00000202 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2015-05-05 10:41 - 2014-10-24 14:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDavid.job
2015-05-05 10:21 - 2015-03-17 22:17 - 00000000 ____D () C:\Users\David\Downloads\µTorrent
2015-05-05 10:12 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\restore
2015-05-05 09:22 - 2014-11-19 01:49 - 00000000 ____D () C:\Users\David\AppData\Roaming\Winamp
2015-05-05 08:07 - 2014-09-12 14:18 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDavid
2015-05-05 07:18 - 2013-07-02 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
2015-05-05 06:38 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-04 20:18 - 2014-01-03 18:19 - 00000578 __RSH () C:\ProgramData\ntuser.pol
2015-05-04 19:56 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-04 19:55 - 2009-07-24 13:11 - 00000000 ____D () C:\Recovery
2015-05-04 19:55 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-05-04 19:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-04 19:49 - 2009-07-13 21:46 - 00006080 _____ () C:\Windows\DtcInstall.log
2015-05-04 19:49 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-05-04 19:46 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Registration
2015-05-04 19:36 - 2014-10-26 17:15 - 00024344 _____ () C:\Windows\system32\emptyregdb.dat
2015-05-04 19:35 - 2012-10-20 12:38 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-05-04 19:35 - 2012-09-29 15:16 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-04 19:35 - 2012-09-29 11:43 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-05-04 19:35 - 2011-04-19 11:29 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2015-05-04 19:35 - 2009-07-13 20:20 - 00000000 __RSD () C:\Windows\Media
2015-05-04 19:35 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-04 19:34 - 2009-07-13 22:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-05-04 19:34 - 2009-07-13 22:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-05-04 19:33 - 2009-07-13 21:45 - 05133080 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-04 19:32 - 2010-11-20 20:47 - 00005174 _____ () C:\Windows\PFRO.log
2015-05-04 19:30 - 2009-07-13 20:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-04 19:30 - 2009-07-13 20:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 19:30 - 2009-07-13 20:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-04 19:30 - 2009-07-13 20:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 19:29 - 2015-04-04 11:40 - 00000000 ____D () C:\Users\David\Downloads\Ares
2015-05-04 19:29 - 2015-03-03 12:36 - 00000000 ____D () C:\Users\David\Updates
2015-05-04 19:29 - 2015-03-03 12:36 - 00000000 ____D () C:\Users\David\ProPlus.WW
2015-05-04 19:29 - 2015-03-03 12:36 - 00000000 ____D () C:\Users\David\Office14
2015-05-04 19:29 - 2015-02-15 09:25 - 00000000 ____D () C:\Users\David\Documents\Songs
2015-05-04 19:29 - 2014-10-10 09:47 - 00000000 ___SD () C:\Users\David\Documents\My Data Sources
2015-05-04 19:29 - 2014-10-07 12:55 - 00000000 ____D () C:\Users\David\Documents\OptionsOracle
2015-05-04 19:29 - 2014-10-06 09:33 - 00000000 ____D () C:\Users\David\Documents\Gospel
2015-05-04 19:29 - 2014-09-01 14:54 - 00000000 ____D () C:\Users\David\Documents\WPA Files
2015-05-04 19:29 - 2014-05-02 08:32 - 00000000 ____D () C:\Users\David\Documents\Celeris
2015-05-04 19:29 - 2014-03-16 07:33 - 00000000 ____D () C:\Users\David\Documents\Tablecloth
2015-05-04 19:29 - 2013-11-30 13:55 - 00000000 ____D () C:\Users\David\Documents\Body Fat
2015-05-04 19:29 - 2013-08-31 16:23 - 00000000 ____D () C:\Users\David\Documents\Spanish
2015-05-04 19:29 - 2013-05-03 08:47 - 00000000 ____D () C:\Users\David\VLC
2015-05-04 19:29 - 2013-03-02 13:19 - 00000000 ___RD () C:\Users\David\Messengers
2015-05-04 19:29 - 2013-03-02 12:43 - 00000000 ____D () C:\Users\David\Tracing
2015-05-04 19:29 - 2012-11-15 17:01 - 00000000 ____D () C:\Users\David\Documents\Adobe
2015-05-04 19:29 - 2012-11-10 21:34 - 00000000 __SHD () C:\Users\David\Start Menu - Copy
2015-05-04 19:29 - 2012-10-24 07:45 - 00000000 ____D () C:\Users\David\Documents\Nero Home
2015-05-04 19:29 - 2012-10-17 20:11 - 00000000 ____D () C:\Users\David\Podcasts
2015-05-04 19:29 - 2012-10-17 20:11 - 00000000 ____D () C:\Users\David\Documents\Media Go
2015-05-04 19:29 - 2012-10-12 12:14 - 00000000 ____D () C:\Users\David\Security
2015-05-04 19:29 - 2012-10-04 11:25 - 00000000 ____D () C:\Users\David\Documents\Inventor
2015-05-04 19:29 - 2012-10-04 11:23 - 00000000 ____D () C:\Users\David\Documents\Inventor Server x64 AutoCAD 2012 Language Pack - English
2015-05-04 19:29 - 2012-10-04 11:19 - 00000000 ____D () C:\Users\David\Documents\Revit Architecture 2012
2015-05-04 19:29 - 2012-10-04 11:15 - 00000000 ____D () C:\Users\David\Documents\Visual Studio 2008
2015-05-04 19:29 - 2012-10-01 21:12 - 00000000 ____D () C:\Users\David\Documents\Finale Files
2015-05-04 19:29 - 2012-09-29 13:49 - 00000000 ____D () C:\Users\David\Documents\Chameleon Clock Backup
2015-05-04 19:29 - 2012-09-29 11:29 - 00000000 ____D () C:\Users\David\Willys
2015-05-04 19:29 - 2012-09-29 11:29 - 00000000 ____D () C:\Users\David\SpanishBAK
2015-05-04 19:29 - 2012-09-29 10:53 - 00000000 ____D () C:\Users\David\Documents\SnagIt
2015-05-04 19:29 - 2012-09-29 10:53 - 00000000 ____D () C:\Users\David\Documents\My Received Files
2015-05-04 19:29 - 2012-09-29 10:53 - 00000000 ____D () C:\Users\David\Documents\Legal
2015-05-04 19:29 - 2012-09-29 10:53 - 00000000 ____D () C:\Users\David\Documents\Go Kart
2015-05-04 19:29 - 2012-09-29 10:53 - 00000000 ____D () C:\Users\David\Documents\Fitness
2015-05-04 19:29 - 2012-09-28 18:22 - 00000000 ____D () C:\Users\David\HP
2015-05-04 19:28 - 2015-03-03 12:36 - 00000000 ____D () C:\Users\David\Catalog
2015-05-04 19:28 - 2012-09-29 10:48 - 00000000 ____D () C:\Users\David\Credit Reports
2015-05-04 19:24 - 2015-03-27 19:45 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-04 19:24 - 2015-03-20 13:51 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Converter
2015-05-04 19:24 - 2015-03-03 19:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Thinstall
2015-05-04 19:24 - 2015-02-22 11:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\Yahoo!
2015-05-04 19:24 - 2014-12-03 17:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\SoftGrid Client
2015-05-04 19:24 - 2014-11-24 16:53 - 00000000 ____D () C:\Users\David\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2015-05-04 19:24 - 2014-10-26 07:40 - 00000000 ____D () C:\Users\David\AppData\Roaming\Oracle
2015-05-04 19:24 - 2014-10-10 08:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StockWatch
2015-05-04 19:24 - 2014-10-07 12:48 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SamoaSky
2015-05-04 19:24 - 2014-10-07 12:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\OptionsOracle
2015-05-04 19:24 - 2014-09-15 20:45 - 00000000 ____D () C:\Users\David\AppData\Roaming\WinTools
2015-05-04 19:24 - 2014-06-12 19:10 - 00000000 ____D () C:\Users\David\AppData\Roaming\Spotify
2015-05-04 19:24 - 2014-04-06 14:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\rmi
2015-05-04 19:24 - 2014-04-01 09:35 - 00000000 ____D () C:\Users\David\AppData\Roaming\MiniGet
2015-05-04 19:24 - 2014-02-13 23:00 - 00000000 ____D () C:\Users\David\AppData\Roaming\PSafe
2015-05-04 19:24 - 2014-01-03 17:02 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-05-04 19:24 - 2013-12-02 12:51 - 00000000 ____D () C:\Users\David\AppData\Roaming\Symantec
2015-05-04 19:24 - 2013-05-06 18:02 - 00000000 ____D () C:\Users\David\AppData\Roaming\WildTangent
2015-05-04 19:24 - 2013-05-03 08:49 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2015-05-04 19:24 - 2013-01-02 07:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2015-05-04 19:24 - 2012-11-15 17:02 - 00000000 ____D () C:\Users\David\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-05-04 19:24 - 2012-11-15 17:01 - 00000000 ____D () C:\Users\David\AppData\Roaming\PACE Anti-Piracy
2015-05-04 19:24 - 2012-11-07 11:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\MusicNet
2015-05-04 19:24 - 2012-10-17 20:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\Sony Setup
2015-05-04 19:24 - 2012-10-17 08:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\WinBatch
2015-05-04 19:24 - 2012-10-02 12:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\TeamViewer
2015-05-04 19:24 - 2012-10-01 19:07 - 00000000 ____D () C:\Users\David\AppData\Roaming\Sony
2015-05-04 19:24 - 2012-10-01 10:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
2015-05-04 19:24 - 2012-09-30 10:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\NVIDIA
2015-05-04 19:24 - 2012-09-30 10:11 - 00000000 ____D () C:\Users\David\AppData\Roaming\PDAppFlex
2015-05-04 19:24 - 2012-09-29 10:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\NewspaperDirect
2015-05-04 19:24 - 2012-09-29 08:39 - 00000000 ____D () C:\Users\David\AppData\Roaming\TuneUp Software
2015-05-04 19:24 - 2012-09-29 07:59 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2015-05-04 19:24 - 2012-09-29 07:07 - 00000000 ____D () C:\Users\David\AppData\Roaming\PictureMover
2015-05-04 19:23 - 2015-03-20 13:53 - 00000000 ____D () C:\Users\David\AppData\Roaming\Free PDF to Word Converter
2015-05-04 19:23 - 2015-03-03 19:56 - 00000000 ____D () C:\Users\David\AppData\Local\Thinstall
2015-05-04 19:23 - 2015-02-22 13:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\driveridentifier
2015-05-04 19:23 - 2014-11-30 18:33 - 00000000 ____D () C:\Users\David\AppData\Local\VolumeConcierge
2015-05-04 19:23 - 2014-10-08 12:14 - 00000000 ____D () C:\Users\David\AppData\Roaming\com.mentalecho.portfolioviewer.B4DD540654D63A9E67948E1331A45362E3B719A9.1
2015-05-04 19:23 - 2014-09-15 11:47 - 00000000 ____D () C:\Users\David\AppData\Roaming\Autodesk
2015-05-04 19:23 - 2014-09-01 14:54 - 00000000 ____D () C:\Users\David\AppData\Local\Windows Performance Analyzer
2015-05-04 19:23 - 2014-06-12 19:11 - 00000000 ____D () C:\Users\David\AppData\Local\Spotify
2015-05-04 19:23 - 2014-04-29 08:42 - 00000000 ____D () C:\Users\David\AppData\Roaming\Celeris
2015-05-04 19:23 - 2014-02-13 22:59 - 00000000 ____D () C:\Users\David\AppData\Roaming\360safe
2015-05-04 19:23 - 2013-12-14 13:53 - 00000000 ____D () C:\Users\David\AppData\Roaming\Canon
2015-05-04 19:23 - 2013-12-02 12:51 - 00000000 ____D () C:\Users\David\AppData\Local\Symantec_Corporation
2015-05-04 19:23 - 2013-09-08 18:21 - 00000000 ____D () C:\Users\David\AppData\Roaming\dvdcss
2015-05-04 19:23 - 2013-04-25 06:43 - 00000000 ____D () C:\Users\David\AppData\Roaming\hpqLog
2015-05-04 19:23 - 2013-03-02 10:39 - 00000000 ____D () C:\Users\David\AppData\Local\Windows Live
2015-05-04 19:23 - 2013-02-27 08:40 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe Mini Bridge CS5
2015-05-04 19:23 - 2013-02-27 08:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\EPSON
2015-05-04 19:23 - 2013-02-12 23:55 - 00000000 ____D () C:\Users\David\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-05-04 19:23 - 2013-01-03 11:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe Mini Bridge CS5.1
2015-05-04 19:23 - 2013-01-02 07:21 - 00000000 ____D () C:\Users\David\AppData\Local\Windows Live Writer
2015-05-04 19:23 - 2012-12-17 13:52 - 00000000 ____D () C:\Users\David\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-05-04 19:23 - 2012-10-24 07:28 - 00000000 ____D () C:\Users\David\AppData\Roaming\Ahead
2015-05-04 19:23 - 2012-10-17 12:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\InstallShield
2015-05-04 19:23 - 2012-10-06 21:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\LavasoftStatistics
2015-05-04 19:23 - 2012-10-06 20:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\HpUpdate
2015-05-04 19:23 - 2012-10-01 21:50 - 00000000 ____D () C:\Users\David\AppData\Local\TechSmith
2015-05-04 19:23 - 2012-09-30 18:34 - 00000000 ____D () C:\Users\David\AppData\Roaming\CyberLink
2015-05-04 19:23 - 2012-09-29 18:48 - 00000000 ____D () C:\Users\David\AppData\Roaming\ABBYY
2015-05-04 19:23 - 2012-09-29 15:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\Leadertech
2015-05-04 19:23 - 2012-09-29 15:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\Logitech
2015-05-04 19:23 - 2012-09-29 15:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\Logishrd
2015-05-04 19:23 - 2012-09-29 15:17 - 00000000 ____D () C:\Users\David\AppData\Roaming\Apple Computer
2015-05-04 19:23 - 2012-09-29 13:25 - 00000000 ____D () C:\Users\David\AppData\Local\WindowsUpdate
2015-05-04 19:23 - 2012-09-29 07:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2015-05-04 19:23 - 2012-09-29 07:06 - 00000000 ____D () C:\Users\David\AppData\Roaming\Intel Corporation
2015-05-04 19:23 - 2012-09-29 07:06 - 00000000 ____D () C:\Users\David\AppData\Local\VirtualStore
2015-05-04 19:23 - 2012-09-29 06:57 - 00000000 ____D () C:\Users\David\AppData\Roaming\Macromedia
2015-05-04 19:23 - 2012-09-29 06:57 - 00000000 ____D () C:\Users\David\AppData\Roaming\Hewlett-Packard
2015-05-04 19:21 - 2015-02-22 12:50 - 00000000 ____D () C:\Users\David\AppData\Local\Intel
2015-05-04 19:21 - 2014-12-03 17:32 - 00000000 ____D () C:\Users\David\AppData\Local\SoftGrid Client
2015-05-04 19:21 - 2014-11-12 19:32 - 00000000 ____D () C:\Users\David\AppData\Local\Macromedia
2015-05-04 19:21 - 2014-11-12 19:30 - 00000000 ____D () C:\Users\David\AppData\Local\Mozilla
2015-05-04 19:21 - 2014-10-07 13:13 - 00000000 ____D () C:\Users\David\AppData\Local\SamoaSky
2015-05-04 19:21 - 2014-04-21 14:25 - 00000000 ____D () C:\Users\David\AppData\Local\IE Tab
2015-05-04 19:21 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\David\AppData\Local\Packages
2015-05-04 19:21 - 2014-02-13 22:59 - 00000000 ____D () C:\Users\David\AppData\Local\PSafe
2015-05-04 19:21 - 2014-01-16 19:37 - 00000000 ____D () C:\Users\David\AppData\Local\Panda Security
2015-05-04 19:21 - 2014-01-03 17:02 - 00000000 ____D () C:\Users\David\AppData\Local\OLYMPUS
2015-05-04 19:21 - 2013-12-26 12:09 - 00000000 ____D () C:\Users\David\AppData\Local\NVIDIA Corporation
2015-05-04 19:21 - 2013-12-26 12:07 - 00000000 ____D () C:\Users\David\AppData\Local\NVIDIA
2015-05-04 19:21 - 2013-12-19 16:35 - 00000000 ____D () C:\Users\David\AppData\Local\HP
2015-05-04 19:21 - 2013-07-08 17:48 - 00000000 ____D () C:\Users\David\AppData\Local\matt.malensek.net
2015-05-04 19:21 - 2013-05-06 18:12 - 00000000 ____D () C:\Users\David\AppData\Local\Microsoft Games
2015-05-04 19:21 - 2012-10-17 20:12 - 00000000 ____D () C:\Users\David\AppData\Local\Sony
2015-05-04 19:21 - 2012-10-01 13:19 - 00000000 ____D () C:\Users\David\AppData\Local\RapidSolution
2015-05-04 19:21 - 2012-09-30 18:34 - 00000000 ____D () C:\Users\David\AppData\Local\PowerCinema
2015-05-04 19:21 - 2012-09-29 11:42 - 00000000 ____D () C:\Users\David\AppData\Local\Microsoft Help
2015-05-04 19:21 - 2012-09-29 07:58 - 00000000 ____D () C:\Users\David\AppData\Local\MFAData
2015-05-04 19:21 - 2012-09-29 07:27 - 00000000 ____D () C:\Users\David\AppData\Local\Google
2015-05-04 19:21 - 2012-09-29 07:06 - 00000000 ____D () C:\Users\David\AppData\Local\RemEngine
2015-05-04 19:21 - 2012-09-29 06:57 - 00000000 ____D () C:\Users\David\AppData\Local\Hewlett-Packard_Company
2015-05-04 19:21 - 2012-09-29 06:57 - 00000000 ____D () C:\Users\David\AppData\Local\Hewlett-Packard
2015-05-04 19:20 - 2015-03-31 14:44 - 00000000 ____D () C:\Users\David\AppData\Local\CrashRpt
2015-05-04 19:20 - 2015-03-03 12:36 - 00000000 ____D () C:\Users\David\Admin
2015-05-04 19:20 - 2014-12-03 14:05 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2015-05-04 19:20 - 2014-04-29 08:45 - 00000000 ____D () C:\Users\David\AppData\Local\Celeris
2015-05-04 19:20 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\David\AppData\Local\Comodo
2015-05-04 19:20 - 2014-03-31 16:46 - 00000000 ____D () C:\Users\David\AppData\Local\Clock_22
2015-05-04 19:20 - 2014-01-03 17:02 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-05-04 19:20 - 2013-12-17 10:26 - 00000000 ____D () C:\Users\David\.android
2015-05-04 19:20 - 2013-07-22 23:01 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\vlc
2015-05-04 19:20 - 2013-07-11 17:47 - 00000000 ____D () C:\Users\David\Angel
2015-05-04 19:20 - 2013-04-16 09:06 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Nico Mak Computing
2015-05-04 19:20 - 2013-03-02 10:51 - 00000000 ____D () C:\Users\Visitor\Tracing
2015-05-04 19:20 - 2013-03-02 10:40 - 00000000 ___RD () C:\Users\Visitor\SkyDrive
2015-05-04 19:20 - 2013-03-02 10:20 - 00000000 ____D () C:\Users\Visitor\Documents\My Weblog Posts
2015-05-04 19:20 - 2012-10-22 16:07 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\NVIDIA
2015-05-04 19:20 - 2012-10-22 16:05 - 00000000 ____D () C:\Users\Visitor\Documents\SnagIt
2015-05-04 19:20 - 2012-10-20 12:40 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\WildTangent
2015-05-04 19:20 - 2012-10-15 13:40 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\TuneUp Software
2015-05-04 19:20 - 2012-10-06 21:46 - 00000000 ____D () C:\Users\David\AppData\Local\Downloaded Installations
2015-05-04 19:20 - 2012-10-04 11:49 - 00000000 ____D () C:\Users\David\AppData\Local\cache
2015-05-04 19:20 - 2012-10-03 22:06 - 00000000 ____D () C:\Users\David\AppData\Local\Ares
2015-05-04 19:20 - 2012-09-30 18:34 - 00000000 ____D () C:\Users\David\AppData\Local\CyberLink
2015-05-04 19:20 - 2012-09-29 07:27 - 00000000 ____D () C:\Users\David\AppData\Local\Apps\2.0
2015-05-04 19:19 - 2014-11-22 14:20 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Logishrd
2015-05-04 19:19 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\Visitor\AppData\Local\Comodo
2015-05-04 19:19 - 2014-01-18 16:07 - 00000000 ____D () C:\Users\Visitor\AppData\Local\NVIDIA Corporation
2015-05-04 19:19 - 2014-01-10 16:30 - 00000000 ____D () C:\Users\Visitor\AppData\Local\NVIDIA
2015-05-04 19:19 - 2013-07-31 11:16 - 00000000 ____D () C:\Users\Visitor\AppData\Local\matt.malensek.net
2015-05-04 19:19 - 2013-03-02 10:51 - 00000000 ____D () C:\Users\Visitor\AppData\Local\Windows Live
2015-05-04 19:19 - 2013-03-02 10:20 - 00000000 ____D () C:\Users\Visitor\AppData\Local\Windows Live Writer
2015-05-04 19:19 - 2012-11-07 15:20 - 00000000 ____D () C:\Users\Visitor\AppData\Local\Hewlett-Packard
2015-05-04 19:19 - 2012-10-22 16:05 - 00000000 ____D () C:\Users\Visitor\AppData\Local\TechSmith
2015-05-04 19:19 - 2012-10-19 06:25 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Apple Computer
2015-05-04 19:19 - 2012-10-15 13:45 - 00000000 ____D () C:\Users\Visitor\AppData\Local\Google
2015-05-04 19:19 - 2012-10-15 13:44 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Adobe
2015-05-04 19:19 - 2012-10-15 13:44 - 00000000 ____D () C:\Users\Visitor\AppData\Local\Apps\2.0
2015-05-04 19:19 - 2012-10-15 13:41 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Logitech
2015-05-04 19:19 - 2012-10-15 13:40 - 00000000 ____D () C:\Users\Visitor\AppData\Roaming\Macromedia
2015-05-04 19:19 - 2012-10-15 13:40 - 00000000 ____D () C:\Users\Visitor\AppData\Local\VirtualStore
2015-05-04 19:19 - 2012-10-01 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-05-04 19:05 - 2015-02-22 14:20 - 00000000 ____D () C:\Windows\RaidTool
2015-05-04 19:05 - 2015-02-21 21:12 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-04 19:05 - 2014-09-15 19:42 - 00000000 ____D () C:\Windows\Registry Drill
2015-05-04 19:05 - 2014-08-12 15:58 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-05-04 19:05 - 2014-06-03 23:57 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2015-05-04 19:05 - 2014-04-23 10:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-04 19:05 - 2013-12-15 05:51 - 00000000 ____D () C:\Windows\SysWOW64\STRING
2015-05-04 19:05 - 2013-12-14 13:27 - 00000000 ____D () C:\Windows\system32\STRING
2015-05-04 19:05 - 2012-10-19 01:56 - 00000000 ____D () C:\Windows\system32\RaLanguages
2015-05-04 19:05 - 2012-10-17 20:25 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-04 19:05 - 2012-10-17 12:42 - 00000000 ____D () C:\Windows\Sun
2015-05-04 19:05 - 2012-10-17 08:13 - 00000000 ____D () C:\Windows\SysWOW64\C
2015-05-04 19:05 - 2012-09-30 18:05 - 00000000 ____D () C:\Windows\StartHtmico
2015-05-04 19:05 - 2012-09-30 15:32 - 00000000 ____D () C:\Windows\system32\SPReview
2015-05-04 19:05 - 2012-09-30 15:32 - 00000000 ____D () C:\Windows\system32\EventProviders
2015-05-04 19:05 - 2012-09-29 10:13 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-04 19:05 - 2012-09-29 09:29 - 00000000 ____D () C:\Windows\pss
2015-05-04 19:05 - 2011-04-19 11:25 - 00000000 ____D () C:\Windows\Options
2015-05-04 19:05 - 2011-04-19 11:24 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-04 19:05 - 2011-04-12 01:28 - 00000000 ____D () C:\Windows\ShellNew
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\system32\winrm
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\system32\WCN
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\system32\slmgr
2015-05-04 19:05 - 2011-04-12 01:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-05-04 19:05 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Resources
2015-05-04 19:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-04 19:04 - 2013-02-12 18:25 - 00000000 ____D () C:\Windows\IswTmp
2015-05-04 19:04 - 2012-10-06 20:29 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-05-04 19:04 - 2012-09-30 18:05 - 00000000 ____D () C:\Windows\IP4000,3000
2015-05-04 19:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-04 19:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\IME
2015-05-04 19:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2015-05-04 19:03 - 2015-04-03 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sound Forge Pro 10.0
2015-05-04 19:03 - 2015-03-28 13:11 - 00000000 ____D () C:\ProgramData\Sony
2015-05-04 19:03 - 2015-03-20 13:51 - 00000000 ____D () C:\ProgramData\Smart Soft
2015-05-04 19:03 - 2015-03-04 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-05-04 19:03 - 2015-03-03 14:58 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2015-05-04 19:03 - 2015-02-22 16:37 - 00000000 ____D () C:\ProgramData\UAB
2015-05-04 19:03 - 2015-02-22 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-05-04 19:03 - 2015-02-22 15:48 - 00000000 ____D () C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2015-05-04 19:03 - 2015-02-22 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-05-04 19:03 - 2015-02-22 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMicron Technology Corp
2015-05-04 19:03 - 2015-02-22 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
2015-05-04 19:03 - 2015-02-12 09:16 - 00000000 ____D () C:\Windows\CheckSur
2015-05-04 19:03 - 2014-12-17 10:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-04 19:03 - 2014-12-14 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-04 19:03 - 2014-11-30 18:49 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2015-05-04 19:03 - 2014-11-30 18:32 - 00000000 ____D () C:\ProgramData\Softorino
2015-05-04 19:03 - 2014-11-30 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Volume Concierge
2015-05-04 19:03 - 2014-11-30 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoneStick
2015-05-04 19:03 - 2014-11-25 22:31 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-04 19:03 - 2014-11-19 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-05-04 19:03 - 2014-11-17 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-05-04 19:03 - 2014-11-16 07:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-05-04 19:03 - 2014-11-12 19:30 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-04 19:03 - 2014-10-31 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Ghost
2015-05-04 19:03 - 2014-10-26 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrayStatus
2015-05-04 19:03 - 2014-10-26 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-05-04 19:03 - 2014-10-24 11:26 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-05-04 19:03 - 2014-10-20 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK
2015-05-04 19:03 - 2014-10-10 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HoadleyOptions Strategy
2015-05-04 19:03 - 2014-10-10 08:41 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-05-04 19:03 - 2014-10-08 12:21 - 00000000 ____D () C:\ProgramData\Portfolio Accounting Lab
2015-05-04 19:03 - 2014-09-27 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2015-05-04 19:03 - 2014-09-24 18:10 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-04 19:03 - 2014-09-16 13:08 - 00000000 ____D () C:\ProgramData\RegistryReviver.exe
2015-05-04 19:03 - 2014-09-16 13:06 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-05-04 19:03 - 2014-09-15 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools Software
2015-05-04 19:03 - 2014-09-01 11:12 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2015-05-04 19:03 - 2014-09-01 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-05-04 19:03 - 2014-09-01 11:02 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-04 19:03 - 2014-06-04 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-05-04 19:03 - 2014-06-04 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-05-04 19:03 - 2014-06-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series
2015-05-04 19:03 - 2014-06-03 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
2015-05-04 19:03 - 2014-06-03 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-05-04 19:03 - 2014-05-26 07:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Pool 3 DL
2015-05-04 19:03 - 2014-04-06 15:06 - 00000000 ____D () C:\Windows\en
2015-05-04 19:03 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\HomeGroupUser$
2015-05-04 19:03 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\Guest
2015-05-04 19:03 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\ASPNET
2015-05-04 19:03 - 2014-04-01 09:25 - 00000000 ____D () C:\Users\Administrator
2015-05-04 19:03 - 2014-03-31 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clock
2015-05-04 19:03 - 2014-02-13 22:57 - 00000000 ____D () C:\ProgramData\PSafe
2015-05-04 19:03 - 2014-02-08 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Student
2015-05-04 19:03 - 2014-02-08 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Learning Essentials
2015-05-04 19:03 - 2014-01-03 17:02 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-05-04 19:03 - 2014-01-03 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Digital Camera Updater
2015-05-04 19:03 - 2014-01-03 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Viewer 2
2015-05-04 19:03 - 2014-01-03 16:03 - 00000000 ____D () C:\Users\Public\Documents\OLYMPUS
2015-05-04 19:03 - 2014-01-03 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Camera
2015-05-04 19:03 - 2013-12-29 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Converter
2015-05-04 19:03 - 2013-12-19 16:41 - 00000000 ____D () C:\ProgramData\Visan
2015-05-04 19:03 - 2013-12-02 12:27 - 00000000 ____D () C:\ProgramData\Symantec
2015-05-04 19:03 - 2013-12-02 12:27 - 00000000 ____D () C:\ProgramData\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
2015-05-04 19:03 - 2013-10-15 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-05-04 19:03 - 2013-08-23 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-04 19:03 - 2013-07-23 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2015-05-04 19:03 - 2013-05-03 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-04 19:03 - 2013-04-29 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media converter
2015-05-04 19:03 - 2013-04-15 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ UNDELETE 7 DEMO
2015-05-04 19:03 - 2013-04-10 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-04 19:03 - 2013-03-02 10:40 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2015-05-04 19:03 - 2013-02-27 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-05-04 19:03 - 2013-01-25 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 9
2015-05-04 19:03 - 2013-01-11 06:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pazera MP4 to AVI Converter
2015-05-04 19:03 - 2013-01-02 07:26 - 00000000 ____D () C:\ProgramData\Skype
2015-05-04 19:03 - 2012-11-15 17:01 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2015-05-04 19:03 - 2012-11-15 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-05-04 19:03 - 2012-10-24 07:36 - 00000000 ____D () C:\ProgramData\Nero
2015-05-04 19:03 - 2012-10-22 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnagIt 9
2015-05-04 19:03 - 2012-10-21 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IconsExtract
2015-05-04 19:03 - 2012-10-18 15:25 - 00000000 ____D () C:\Users\TEMP
2015-05-04 19:03 - 2012-10-17 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-05-04 19:03 - 2012-10-09 08:19 - 00000000 ____D () C:\ProgramData\Raxco
2015-05-04 19:03 - 2012-10-07 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Wizard 2012
2015-05-04 19:03 - 2012-10-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
2015-05-04 19:03 - 2012-10-02 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2015-05-04 19:03 - 2012-10-01 21:50 - 00000000 ____D () C:\ProgramData\TechSmith
2015-05-04 19:03 - 2012-10-01 13:22 - 00000000 ____D () C:\ProgramData\RapidSolution
2015-05-04 19:03 - 2012-10-01 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials TV
2015-05-04 19:03 - 2012-10-01 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2015-05-04 19:03 - 2012-10-01 10:56 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-05-04 19:03 - 2012-10-01 10:44 - 00000000 ____D () C:\ProgramData\Sun
2015-05-04 19:03 - 2012-09-30 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PIXMA iP3000 Manual
2015-05-04 19:03 - 2012-09-29 23:34 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-05-04 19:03 - 2012-09-29 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-04 19:03 - 2012-09-29 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-05-04 19:03 - 2012-09-29 13:18 - 00000000 ____D () C:\Users\Public\CyberLink
2015-05-04 19:03 - 2012-09-29 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-04 19:03 - 2012-09-29 11:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-04 19:03 - 2012-09-29 10:59 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-05-04 19:03 - 2012-09-29 10:17 - 00000000 ____D () C:\ProgramData\PDFC
2015-05-04 19:03 - 2012-09-29 07:58 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-04 19:03 - 2012-09-29 06:57 - 00000000 ____D () C:\Users\Public\Symantec
2015-05-04 19:03 - 2012-09-29 06:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides
2015-05-04 19:03 - 2012-09-29 02:18 - 00000000 ____D () C:\ProgramData\Recovery
2015-05-04 19:03 - 2011-04-19 11:41 - 00000000 ____D () C:\ProgramData\Norton
2015-05-04 19:03 - 2011-04-19 11:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-05-04 19:03 - 2011-04-19 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-04 19:03 - 2011-04-19 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders
2015-05-04 19:03 - 2011-04-19 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2015-05-04 19:03 - 2011-04-19 11:36 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-04 19:03 - 2011-04-19 11:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-05-04 19:03 - 2011-04-19 11:35 - 00000000 ___DC () C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}
2015-05-04 19:03 - 2011-04-19 11:35 - 00000000 ____D () C:\ProgramData\Uninstall
2015-05-04 19:03 - 2011-04-19 11:35 - 00000000 ____D () C:\ProgramData\Sonic
2015-05-04 19:03 - 2011-04-19 11:35 - 00000000 ____D () C:\ProgramData\RoxioNow
2015-05-04 19:03 - 2011-04-19 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
2015-05-04 19:03 - 2011-04-19 11:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-04 19:03 - 2011-04-19 11:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-05-04 19:03 - 2011-04-19 11:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-05-04 19:03 - 2011-04-19 11:28 - 00000000 ____D () C:\ProgramData\Temp
2015-05-04 19:03 - 2011-04-19 11:28 - 00000000 ____D () C:\ProgramData\Ralink Driver
2015-05-04 19:03 - 2011-04-19 11:24 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-05-04 19:03 - 2011-04-12 01:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-04 19:03 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-05-04 19:03 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-04 19:03 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-04 19:03 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 19:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-04 19:02 - 2015-03-22 16:09 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-04 19:02 - 2015-03-01 13:02 - 00000000 ____D () C:\ProgramData\Comodo
2015-05-04 19:02 - 2015-02-21 13:01 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-04 19:02 - 2014-09-15 11:47 - 00000000 ____D () C:\ProgramData\Autodesk
2015-05-04 19:02 - 2014-04-29 08:44 - 00000000 ____D () C:\ProgramData\Celeris
2015-05-04 19:02 - 2014-04-04 15:51 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-05-04 19:02 - 2014-04-01 09:26 - 00000000 ____D () C:\ProgramData\GreenApp
2015-05-04 19:02 - 2014-04-01 09:24 - 00000000 ____D () C:\ProgramData\InstallMate
2015-05-04 19:02 - 2013-12-25 17:39 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2015-05-04 19:02 - 2013-12-24 16:50 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2015-05-04 19:02 - 2013-12-19 16:38 - 00000000 ____D () C:\ProgramData\HP
2015-05-04 19:02 - 2013-12-15 05:50 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2015-05-04 19:02 - 2013-12-14 13:32 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-05-04 19:02 - 2013-07-02 20:21 - 00000000 ____D () C:\ProgramData\Belkin
2015-05-04 19:02 - 2013-04-10 10:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-05-04 19:02 - 2013-03-21 19:09 - 00000000 ____D () C:\ProgramData\LightScribe
2015-05-04 19:02 - 2012-12-06 18:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-05-04 19:02 - 2012-11-10 19:51 - 00000000 ____D () C:\ProgramData\BVRP Software
2015-05-04 19:02 - 2012-10-24 07:37 - 00000000 ____D () C:\ProgramData\Ahead
2015-05-04 19:02 - 2012-10-04 11:31 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-05-04 19:02 - 2012-10-01 10:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-04 19:02 - 2012-09-29 23:18 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-04 19:02 - 2012-09-29 15:33 - 00000000 ____D () C:\ProgramData\Logitech
2015-05-04 19:02 - 2012-09-29 15:32 - 00000000 ____D () C:\ProgramData\Logishrd
2015-05-04 19:02 - 2012-09-29 15:17 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-04 19:02 - 2012-09-29 15:16 - 00000000 ____D () C:\ProgramData\Apple
2015-05-04 19:02 - 2012-09-29 13:56 - 00000000 ____D () C:\ProgramData\CanonBJ
2015-05-04 19:02 - 2012-09-29 07:39 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-05-04 19:02 - 2011-04-19 11:35 - 00000000 ____D () C:\ProgramData\Macrovision
2015-05-04 19:02 - 2011-04-19 11:31 - 00000000 ____D () C:\ProgramData\CyberLink
2015-05-04 19:02 - 2011-04-19 11:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-04 19:00 - 2015-02-23 11:51 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-05-04 19:00 - 2015-02-23 11:23 - 00000000 ____D () C:\Program Files (x86)\Windows Live SkyDrive
2015-05-04 19:00 - 2014-11-18 22:18 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-04 19:00 - 2014-10-20 07:57 - 00000000 ____D () C:\Program Files (x86)\Windows Resource Kits
2015-05-04 19:00 - 2014-09-15 20:45 - 00000000 ____D () C:\Program Files (x86)\WinTools Software
2015-05-04 19:00 - 2012-11-07 22:39 - 00000000 ____D () C:\ProgramData\3B345
2015-05-04 19:00 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\XP64
2015-05-04 19:00 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\XAMLStubs
2015-05-04 19:00 - 2012-09-29 18:43 - 00000000 ____D () C:\ProgramData\ABBYY
2015-05-04 19:00 - 2012-09-29 16:16 - 00000000 ____D () C:\Program Files (x86)\µTorrent
2015-05-04 19:00 - 2012-09-29 10:56 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2015-05-04 19:00 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-05-04 19:00 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-04 18:59 - 2015-03-21 19:23 - 00000000 ____D () C:\Program Files (x86)\Tor Browser
2015-05-04 18:59 - 2015-03-18 00:08 - 00000000 ____D () C:\Program Files (x86)\Virtual Pool 4 Online
2015-05-04 18:59 - 2014-11-26 23:18 - 00000000 ____D () C:\Program Files (x86)\Twitter Hacker Pro 2.8.9
2015-05-04 18:59 - 2014-11-18 21:42 - 00000000 ____D () C:\Program Files (x86)\Winamp
2015-05-04 18:59 - 2014-10-26 18:59 - 00000000 ____D () C:\Program Files (x86)\TrayStatus
2015-05-04 18:59 - 2014-10-10 08:44 - 00000000 ____D () C:\Program Files (x86)\StockWatch
2015-05-04 18:59 - 2014-09-01 11:10 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-05-04 18:59 - 2014-05-26 07:52 - 00000000 ____D () C:\Program Files (x86)\Virtual Pool 3
2015-05-04 18:59 - 2014-03-31 10:24 - 00000000 ____D () C:\Program Files (x86)\skinclock
2015-05-04 18:59 - 2013-04-15 21:37 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2015-05-04 18:59 - 2013-04-07 08:00 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-04 18:59 - 2013-01-09 09:35 - 00000000 ____D () C:\Program Files (x86)\RegCleaner
2015-05-04 18:59 - 2012-11-10 21:18 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-05-04 18:59 - 2012-10-17 20:24 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install
2015-05-04 18:59 - 2012-10-09 08:17 - 00000000 ____D () C:\Program Files (x86)\Raxco
2015-05-04 18:59 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\Textures
2015-05-04 18:59 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\Stamps
2015-05-04 18:59 - 2012-10-01 19:09 - 00000000 ____D () C:\Program Files (x86)\VSTplugins
2015-05-04 18:59 - 2012-10-01 19:05 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-05-04 18:59 - 2012-10-01 18:43 - 00000000 ____D () C:\Program Files (x86)\Sony Setup
2015-05-04 18:59 - 2012-10-01 14:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-04 18:59 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\VCDWriter
2015-05-04 18:59 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\tbhsd
2015-05-04 18:59 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\Skin
2015-05-04 18:59 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\RapidSolution
2015-05-04 18:59 - 2011-04-19 11:35 - 00000000 ____D () C:\Program Files (x86)\Roxio
2015-05-04 18:59 - 2011-04-19 11:25 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-05-04 18:59 - 2011-04-19 11:24 - 00000000 ___HD () C:\Program Files (x86)\ToDELETE--InstallShield Installation Information
2015-05-04 18:58 - 2015-03-20 13:36 - 00000000 ____D () C:\Program Files (x86)\office Convert Pdf to Word for Doc Free
2015-05-04 18:58 - 2014-11-30 18:32 - 00000000 ____D () C:\Program Files (x86)\PhoneStick
2015-05-04 18:58 - 2014-11-24 16:37 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-04 18:58 - 2014-10-31 15:08 - 00000000 ____D () C:\Program Files (x86)\Norton Ghost
2015-05-04 18:58 - 2014-10-10 10:24 - 00000000 ____D () C:\Program Files (x86)\Parago
2015-05-04 18:58 - 2014-10-07 12:48 - 00000000 ____D () C:\Program Files (x86)\Options Oracle
2015-05-04 18:58 - 2014-05-31 18:51 - 00000000 ____D () C:\Program Files (x86)\Onkyo
2015-05-04 18:58 - 2014-04-01 09:35 - 00000000 ____D () C:\Program Files (x86)\MiniGet
2015-05-04 18:58 - 2014-01-03 16:44 - 00000000 ____D () C:\Program Files (x86)\OLYMPUS
2015-05-04 18:58 - 2013-08-09 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-04 18:58 - 2013-01-11 06:38 - 00000000 ____D () C:\Program Files (x86)\pazera-software
2015-05-04 18:58 - 2013-01-09 09:12 - 00000000 ____D () C:\Program Files (x86)\MSECACHE
2015-05-04 18:58 - 2012-11-15 16:57 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2015-05-04 18:58 - 2012-10-07 14:04 - 00000000 ____D () C:\Program Files (x86)\PC Wizard 2012
2015-05-04 18:58 - 2012-10-04 11:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-05-04 18:58 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\mplayer
2015-05-04 18:58 - 2011-04-19 11:39 - 00000000 ____D () C:\Program Files (x86)\PlayReady
2015-05-04 18:58 - 2011-04-19 11:35 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-05-04 18:58 - 2011-04-19 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2015-05-04 18:58 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-04 18:57 - 2015-03-04 10:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2015-05-04 18:57 - 2015-03-04 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-05-04 18:57 - 2015-03-03 20:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Setup Bootstrapper
2015-05-04 18:57 - 2015-02-22 14:50 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-05-04 18:57 - 2014-12-17 10:36 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2015-05-04 18:57 - 2014-12-03 17:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-04 18:57 - 2014-11-13 21:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-05-04 18:57 - 2014-10-26 11:38 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2015-05-04 18:57 - 2014-02-08 17:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Student
2015-05-04 18:57 - 2014-02-08 17:29 - 00000000 ____D () C:\Program Files (x86)\Learning Essentials
2015-05-04 18:57 - 2013-12-29 21:59 - 00000000 ____D () C:\Program Files (x86)\Image Converter
2015-05-04 18:57 - 2013-12-02 15:09 - 00000000 ____D () C:\Program Files (x86)\MagicDisc
2015-05-04 18:57 - 2013-09-13 17:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-04 18:57 - 2013-04-29 10:11 - 00000000 ____D () C:\Program Files (x86)\Media converter
2015-05-04 18:57 - 2013-03-02 10:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2015-05-04 18:57 - 2012-10-21 09:33 - 00000000 ____D () C:\Program Files (x86)\IconsExtract
2015-05-04 18:57 - 2012-10-04 11:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-05-04 18:57 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\Images
2015-05-04 18:57 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\HTML_Content
2015-05-04 18:57 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\manual
2015-05-04 18:57 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\lang
2015-05-04 18:57 - 2012-10-01 10:43 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-04 18:57 - 2012-09-29 11:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-05-04 18:57 - 2011-04-19 11:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-04 18:57 - 2011-04-19 11:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-04 18:57 - 2011-04-19 11:39 - 00000000 ____D () C:\Program Files (x86)\K-NFB Reading Technology Inc
2015-05-04 18:57 - 2011-04-19 11:36 - 00000000 ____D () C:\Program Files (x86)\HP Games
2015-05-04 18:57 - 2011-04-19 11:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-04 18:57 - 2011-04-19 11:28 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-04 18:55 - 2014-10-10 11:10 - 00000000 ____D () C:\Program Files (x86)\HoadleyOptions
2015-05-04 18:55 - 2014-10-10 11:10 - 00000000 ____D () C:\Program Files (x86)\Hoadley_Net
2015-05-04 18:55 - 2011-04-19 11:29 - 00000000 ____D () C:\Program Files (x86)\Hp
2015-05-04 18:55 - 2011-04-19 11:24 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-05-04 18:53 - 2015-02-22 13:17 - 00000000 ____D () C:\Program Files (x86)\Driver Identifier
2015-05-04 18:53 - 2014-11-30 18:32 - 00000000 ____D () C:\Program Files (x86)\Dokan
2015-05-04 18:53 - 2014-06-04 11:37 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-05-04 18:53 - 2013-09-13 16:45 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-04 18:53 - 2012-10-02 08:34 - 00000000 ____D () C:\Program Files (x86)\epson
2015-05-04 18:53 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\DLLx64
2015-05-04 18:53 - 2012-10-01 10:49 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2015-05-04 18:53 - 2011-04-19 11:30 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-05-04 18:52 - 2014-05-02 12:18 - 00000000 ____D () C:\Program Files (x86)\Celeris
2015-05-04 18:52 - 2014-03-31 16:46 - 00000000 ____D () C:\Program Files (x86)\Clock
2015-05-04 18:52 - 2012-10-01 13:22 - 00000000 ____D () C:\Program Files (x86)\CDWizard
2015-05-04 18:52 - 2012-10-01 11:13 - 00000000 ____D () C:\Program Files (x86)\CleanUp!
2015-05-04 18:52 - 2012-10-01 09:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-05-04 18:52 - 2012-09-29 15:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-04 18:52 - 2012-09-29 13:44 - 00000000 ____D () C:\Program Files (x86)\Chameleon Clock
2015-05-04 18:51 - 2014-11-30 17:59 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2015-05-04 18:51 - 2014-10-24 11:27 - 00000000 ____D () C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804
2015-05-04 18:51 - 2014-09-01 11:12 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2015-05-04 18:51 - 2013-12-20 09:44 - 00000000 ____D () C:\Program Files (x86)\Belkin
2015-05-04 18:51 - 2013-02-13 17:38 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-05-04 18:51 - 2013-02-12 23:50 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2015-05-04 18:51 - 2013-01-25 12:31 - 00000000 ____D () C:\Program Files (x86)\Audials 9
2015-05-04 18:51 - 2012-10-05 13:40 - 00000000 ____D () C:\Program Files (x86)\Ares
2015-05-04 18:51 - 2012-10-01 21:20 - 00000000 ____D () C:\Program Files (x86)\Belarc
2015-05-04 18:51 - 2012-09-29 23:22 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-04 18:51 - 2012-09-29 15:16 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-04 18:50 - 2014-11-30 18:32 - 00000000 ____D () C:\Program Files\Volume Concierge
2015-05-04 18:50 - 2014-10-20 10:38 - 00000000 ____D () C:\Program Files\Windows Imaging
2015-05-04 18:50 - 2014-10-20 10:38 - 00000000 ____D () C:\Program Files\Windows AIK
2015-05-04 18:50 - 2014-09-27 08:33 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 12
2015-05-04 18:50 - 2014-09-16 13:06 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-05-04 18:50 - 2014-06-03 11:56 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
2015-05-04 18:50 - 2014-04-06 14:54 - 00000000 ____D () C:\Program Files\Windows Live
2015-05-04 18:50 - 2013-07-08 17:41 - 00000000 ____D () C:\Program Files (x86)\3RVX
2015-05-04 18:50 - 2012-11-08 13:24 - 00000000 ____D () C:\Program Files\SyncToy 2.1
2015-05-04 18:50 - 2012-10-09 08:19 - 00000000 ____D () C:\Program Files\PerfectDisk
2015-05-04 18:50 - 2012-10-01 21:50 - 00000000 ____D () C:\Program Files (x86)\2KXP
2015-05-04 18:50 - 2012-10-01 10:56 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-05-04 18:50 - 2011-04-19 11:38 - 00000000 ____D () C:\Program Files\PlayReady
2015-05-04 18:50 - 2011-04-12 01:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-04 18:50 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-05-04 18:50 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-04 18:49 - 2015-03-20 13:51 - 00000000 ____D () C:\Program Files\Free PDF to Word Converter
2015-05-04 18:49 - 2015-03-01 13:05 - 00000000 ____D () C:\Program Files\COMODO
2015-05-04 18:49 - 2014-11-26 18:51 - 00000000 ____D () C:\Program Files\Geosense for Windows
2015-05-04 18:49 - 2014-11-18 22:18 - 00000000 ____D () C:\Program Files\iTunes
2015-05-04 18:49 - 2014-06-03 23:57 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-05-04 18:49 - 2014-01-03 16:45 - 00000000 ____D () C:\Program Files\DIFX
2015-05-04 18:49 - 2013-09-22 11:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-04 18:49 - 2013-09-13 17:02 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2015-05-04 18:49 - 2013-04-10 10:38 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-04 18:49 - 2012-11-15 17:01 - 00000000 ____D () C:\Program Files\Common Files\PACE Anti-Piracy
2015-05-04 18:49 - 2012-11-08 13:22 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2015-05-04 18:49 - 2012-10-17 13:16 - 00000000 ____D () C:\Program Files\Intel
2015-05-04 18:49 - 2012-10-04 11:19 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-05-04 18:49 - 2012-10-04 11:16 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2015-05-04 18:49 - 2012-10-04 11:16 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-05-04 18:49 - 2012-09-30 21:25 - 00000000 ____D () C:\Program Files\Common Files\Canon
2015-05-04 18:49 - 2012-09-30 16:37 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-05-04 18:49 - 2012-09-29 15:32 - 00000000 ____D () C:\Program Files\Logitech
2015-05-04 18:49 - 2012-09-29 15:32 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2015-05-04 18:49 - 2012-09-29 15:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-04 18:49 - 2012-09-29 15:16 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-04 18:49 - 2012-09-29 11:42 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-04 18:49 - 2011-04-19 11:24 - 00000000 ____D () C:\Program Files\hp
2015-05-04 18:49 - 2011-04-19 11:24 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-05-04 18:49 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-05-04 18:49 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-04 18:49 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-04 18:48 - 2014-09-01 11:12 - 00000000 ____D () C:\Program Files\Application Verifier
2015-05-04 18:48 - 2013-07-06 08:00 - 00000000 ____D () C:\Program Files\AutoHotkey
2015-05-04 18:48 - 2013-07-02 20:21 - 00000000 ____D () C:\Program Files\Belkin
2015-05-04 18:48 - 2012-10-04 11:16 - 00000000 ____D () C:\Program Files\Autodesk
2015-05-04 18:47 - 2012-09-30 16:38 - 00000000 ____D () C:\Program Files\Adobe
2015-05-04 18:44 - 2013-04-15 21:53 - 00000000 ____D () C:\Program Files\Active Data Recovery Software
2015-05-04 18:44 - 2012-09-29 17:57 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-04 18:38 - 2012-09-29 18:40 - 00000000 ____D () C:\Temp
2015-05-04 18:37 - 2011-04-12 01:28 - 00000000 ____D () C:\Windows\CSC
2015-05-04 18:03 - 2015-02-19 21:06 - 01458917 _____ () C:\Windows\WindowsUpdate (1).log
2015-05-04 17:20 - 2014-08-12 15:59 - 00907308 _____ () C:\Windows\system32\perfh00A.dat
2015-05-04 17:20 - 2014-08-12 15:59 - 00203496 _____ () C:\Windows\system32\perfc00A.dat
2015-05-04 17:15 - 2014-10-21 16:53 - 00001890 _____ () C:\Windows\diagwrn.xml
2015-05-04 17:15 - 2014-10-21 16:53 - 00001890 _____ () C:\Windows\diagerr.xml
2015-05-04 17:08 - 2015-01-13 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-05-04 15:53 - 2013-12-20 15:39 - 00002276 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin Router Monitor.lnk
2015-05-04 13:33 - 2013-04-25 06:31 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-04 13:32 - 2013-04-25 06:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\HP Support Assistant
2015-05-04 13:30 - 2013-07-27 14:13 - 00000375 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-04 09:13 - 2012-09-29 10:53 - 00033296 _____ () C:\Users\David\Documents\ToDo.xlsx
2015-04-30 21:39 - 2013-09-09 11:29 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-04-27 16:35 - 2012-09-29 07:43 - 00000000 ____D () C:\Users\David\AppData\Roaming\CheckPoint
2015-04-27 09:37 - 2014-11-24 16:38 - 00000000 ____D () C:\Users\David\AppData\Roaming\Opera Software
2015-04-27 09:37 - 2014-11-24 16:38 - 00000000 ____D () C:\Users\David\AppData\Local\Opera Software
2015-04-27 09:15 - 2014-10-31 15:39 - 00001181 _____ () C:\Users\Visitor\Desktop\Norton Ghost.lnk
2015-04-24 12:00 - 2015-03-04 13:00 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2015-04-23 08:23 - 2012-10-01 10:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-18 15:07 - 2014-09-14 19:04 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
2015-04-15 17:19 - 2013-05-06 15:04 - 00000021 _____ () C:\Windows\SurCode.INI
2015-04-15 17:19 - 2011-07-12 05:49 - 00000000 ___HD () C:\Users\David\AppData\Local\i1VqavrmfKyW
2015-04-15 17:19 - 2011-01-27 19:59 - 00000000 ___HD () C:\Users\David\AppData\Local\VCHl52fb
2015-04-15 07:53 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2015-04-14 21:55 - 2013-07-21 11:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 13:29 - 2014-06-13 07:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 13:29 - 2012-09-29 10:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 13:29 - 2012-09-29 10:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 09:37 - 2015-03-09 09:22 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2015-03-09 09:22 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2015-03-09 09:22 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-06 14:24 - 2013-08-06 08:45 - 00000638 _____ () C:\Program Files (x86)\volume.ahk
2015-04-05 12:01 - 2015-04-02 12:53 - 00002524 _____ () C:\Users\David\Documents\Register Sound Forge Pro.htm
 
 


#11 daivddd

daivddd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 05 May 2015 - 07:40 PM

==================== Files in the root of some directories =======
 
2012-10-01 11:28 - 2012-10-01 11:28 - 0050688 _____ (Atribune.org) C:\Program Files\ATF-Cleaner.exe
2013-07-22 12:02 - 2013-07-22 12:02 - 1898001 _____ () C:\Program Files\MGtools.exe
2013-07-21 15:33 - 2013-07-21 15:33 - 0347424 _____ (Microsoft Corporation) C:\Program Files\MicrosoftFixit.ProgramInstallUninstall.RNP.150297876445938925.3.2.Run.exe
2013-07-22 11:52 - 2013-07-22 11:52 - 3778560 _____ () C:\Program Files\RogueKillerX64.exe
2013-07-22 11:58 - 2013-07-22 11:58 - 2237968 _____ (Kaspersky Lab ZAO) C:\Program Files\tdsskiller.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0541536 _____ (Igor Pavlov) C:\Program Files (x86)\7za.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0797184 _____ () C:\Program Files (x86)\ac3filter.ax
2008-09-22 01:31 - 2008-09-22 01:31 - 0107848 _____ (TechSmith Corporation) C:\Program Files (x86)\AccessoryInstaller.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0124344 _____ () C:\Program Files (x86)\akrip32.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0448864 _____ () C:\Program Files (x86)\ArtistBrowserDataModel.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0488288 _____ (RapidSolution Software AG) C:\Program Files (x86)\Audials.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0443744 _____ () C:\Program Files (x86)\AudialsGUI.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 4839264 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudialsKernel.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0623968 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudialsPlayer.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0374624 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudialsShellExtension.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 8632672 _____ () C:\Program Files (x86)\AudialsStarter.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1175552 _____ () C:\Program Files (x86)\audialsTV.msi
2011-05-18 13:04 - 2011-05-18 13:04 - 0527712 _____ (RapidSolution Software AG) C:\Program Files (x86)\AudioCutterCore.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0894816 _____ (RapidSolution Software) C:\Program Files (x86)\AudioCutterU.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 3294560 _____ (RapidSolution Software AG) C:\Program Files (x86)\AutoRip.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0537440 _____ (RapidSolution Software AG) C:\Program Files (x86)\autotag.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0000554 _____ () C:\Program Files (x86)\avifix.reg
2011-05-18 13:04 - 2011-05-18 13:04 - 0046944 _____ (RapidSolution Software) C:\Program Files (x86)\AxisU.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0095072 _____ (Microsoft) C:\Program Files (x86)\BuyNow.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0856928 _____ (RapidSolution Software AG) C:\Program Files (x86)\CallUninstallSurvey.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0643424 _____ (RapidSolution Software AG) C:\Program Files (x86)\Capture.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0017245 _____ () C:\Program Files (x86)\comreadme.doc
2011-05-18 13:04 - 2011-05-18 13:04 - 2660704 _____ (RapidSolution Software AG) C:\Program Files (x86)\ConvertFiles.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0044896 _____ () C:\Program Files (x86)\CrashHandlerNET.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0067424 _____ () C:\Program Files (x86)\CrashRpt.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0557408 _____ () C:\Program Files (x86)\CrashSender.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1080160 _____ (Microsoft Corporation) C:\Program Files (x86)\dbghelp.dll
2015-04-22 10:34 - 2015-04-22 10:34 - 0002012 _____ () C:\Program Files (x86)\Desktop.lnk
2011-05-18 13:04 - 2011-05-18 13:04 - 2959376 _____ (Microsoft Corporation) C:\Program Files (x86)\dotnetfx35setup.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0975200 _____ (RapidSolution Software AG) C:\Program Files (x86)\DotNetPrerequisiteChecker.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0370016 _____ (RapidSolution Software AG) C:\Program Files (x86)\DownloadManager.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0000128 _____ () C:\Program Files (x86)\dsblacklist.txt
2011-05-18 13:04 - 2011-05-18 13:04 - 2336096 _____ (RapidSolution Software AG) C:\Program Files (x86)\EncodingBackend.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0439648 _____ (RapidSolution Software AG) C:\Program Files (x86)\EncodingProfiles.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 7403360 _____ () C:\Program Files (x86)\ffmpeg.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0039264 _____ () C:\Program Files (x86)\ffmpegrunner.exe
2001-09-05 21:00 - 2001-09-05 21:00 - 1700352 _____ (Microsoft Corporation) C:\Program Files (x86)\gdiplus.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0538464 _____ (RapidSolution Software AG) C:\Program Files (x86)\GlobalPlayer.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0996192 _____ (RapidSolution Software AG) C:\Program Files (x86)\ImportA4Settings.exe
2008-09-22 01:30 - 2008-09-22 01:30 - 0027792 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfbmp15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0024720 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfcal15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0390496 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfcmp15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0025232 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfeps15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0103776 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lffax15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0033424 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfgif15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0030352 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfica15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0014992 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfimg15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0066192 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfjbg15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0013968 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfmsp15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0064656 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpct15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0021136 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpcx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0126096 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpng15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0056464 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfpsd15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0016016 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfras15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0011920 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfraw15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0018576 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lftga15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0152928 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lftif15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0015504 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfwfx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0025744 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfwmf15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0015504 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lfwpg15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0013431 _____ () C:\Program Files (x86)\License.txt
2011-05-18 13:04 - 2011-05-18 13:04 - 0641376 _____ (RapidSolution Software AG) C:\Program Files (x86)\LivePlay.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 2496352 _____ (RapidSolution Software AG) C:\Program Files (x86)\LongAudioStreamCutter.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 1715344 _____ (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltclr15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0267616 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltdis15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0257168 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltefx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0189792 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltfil15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0212112 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgclr15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0357728 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgcor15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0208016 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgefx15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0134288 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltimgutl15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0488800 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltkrn15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0138384 _____ (LEAD Technologies, Inc.) C:\Program Files (x86)\Ltscr15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0122000 _____ (LEAD Technologies, Inc.) C:\Program Files (x86)\Lttwn15u.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0265368 ____R (LEAD Technologies, Inc.) C:\Program Files (x86)\Lvkrn15u.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0065024 _____ () C:\Program Files (x86)\lzma.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0031584 _____ () C:\Program Files (x86)\ManagedInterfaces.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0623968 _____ (RapidSolution Software AG) C:\Program Files (x86)\MetaWeb.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 1101824 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc80.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0040960 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80CHS.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0045056 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80CHT.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0065536 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80DEU.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0057344 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80ENU.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80ESP.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80FRA.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80ITA.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80JPN.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC80KOR.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 1093120 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc80u.dll
2013-04-10 10:53 - 2013-04-10 10:53 - 1898001 _____ () C:\Program Files (x86)\MGtools.exe
2008-09-22 00:02 - 2008-09-22 00:02 - 0001869 _____ () C:\Program Files (x86)\Microsoft.VC80.CRT.manifest
2008-09-22 00:02 - 2008-09-22 00:02 - 0002371 _____ () C:\Program Files (x86)\Microsoft.VC80.MFC.manifest
2008-09-22 00:02 - 2008-09-22 00:02 - 0001240 _____ () C:\Program Files (x86)\Microsoft.VC80.MFCLOC.manifest
2011-05-18 13:04 - 2011-05-18 13:04 - 0059232 _____ () C:\Program Files (x86)\MiniProfilerNET.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 8371712 _____ () C:\Program Files (x86)\mjpeg.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0897888 _____ (RapidSolution Software AG) C:\Program Files (x86)\MoKernel.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1717088 _____ (RapidSolution Software AG) C:\Program Files (x86)\MOP.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0097632 _____ (RapidSolution Software AG) C:\Program Files (x86)\MP3Normalizer.exe
2008-09-22 00:02 - 2008-09-22 00:02 - 0548864 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp80.dll
2008-09-22 00:02 - 2008-09-22 00:02 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr80.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1736544 _____ (RapidSolution Software AG) C:\Program Files (x86)\MusicFinder.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1511264 _____ (RapidSolution Software AG) C:\Program Files (x86)\OptionsDlg.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0509280 _____ () C:\Program Files (x86)\PluginsManager.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1921888 _____ (RapidSolution Software AG) C:\Program Files (x86)\Podcasts.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1389920 _____ (RapidSolution Software AG) C:\Program Files (x86)\PostProcessing.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0019521 _____ () C:\Program Files (x86)\Readme.txt
2011-05-18 13:04 - 2011-05-18 13:04 - 0194912 _____ (RapidSolution Software) C:\Program Files (x86)\Restarter.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1864032 _____ (RapidSolution Software) C:\Program Files (x86)\RingtoneCreator.dll
2013-04-10 11:01 - 2013-04-10 11:01 - 0791040 _____ () C:\Program Files (x86)\RogueKillerX64.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0048480 _____ () C:\Program Files (x86)\RSControls.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1134432 _____ (RapidSolution Software AG) C:\Program Files (x86)\RSDriverManager.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0002158 _____ () C:\Program Files (x86)\RSDriverManager_AU.ini
2011-05-18 13:04 - 2011-05-18 13:04 - 1503584 _____ (RapidSolution Software AG) C:\Program Files (x86)\RsOfa.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 1086304 _____ (RapidSolution Software AG) C:\Program Files (x86)\RSTagLib.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 1431904 _____ (RapidSolution Software AG) C:\Program Files (x86)\SearchMusic.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0277344 _____ (RapidSolution Software AG) C:\Program Files (x86)\SetupFinalizer.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0807776 _____ (RapidSolution Software AG) C:\Program Files (x86)\SharedResources.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0027976 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagAA.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0104776 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagAA64.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0089688 _____ () C:\Program Files (x86)\SnagAdd.chm
2008-09-22 01:31 - 2008-09-22 01:31 - 0030536 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagDx.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0136008 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagDX64.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0020808 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagEx.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0092488 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagEx64.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0019968 _____ () C:\Program Files (x86)\SnagIt Add-in.dot
2008-09-22 01:30 - 2008-09-22 01:30 - 4088649 _____ () C:\Program Files (x86)\SnagIt.chm
2008-09-22 01:31 - 2008-09-22 01:31 - 6825288 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagIt32.exe
2008-09-22 01:30 - 2008-09-22 01:30 - 0117142 ____R () C:\Program Files (x86)\SnagItAccessories.ico
2008-09-22 01:31 - 2008-09-22 01:31 - 0025928 _____ () C:\Program Files (x86)\SnagItADMgr.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0066888 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItBHO.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 7335240 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItEditor.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 4511048 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItEditorRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0079176 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItET.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0226632 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItFramePlugin.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0066888 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItFramePluginRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0161096 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItIEAddin.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0116040 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItIEAddinRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0341320 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItOfficeAddin.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0116040 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItOfficeAddinRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0066888 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPI.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 0072520 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPI64.exe
2008-09-22 01:30 - 2008-09-22 01:30 - 0049334 ____R () C:\Program Files (x86)\SnagitProfiles.ico
2008-09-22 01:31 - 2008-09-22 01:31 - 0398664 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPt.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0464200 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItPt64.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 2860360 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0087368 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItShellExt.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0029512 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItShellExtRes.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0083272 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagItUtl.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0075080 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagPriv.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 0185672 _____ (TechSmith Corporation) C:\Program Files (x86)\SNAGTXNT.DLL
2008-09-22 01:31 - 2008-09-22 01:31 - 0109896 _____ (TechSmith Corporation) C:\Program Files (x86)\SnagTxNT64.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0042848 _____ () C:\Program Files (x86)\SoundHook.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_mediaraptor.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_radiograbber.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_radiotracker.bmp
2011-05-18 13:04 - 2011-05-18 13:04 - 0382844 _____ () C:\Program Files (x86)\splash_tunebite.bmp
2008-09-22 01:31 - 2008-09-22 01:31 - 0060232 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlcecompact35.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0139080 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlceer35EN.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0139592 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlceoledb35.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0563528 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlceqp35.dll
2008-09-22 01:31 - 2008-09-22 01:31 - 0308552 ____R (Microsoft Corporation) C:\Program Files (x86)\sqlcese35.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0375136 _____ () C:\Program Files (x86)\SQLite3.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0543584 _____ () C:\Program Files (x86)\StreamingClient.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0395104 _____ (RapidSolution Software AG) C:\Program Files (x86)\StreamRecorder.dll
2013-03-23 18:27 - 2013-03-23 18:27 - 23909328 _____ (SUPERAntiSpyware.com) C:\Program Files (x86)\SUPERAntiSpyware.exe
2013-04-10 10:46 - 2013-04-10 10:46 - 2237968 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\tdsskiller.exe
2008-09-22 00:02 - 2008-09-22 00:02 - 0027991 _____ () C:\Program Files (x86)\template.swf
2011-05-18 13:04 - 2011-05-18 13:04 - 0084901 _____ () C:\Program Files (x86)\TestAudio.wma
2008-09-22 01:31 - 2008-09-22 01:31 - 0054600 _____ (TechSmith Corporation) C:\Program Files (x86)\TscHelp.exe
2008-09-22 01:31 - 2008-09-22 01:31 - 0143176 _____ () C:\Program Files (x86)\TSMSIhlp.EXE
2011-05-18 13:04 - 2011-05-18 13:04 - 0035168 _____ ( RapidSolution Software AG) C:\Program Files (x86)\TunebiteHelper.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0586080 _____ (RapidSolution Software AG) C:\Program Files (x86)\update.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0989536 _____ (RapidSolution Software AG) C:\Program Files (x86)\USBUnplugMonitor.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0252768 _____ (RapidSolution Software AG) C:\Program Files (x86)\VCredistSmartChecker.exe
2011-05-18 13:04 - 2011-05-18 13:04 - 0213344 _____ (TODO: <Company name>) C:\Program Files (x86)\VCRedistSmartCheckerDll.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 4485976 _____ (Microsoft Corporation) C:\Program Files (x86)\vcredist_x86.exe
2013-12-28 22:22 - 2013-12-28 22:22 - 0000000 _____ () C:\Program Files (x86)\vocab.exe
2013-12-28 22:05 - 2013-12-28 21:27 - 0002098 _____ () C:\Program Files (x86)\Vocabulary - Copy.lnk
2013-12-28 21:23 - 2013-12-28 21:27 - 0002098 _____ () C:\Program Files (x86)\Vocabulary.lnk
2013-08-06 08:45 - 2015-04-06 14:24 - 0000638 _____ () C:\Program Files (x86)\volume.ahk
2011-05-18 13:04 - 2011-05-18 13:04 - 0078176 _____ (Microsoft) C:\Program Files (x86)\WPFSkinParser.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0505696 _____ (Microsoft Corp.) C:\Program Files (x86)\WPFToolkit.dll
2008-09-22 01:30 - 2008-09-22 01:30 - 0430760 _____ (Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com) C:\Program Files (x86)\XceedZip.dll
2011-05-18 13:04 - 2011-05-18 13:04 - 0118112 _____ (PJ Naughter) C:\Program Files (x86)\XTaskDialog.dll
2014-01-24 09:05 - 2014-01-24 09:05 - 0000162 ____H () C:\Program Files (x86)\~$agIt Add-in.dot
2013-04-25 13:49 - 2015-03-08 11:50 - 0000132 _____ () C:\Users\David\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-04-01 20:59 - 2015-03-29 13:12 - 0000132 _____ () C:\Users\David\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-28 12:02 - 2015-03-28 12:02 - 0009662 _____ () C:\Users\David\AppData\Roaming\em_64x64.ico
2012-09-29 15:08 - 2012-09-29 15:10 - 0000553 _____ () C:\Users\David\AppData\Roaming\FreeDesktopClock.ini
2013-12-30 07:59 - 2013-12-30 07:59 - 0000101 _____ () C:\Users\David\AppData\Roaming\WB.CFG
2015-05-05 10:17 - 2015-05-05 10:17 - 0000037 ___SH () C:\Users\David\AppData\Local\70149b02515b3bb20dd492.47983420
 
Files to move or delete:
====================
C:\ProgramData\RegistryReviver.exe
C:\Users\David\setup.exe
 
 
Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-04 18:36
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2015
Ran by David at 2015-05-05 17:31:19
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3085527945-139366052-3681144780-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3085527945-139366052-3681144780-1011 - Limited - Enabled)
David (S-1-5-21-3085527945-139366052-3681144780-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-3085527945-139366052-3681144780-501 - Limited - Disabled)
Visitor (S-1-5-21-3085527945-139366052-3681144780-1002 - Limited - Enabled) => C:\Users\Visitor
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Active@ UNDELETE (HKLM-x32\...\{64B408B8-068B-4EE0-B16C-658A24E75B8B}) (Version: 7.3.3 - Active Data Recovery Software)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
Ares 2.1.8 (HKLM-x32\...\Ares) (Version: 2.1.8-Build#3042 - Ares Development Group)
Audials (HKLM-x32\...\{249C7D7F-96D7-4C5B-A64F-AFB26BE777C1}) (Version: 8.0.49702.200 - RapidSolution Software AG)
Audials (HKLM-x32\...\{BFCD8790-CBEE-485F-B151-BAA6B21D1CA0}) (Version: 9.1.31900.0 - Audials AG)
Audials TV (HKLM-x32\...\{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}) (Version: 1.3.10803.300 - RapidSolution Software AG)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
AVG 2013 (Version: 13.0.2591 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belarc Advisor 8.2 (HKLM-x32\...\Belarc Advisor) (Version: 8.2.7.17 - Belarc Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DriverIdentifier 4.2.8 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Perfection V500 Photo Scanner Driver Update (HKLM-x32\...\{25653817-9502-41A5-A24D-FED750611E98}) (Version:  - )
EPSON Perfection V500P User's Guide (HKLM-x32\...\Silent Package Run-Time Sample) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version:  - Drive Software Company)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Geosense for Windows (HKLM\...\{D617DF82-6046-44EB-AD4A-D3423319E12C}) (Version: 1.2.0.0 - Within Network, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Hoadley Options Strategy Evaluation Tool  (HKLM-x32\...\{50201BFF-7AB7-4D33-A682-DDCDB436A10F}) (Version: 1.0.116 - Hoadley Trading & Investment Tools)
Hoadley Options Strategy Evaluation Tool (HKLM-x32\...\Hoadley Options Strategy Evaluation Tool_is1) (Version:  - Peter Hoadley)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
Image Converter (HKLM-x32\...\Image Converter Image Converter) (Version: 1.0.0 - Image Converter)
inSSIDer Office (HKLM-x32\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.4 - Ipswitch)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Learning Essentials for Microsoft Office (HKLM-x32\...\{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}) (Version: 2.0 - Microsoft)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media converter (HKLM-x32\...\{08597792-778c-4af3-8e60-0d7a09ecf120}_is1) (Version:  - )
Media converter (HKLM-x32\...\{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Math (HKLM-x32\...\{07043840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Setup Bootstrapper 2010 (HKLM-x32\...\Microsoft Setup Bootstrapper 2010) (Version: 2010 - Microsoft Setup Bootstrapper)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NirSoft IconsExtract (HKLM-x32\...\NirSoft IconsExtract) (Version:  - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}) (Version: 2.0.628 - Sony)
Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 7.0.0.18 - Symantec Corporation)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
Norton Ghost 15 (HKLM-x32\...\Norton Ghost) (Version: 15 - )
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Olympus ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.6.3731 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
OptionsOracle (HKLM-x32\...\{2C31929A-D6AB-4D0B-ABF9-4812A045CE97}) (Version: 1.600 - SamoaSky)
Panda Antivirus Pro 2014 (x32 Version: 13.01.01 - Panda Security) Hidden
ParagoStockQuote (HKLM-x32\...\{B36A76C3-0399-498C-A45B-C5D73AED1CE1}) (Version: 1.0.0 - Parago)
Pazera Free MP4 to AVI Converter 1.6 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Pazera Jacek)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PerfectDisk 11 Professional (HKLM\...\{B7607FC8-72AD-486D-B6B7-A402D5876309}) (Version: 11.00.185 - Raxco Software Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PPrriceMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version:  - )
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7409 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.162 - ReviverSoft LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SDK Debuggers (x32 Version: 8.100.26837 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skin Clock 1.7 (HKLM-x32\...\Skin Clock_is1) (Version:  - Evgeny Kryukov)
SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation)
Sony Sound Forge 8.0b (HKLM-x32\...\{48EB9208-593D-4DC7-B613-9C5A210D87BA}) (Version: 8.0.110 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{4AEA9A23-D627-4699-8A0F-FC474308C2E6}) (Version: 9.0.441 - Sony)
Sound Forge Pro (HKLM-x32\...\Sound Forge Pro) (Version:  - )
Sound Forge Pro 11.0 (HKLM-x32\...\{3F1EEA40-9515-11E4-9B3B-F04DA23A5C58}) (Version: 11.0.299 - Sony)
Spotify (HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
StockWatch (HKLM-x32\...\{EA53703E-564F-42E4-806C-F5D971A875DA}) (Version: 8.0 - BREAKTRU SOFTWARE)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1022 - SUPERAntiSpyware.com)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.39049 - TeamViewer)
TrayStatus 1.2.3 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 1.2.3.0 - Binary Fortress Software)
VB Runtimes Pack, release 7 (HKLM-x32\...\VB Runtimes Pack, release 7_is1) (Version: 7 - http://www.tnk-bootblock.co.uk)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
Video Mover (HKLM-x32\...\Video Mover_is1) (Version:  - )
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Pool 3 DL (HKLM-x32\...\{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}) (Version: 3.3.1.1 - Celeris)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Live installer (HKLM-x32\...\{9E1DDBE7-BF44-4AC8-87CA-3D25FC63C6E1}) (Version: 12.0.1471.1025 - Microsoft Corporation)
Windows Live Messenger (HKLM-x32\...\{FC411B47-30BF-428C-9C1E-F6C54A94EA7E}) (Version: 8.5.1302.1018 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{dfe9c941-2d53-42eb-8631-05ab80216136}) (Version: 8.100.26837 - Microsoft Corporation)
WinTools.net Premium version 14.0 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 14.0 - WinTools Software Engineering, Ltd.)
WPT Redistributables (x32 Version: 8.100.26837 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 10.2.078.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3085527945-139366052-3681144780-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> No File Path
 
==================== Restore Points  =========================
 
05-05-2015 10:12:00 Installed inSSIDer Office
05-05-2015 10:46:34 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-09-30 15:43 - 2015-01-20 09:06 - 00001797 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
127.0.0.1                               125.252.224.91
127.0.0.1                               hl2rcv.adobe.com
127.0.0.1 www.celeris.com 
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00526196-06BC-41AA-8EDD-FA8427C3D126} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {044E6182-34F8-44B3-90D7-68F609F5564E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {04DD0151-A66A-45DA-9822-97F2BB8BC1B2} - \{06A63907-406B-435D-ACE8-39AC21EB346D} No Task File <==== ATTENTION
Task: {07C91F09-4BF1-429E-91CA-332D5C16BB20} - System32\Tasks\{FF48B526-56A6-4327-8F1E-F216EB7D21D1} => pcalua.exe -a "C:\Users\David\Downloads\µTorrent\Microsoft Office 2010 - No Key Needed [FULL]\setup.exe" -d "C:\Users\David\Downloads\µTorrent\Microsoft Office 2010 - No Key Needed [FULL]"
Task: {083C6B88-2D95-4048-9F60-631A2ED3F93F} - \{933BBA8A-0971-4E1A-A71C-92B19462283C} No Task File <==== ATTENTION
Task: {0B766CEA-FD2B-4BF9-99D5-319AF8046A72} - System32\Tasks\Alfasistem Memory Uninstaller => C:\Program Files (x86)\Alfasistem Memory\ tmjob.exe
Task: {0E228524-946A-4083-ADA1-C2586E3F397A} - System32\Tasks\{F06BB283-7E84-4733-BD9F-9762B79AD883} => pcalua.exe -a "C:\Program Files (x86)\SarbyxTrayClock\unins000.exe" -d "C:\Program Files (x86)\SarbyxTrayClock"
Task: {11215680-BBD3-4952-AFFD-C539F5C5B8F1} - System32\Tasks\{51F24487-C6A1-49EB-A845-CF74741EFB6C} => pcalua.exe -a C:\Users\David\Downloads\ymsgr900_2162_us.exe -d C:\Users\David\Downloads
Task: {14FA7E96-09C8-4AF2-A4AD-DB1988CDBC3A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {1997F2BB-D829-465F-81C8-22128ADA79D1} - \{068D92D9-569F-451A-BAA6-F60C69C68BA0} No Task File <==== ATTENTION
Task: {1B3E7C3A-7CFA-4E93-A1FD-D3767517FBF5} - System32\Tasks\{D8DFE8E4-5FBB-433D-9501-36D5083A8B09} => pcalua.exe -a "C:\Users\David\Downloads\µTorrent\Virtual Pool 4.1.2.4\Virtual Pool 4.1.2.4\Virtual_Pool_4.4.1.2.4.exe" -d "C:\Users\David\Downloads\µTorrent\Virtual Pool 4.1.2.4\Virtual Pool 4.1.2.4"
Task: {1BE1FFFB-789F-453F-AB0C-66C0ACB42363} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1D4E2332-0A4C-4540-B6FB-4AC0B5D64344} - \{FBC76180-39F8-4CAA-A795-B005661070B2} No Task File <==== ATTENTION
Task: {1FF2902A-4B69-4AF8-BF24-E120BD7DCF89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-21] (Microsoft)
Task: {25C41713-0EB5-4C38-9BD3-772D46A18A57} - \{EA701D39-5D40-4671-922A-3F4A7FA2E824} No Task File <==== ATTENTION
Task: {27D2733C-0ED1-4F28-BD0A-A3596D062E54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {29814B97-D47A-4F91-B324-1A2DE602B196} - \{0F0373E3-57BB-459E-BB23-329C445D2C69} No Task File <==== ATTENTION
Task: {31C87186-2CD5-42F7-A398-DEBE527424C8} - \{F550838C-1057-4556-A86A-1A40DEABF409} No Task File <==== ATTENTION
Task: {33712B62-CA96-4E71-B90B-561C1A5F79D1} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {3374512C-7C63-41E0-8F67-C0703A0DBA21} - System32\Tasks\{1FCE3520-3AAC-45C3-ADA9-50F10A1B5CEB} => pcalua.exe -a "C:\Windows\Registry Drill\uninstall.exe" -c "/U:C:\Program Files (x86)\Easy Desk Utilities\Registry Drill\irunin.xml"
Task: {33EEBD0A-2C59-4DE3-ADF3-FA46B95DE063} - \{90088514-8A04-466F-9380-99A2E0B31142} No Task File <==== ATTENTION
Task: {38E9C52E-4CFB-4E87-B447-DA1471F86617} - \{98B27F10-3D7E-401D-9C5B-430730BB3DDC} No Task File <==== ATTENTION
Task: {3C355016-64B9-4A81-AB1B-B87CB5C3BF7C} - \{944981C6-5284-41D7-8CD6-FA3E431B1BE8} No Task File <==== ATTENTION
Task: {40973872-AB12-49DD-956A-58EC071007D4} - System32\Tasks\{A407AB7A-9181-4EB8-AF69-9F21A9DBF712} => pcalua.exe -a C:\Users\David\Downloads\dotnetfx35.exe -d C:\Users\David\Downloads
Task: {441CE1C2-29E3-4860-B3E9-B80D4A88668D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\File validation => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-04-21] (Microsoft)
Task: {4CF3BF7B-32AB-4900-AB6A-C7A5F22DD3DE} - \{784EACE6-3035-42CF-88A7-F3A3580E210C} No Task File <==== ATTENTION
Task: {56973781-EA36-4F7A-8FEF-D03D37EB2520} - System32\Tasks\Anti Virus Installer Uninstaller => C:\Program Files (x86)\Anti Virus Installer\Anti VirusInstaller.exe [2015-04-08] (Secure Updater)
Task: {5A3BE3FA-8C6D-4F8C-AA72-359C9A46F402} - System32\Tasks\{F36665D0-D261-4F15-A05B-E424FB477930} => pcalua.exe -a "C:\Users\David\Local Settings\Application Data\Bundled software uninstaller\biSetup37198.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {5BBC6DBB-9FBD-43F0-A6DB-C183F41908D4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5E27EF44-BF40-4F38-BBED-B591F62FC391} - System32\Tasks\{2BF7459B-D73E-467B-9B10-E55896AA9863} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {5F29F95E-E920-48E3-998C-60BF6C16683F} - \{AAB044EA-1F38-4E1C-B457-84F20BD69065} No Task File <==== ATTENTION
Task: {63E7A93A-9EE1-4500-9F4F-ADF60386CD60} - System32\Tasks\{4F88C5A5-218E-4DE0-A736-ABF97ED3A829} => pcalua.exe -a C:\Users\David\Downloads\ymsgr900_1912_us.exe -d C:\Users\David\Downloads
Task: {67B524C6-1F6F-47E1-9E9D-9E91127E4F8D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3085527945-139366052-3681144780-1000
Task: {6B701271-065D-42B0-9981-64FE989D91D2} - System32\Tasks\{A3AFD38E-BA3D-4813-AB1D-04F8E4E4EAE1} => pcalua.exe -a C:\Users\David\Downloads\setup.exe -d C:\Users\David\Downloads
Task: {6E0DE7DD-05B0-48FE-913D-7C58A0824867} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {70425A1B-E879-4771-BFE9-6B5912FC7F4E} - System32\Tasks\{4C0E343D-BEC2-4977-8AFE-B601B0DB61B3} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {75B1C860-4B0E-462D-AB2A-4CB1A29FE0FD} - \SidebarExecute No Task File <==== ATTENTION
Task: {79FFA273-400E-41C3-8FD6-3118D9378FEC} - System32\Tasks\{FAAC5B65-4425-43A4-B3E4-2990CEB52316} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {7A3302CD-0E97-412D-8878-DDDAAB549B2B} - System32\Tasks\{8F8E29C4-01B4-420C-927B-2F927480E1E2} => pcalua.exe -a "C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard\Engine\7.0.0.18\Gear\GEARDIFx.exe" -d "C:\Program Files (x86)\Norton Ghost" -c INSTALL "NBRTWizard" "{A4274214-B468-482e-B2AC-24FCD2365C4B}"
Task: {7A60BDC9-48E5-4941-85DD-CF51B9CD6B75} - System32\Tasks\Grand Panda Updater => C:\Program Files (x86)\PrivateVPN\gpup.exe <==== ATTENTION
Task: {7C95E5D5-3769-45D7-BE6C-EB8FA85E1A36} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {7D088582-B4EF-4D7D-8984-2D3E28DD7B73} - \{51D40F7C-A9E5-49A2-B658-213116ACE6D2} No Task File <==== ATTENTION
Task: {84CCDC93-6745-4656-9AD6-50E582165F11} - \{835A3CB0-5F0A-41A1-90C7-3905DB2C7F44} No Task File <==== ATTENTION
Task: {86456E3E-B9BE-496D-A2BA-D974E8516A94} - System32\Tasks\{805E81EF-41EA-49E2-A851-4E818641D8B8} => pcalua.exe -a C:\Users\David\Downloads\winsdk_web.exe -d C:\Users\David\Downloads
Task: {8BE33FB2-A2F9-4C48-81DA-7CE5EE4EBC54} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {8C154798-B853-4E9B-BEC4-EEB34DB5DDC1} - System32\Tasks\{495182BE-EBEF-49A8-9275-4E008D84E929} => pcalua.exe -a "C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\SmartTagInstall.exe" -d "C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag"
Task: {93643070-C63F-4B74-9162-F11FB6723CC7} - System32\Tasks\{67DBAF5A-0662-4A1F-BF30-990984231DF1} => pcalua.exe -a C:\Users\David\Backups\HitmanPro\HitmanPro.exe -d C:\Users\David\Backups\HitmanPro
Task: {98E1FAE4-C849-4EFE-8968-B71C93ED79D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9B58C2C6-5032-425F-B949-98F6D08317F0} - \{796C265D-E02C-4215-AC4E-F948143941BC} No Task File <==== ATTENTION
Task: {9B8B578D-11B1-479C-B188-644E648B526C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B1D2EF0D-34E9-4A75-92F7-E6F42BCA4BCF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {B3F20913-0649-4169-B755-B5F1A52AE295} - System32\Tasks\{890BEE91-FCB8-4FE6-BB4D-0AAD8D3BECA0} => pcalua.exe -a C:\Users\David\Downloads\wlsetup-web.exe -d C:\Users\David\Downloads
Task: {B79F76CF-C347-40B0-A62A-56B041F3810F} - System32\Tasks\{576EEAD7-8857-4E0C-A4BF-3B721FAF7230} => pcalua.exe -a "C:\Users\David\Downloads\ymsgr900_2162_us (1).exe" -d C:\Users\David\Downloads
Task: {B88E832F-9C79-4286-B5DC-F7E68541073F} - System32\Tasks\{1E79B445-B044-45E4-80B4-E4C99ED987D4} => pcalua.exe -a C:\Users\David\AppData\Roaming\oursurfing\UninstallManager.exe -c  -ptid=exp
Task: {BA5B1014-2E14-4300-A531-030C4A70C6A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BEB2C3A8-E6A0-4F3A-93BC-63AFB3655BD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {C4A4261F-EEE4-43B6-9563-295763F63888} - \{84B993B4-12FA-4A59-AAA4-85D2E36F7370} No Task File <==== ATTENTION
Task: {C4F23D97-94DD-4066-BEE1-C570F50DE7B0} - System32\Tasks\Windows Defrag => C:\Users\David\AppData\Local\Updater\winupd.exe
Task: {C8FFBB24-90F0-4156-8C30-F0C6D815FF81} - System32\Tasks\{58A995F9-E330-41DE-989F-F652BFFBE9E9} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {CEAE30D7-38CE-4441-8883-A52E63E65906} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D3AAC07E-C77D-48A9-84DC-67A2427F90A6} - System32\Tasks\{B76A7A90-847E-4BC7-919F-7C65F2FDA17D} => pcalua.exe -a "C:\Users\David\Backups\Partition Magic\PartitionMagic_8.2\Partition Magic.exe" -d "C:\Users\David\Backups\Partition Magic\PartitionMagic_8.2"
Task: {D4685C50-4374-4601-8D77-16A7D068E84E} - System32\Tasks\{8CC51390-2E88-418E-B1AA-22461C09086A} => C:\Program Files (x86)\Chameleon Clock\ChamClock.exe
Task: {E853FAD9-C449-4E1E-8602-C45A8F0B82AD} - \{4EFD2083-5A6A-4D09-95BA-3373750CF167} No Task File <==== ATTENTION
Task: {F0D37E9E-550B-4BE7-80F6-25630AC4C42C} - System32\Tasks\{460BE432-4E7D-46D8-8ACD-B061AFB6A561} => pcalua.exe -a C:\Users\David\Downloads\stock\setup.exe -d C:\Users\David\Downloads\stock
Task: {F41ABE9E-2449-4224-B503-6221387BD988} - \{AF643558-22CA-4D6D-8597-B47EE816ABAF} No Task File <==== ATTENTION
Task: {F4FCA02A-7252-467C-BA7F-1AA3A75410C6} - \{48759E32-5D38-4D56-877B-8E650B0AB795} No Task File <==== ATTENTION
Task: {FB4CD12A-A668-4669-9AEF-2EDA84A07D8B} - System32\Tasks\AdobeAAMUpdater-1.0-DavidsDesktop-David => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {FD6271B2-09EC-45AB-A3A7-A860BA8E0D62} - System32\Tasks\{75CBAD3F-18FD-41DA-9E62-1923597226C3} => pcalua.exe -a C:\Users\David\Downloads\dotnetfx.exe -d C:\Users\David\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-14 17:27 - 2013-04-24 19:20 - 02007040 _____ () C:\Program Files\Free Desktop Clock\timeserv.exe
2015-05-04 16:38 - 2011-04-19 16:31 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2015-05-04 16:38 - 2010-02-09 15:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2015-05-04 18:38 - 2015-02-05 12:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-28 20:09 - 2015-04-28 20:09 - 02466304 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2015-04-28 20:09 - 2015-04-28 20:09 - 02109440 _____ () C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-04-14 17:27 - 2013-06-07 20:20 - 01875968 _____ () C:\Program Files\Free Desktop Clock\Clock.dll
2015-04-30 15:07 - 2014-06-09 11:50 - 06552072 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2015-05-04 16:38 - 2011-04-19 16:31 - 00150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2015-04-14 17:27 - 2013-06-27 23:07 - 04652544 _____ () C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe
2013-07-06 08:00 - 2013-10-11 04:41 - 01303552 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2015-05-04 16:37 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-10-19 22:22 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-10-19 22:22 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2015-05-05 09:02 - 2015-05-05 09:02 - 00060928 _____ () C:\Users\David\AppData\Local\Imvpsoft\CatDBnt5.dll
2015-05-05 08:12 - 2015-05-05 08:12 - 00056320 _____ () C:\Users\David\AppData\Local\Ifdksoft\WsCryptApi.dll
2015-05-04 16:37 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2015-05-04 16:37 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2015-05-04 16:37 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2015-05-04 16:37 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2015-05-04 23:14 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2015-05-05 07:18 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libglesv2.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libegl.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\pdf.dll
2015-05-05 07:27 - 2015-05-05 07:27 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2c3ee4339f14af1e4dfc45a8964dedfb\IsdiInterop.ni.dll
2011-04-19 11:28 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-03-04 15:20 - 2015-02-27 18:56 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\PepperFlash\pepflashplayer.dll
2015-05-05 10:27 - 2015-05-05 10:27 - 00813056 _____ () C:\Program Files (x86)\PrIcceMinUs\CCgtxYqiybif9D.dll
2015-05-05 09:50 - 2015-05-05 09:50 - 00813056 ____N () C:\Program Files (x86)\PriceMionuusu\owIK9R5TilcUoz.dll
2015-05-05 10:51 - 2015-05-05 10:51 - 00813056 _____ () C:\Program Files (x86)\PPrriceMinus\YUKdrFyg8IEdUE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3085527945-139366052-3681144780-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 5232 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3085527945-139366052-3681144780-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^3RVX.lnk => C:\Windows\pss\3RVX.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Chrome.lnk => C:\Windows\pss\Google Chrome.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^volume.ahk => C:\Windows\pss\volume.ahk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ares.exe - Shortcut.lnk => C:\Windows\pss\Ares.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk => C:\Windows\pss\crossbrowse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Download SONY Sound Forge Pro 11.0 Build 299 Torrent - KickassTorrents.lnk => C:\Windows\pss\Download SONY Sound Forge Pro 11.0 Build 299 Torrent - KickassTorrents.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^firefox - Shortcut.lnk => C:\Windows\pss\firefox - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamViewer.exe - Shortcut.lnk => C:\Windows\pss\TeamViewer.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ThePirateBay.TO, mp3, avi, bittorrent, torrent, torrents, movies, music, games,.lnk => C:\Windows\pss\ThePirateBay.TO, mp3, avi, bittorrent, torrent, torrents, movies, music, games,.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Ad-Aware Antivirus => 
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\David\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BingSvc => C:\Users\David\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: BVRPLiveUpdate => "C:\Program Files (x86)\Avanquest update\Engine\RunLU.exe" -s /PATCH,/SRCUPDATEC:\PROGRA~3\SONYER~1\SONYER~2\LIVEUP~1\LISTOF~1.DAT,
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DriverScanner => 
MSCONFIG\startupreg: EEventManager => C:\PROGRA~2\EPSONS~1\EVENTM~1\EEVENT~1.EXE
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => 
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Icqgsoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\David\AppData\Local\Ifdksoft\MetaNotifier32.dll
MSCONFIG\startupreg: Ifdksoft => C:\Users\David\AppData\Local\Ifdksoft\tmp2D4F.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Iminent => 
MSCONFIG\startupreg: IminentMessenger => 
MSCONFIG\startupreg: Imvpsoft => regsvr32.exe C:\Users\David\AppData\Local\Imvpsoft\BassMainAgent.dll
MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
MSCONFIG\startupreg: ISW => C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: lollipop => 
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: mobilegeni daemon => 
MSCONFIG\startupreg: msnmsgr => 
MSCONFIG\startupreg: Norton Ghost 15.0 => "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: PDF Complete => 
MSCONFIG\startupreg: PSafeAV => 
MSCONFIG\startupreg: PSafeTray => 
MSCONFIG\startupreg: PSafeWDS => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SarbyxTrayClock => 
MSCONFIG\startupreg: SBRegRebootCleaner => 
MSCONFIG\startupreg: Search Protection => "C:\Users\David\AppData\Roaming\Search Protection\SP.EXE" /autostart
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SkinClock => 
MSCONFIG\startupreg: Skype => 
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: SpeedTray => C:\Users\David\AppData\Roaming\SpeedTray\speedtray.exe
MSCONFIG\startupreg: SpeedUpMyPC => 
MSCONFIG\startupreg: Spotify => "C:\Users\David\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TasksWatch => "C:\Users\David\AppData\Local\Temp\TasksWatch.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: uTorrent => "C:\Users\David\Downloads\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VideoUsage => "C:\Program Files (x86)\DoubleOptMedia\VideoUsage.exe"
MSCONFIG\startupreg: WinCheck => C:\Users\David\AppData\Local\00000012-1430125422-8015-BF5A-888888888788\bnsiCBF9.exe
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{D9D6DD35-3AE6-4D2B-ABC9-0B2912C586DA}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A1A5E099-B7C9-463C-95F8-71A76D185268}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{43430412-C832-41D8-A8B5-D143E8C01B69}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{774EC35C-2D95-43BD-A2BD-203ADA9B4512}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{AFED154C-52BE-44DE-9A3C-B7A6FDC0AA80}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{DE6F480F-CC88-46BE-8CD4-13CDB4DBB483}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{9D138210-4901-42F5-886B-D6AB9C021D44}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{B62BCBB0-9F15-497C-A144-40578AF78210}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{4975C0CE-FFD0-4FAF-9C8C-EDA544DE816B}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{A5BBD902-D0BE-4056-B74C-5D7A17307B62}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{640F00AD-1D81-45D2-9EBB-1C146AA9A81F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{54711368-EB48-4865-88A1-3F835A4B6FD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{001ECCEE-29D4-46A3-AE06-78488CF17717}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88C9A603-11FF-44E0-92D5-2E2172BD0E2A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87967369-B92E-4159-B508-B8F188F4AA76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D86120F2-14A5-40BE-9786-2C3E66A8BFBA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{84B2949E-1832-447A-84E2-10E92CEF6308}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [UDP Query User{993C064D-57C1-42D6-99C0-4EBFC9191E42}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [TCP Query User{6C11DE40-0FEB-46FC-95E2-A9D35DD5B28E}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{943EFB3C-5A52-43BF-80EA-8ACFEDB6B2E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{2519892A-AF80-46D4-B44F-D7E4E856E5C3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{C86A9E6D-92D3-44F3-87E3-39D8B9E7FC7B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{E9CD2477-F432-43C9-8526-FE1DDE55DBB4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{A1500943-CA90-46B1-B2D1-DF66C76D2A17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E626B0EE-E05C-44C2-9B85-5698A702E96E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{82E337C8-891E-42A0-8D4A-1FA5CFB7A9B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{3BF6AAB0-84F7-4BED-A815-693CABFE7212}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{6F8E929A-E3B0-43FA-BDF6-1ACA259D4636}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{09565D35-BDBA-4A06-831B-AABA0A69C3CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{32452F92-5047-4326-8911-438A01FFF3F1}] => (Allow) C:\Program Files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\officestp.exe
FirewallRules: [{DCC3136F-AA5C-49FA-8B4B-9BF4E6CECCD3}] => (Allow) C:\Program Files (x86)\Microsoft Setup Bootstrapper\Microsoft Setup Bootstrapper\officestp.exe
FirewallRules: [{19463956-D194-4D78-A29F-5A05BBC72615}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\livecall.exe
FirewallRules: [{C46B6CB6-94D8-467A-B345-8A862EA0AC2B}] => (Allow) svchost.exe
FirewallRules: [{7CB163B0-E284-499B-A79C-1A40D27CC22C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4F0FF8D0-A7A2-4095-B593-A8C2C6CEDCC0}] => (Allow) LPort=5000
FirewallRules: [{A12FBD68-BBDD-41A2-A99B-60A1A08082EE}] => (Allow) LPort=1045
FirewallRules: [{6C93253A-7B98-496E-894C-37EAF4AE7E1A}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{1CD6FC34-E403-4F53-9424-74486FFA7F73}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [UDP Query User{7DF40EB0-73E5-4650-987F-B31AFEC4006E}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{8635ED3F-B4F8-4F4E-92EA-6308B68258C2}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{796B9676-A388-4B98-B06A-DCEE23EEF89A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{FFAFDCB4-C7BB-4E1E-B5CD-56F188ED382A}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5E49F338-674F-4209-AF88-49FF59BF378F}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{6E440633-881B-40B4-B4CD-9F6AADCDB563}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BBE37BB2-7F13-4CA8-ACAA-38018DD76417}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C72A8621-A183-4191-9F09-5A55F7B94DED}] => (Allow) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [UDP Query User{C4CBF2EB-918B-4E65-964D-E8E585B46206}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{51F1C06C-B72B-4512-90CB-DEF0F2B719C8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{76704175-E022-474A-94EE-F5B84092AF7E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{78CB2699-61BD-4192-87F3-DFC182A972A6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E822C01F-648D-4579-B427-7F1C8D6777DE}] => (Allow) C:\Program Files (x86)\Virtual Pool 3\vp3.exe
FirewallRules: [{5E5F64E0-6989-4C64-A0CD-0C92603AC8D2}] => (Allow) C:\Program Files (x86)\Virtual Pool 3\vp3.exe
FirewallRules: [{1B2AC955-CA6E-4F14-A1A7-063F494D08D4}] => (Allow) C:\Users\David\AppData\Local\Temp\utt6A43.tmp.exe
FirewallRules: [{DEF96A4A-51FA-4E14-AC85-88A725286142}] => (Allow) C:\Users\David\AppData\Local\Temp\utt6A43.tmp.exe
FirewallRules: [{C60F8C93-932B-41D2-B539-F8F2AC3E2627}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{61C6BFC4-6897-4772-80FB-AF175301B475}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9C1D8383-BADC-4538-A1E7-9D02C0199B29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1A2471F9-BCBD-42FA-9141-12BC2D2EDB69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4067AD5-9DE3-41E8-94C9-F408B0E7CBAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BDB0289D-3936-47C8-9FDD-88885613083D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1CA89A19-84BB-41E8-9C9C-6EB97AC2C601}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1532E59D-990E-4167-A8D8-B3143CE97250}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{4C7DA643-52C6-4B06-AD11-E78136041B4A}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [TCP Query User{D8268983-16A3-4A32-86EE-8BF5B6BD1210}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [UDP Query User{BF16B5FB-6BE7-46B8-9711-5E6BE212AA31}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{152D3D3B-B435-456B-976C-6AD95E7DF033}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{16E2C9F1-8C23-4399-A0DF-63F915B575D6}] => (Allow) LPort=49194
FirewallRules: [{45358139-5AE8-41BA-BDFD-38AD7871DE87}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B4AD560D-BA2A-4836-98BB-DCDD8F8A2BB7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C760FB51-26C2-4AD6-9FE7-6BDEA94275E7}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{07B21A5E-FAFA-4F67-A5B9-408E6BCA2331}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D2508EB7-1597-48A2-8636-537563872AF1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{9A751F80-70A7-4D74-905E-145CF77F64FE}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{F2289082-198D-4580-88D1-94328FD49C73}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{F7C5BB24-5FE8-495A-B87F-485877BF627E}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{E9D8608B-B6A4-4BAA-95F0-921D2F6544F4}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{C575E04C-7342-4B3C-8CD6-864D552F6F08}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{D83AFDD8-54F4-41AF-8AA2-818E970A660E}] => (Allow) LPort=19540
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/05/2015 04:53:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2015 04:52:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (05/05/2015 04:52:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]
 
Error: (05/05/2015 10:42:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2015 10:42:02 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (05/05/2015 10:42:02 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]
 
Error: (05/05/2015 09:50:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AelousCrawler.xyz.exe, version: 0.0.0.0, time stamp: 0x54c63dce
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x750c4b02
Faulting process id: 0x1ad4
Faulting application start time: 0xAelousCrawler.xyz.exe0
Faulting application path: AelousCrawler.xyz.exe1
Faulting module path: AelousCrawler.xyz.exe2
Report Id: AelousCrawler.xyz.exe3
 
Error: (05/05/2015 09:34:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (05/05/2015 09:32:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (05/05/2015 09:32:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (05/05/2015 04:50:22 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (05/05/2015 04:49:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/05/2015 04:49:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SAS Core Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (05/05/2015 04:49:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Office Software Protection Platform service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/05/2015 04:49:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/05/2015 04:49:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (05/05/2015 04:49:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Active File Monitor V13 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/05/2015 04:49:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/05/2015 04:49:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/05/2015 04:49:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RoxioNow Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (05/05/2015 04:53:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2015 04:52:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (05/05/2015 04:52:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]
 
Error: (05/05/2015 10:42:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2015 10:42:02 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (05/05/2015 10:42:02 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]
 
Error: (05/05/2015 09:50:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AelousCrawler.xyz.exe0.0.0.054c63dceunknown0.0.0.000000000c000041d750c4b021ad401d087539c1325bcC:\Users\David\AppData\Local\Temp\3318\temp\AelousCrawler.xyz.exeunknowndf61ca03-f346-11e4-8bee-e069955bb6d0
 
Error: (05/05/2015 09:34:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (05/05/2015 09:32:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (05/05/2015 09:32:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-05 07:49:46.734
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:46.733
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:46.732
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:46.681
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:45.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:45.029
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:45.028
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-05 07:49:44.976
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-03 22:22:12.594
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-03 22:22:12.568
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU X 990 @ 3.47GHz
Percentage of memory in use: 18%
Total physical RAM: 24567.06 MB
Available physical RAM: 20096.41 MB
Total Pagefile: 74565.26 MB
Available Pagefile: 69732.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:1849.67 GB) (Free:1246.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.25 GB) (Free:13.15 GB) NTFS
Drive f: (Belkin Setup CD) (CDROM) (Total:0.28 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF1B7EF2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1849.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:08 AM

Posted 06 May 2015 - 10:30 AM

goGMWSt.gifCRACKED SOFTWARE WARNING

Participating in the use of cracked/pirated/keygen software is not only illegal but also a security risk. I do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their infections. I strongly recommend you refrain from participating in this activity; your computer will be repeatedly infected otherwise. Simply visiting a cracked software site can result in infection via drive-by exploits of vulnerable software.

Cracked software will make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some instances an infection may cause so much damage to your system that recovery is not possible and the only option is to reformat your Hard Drive and reinstall your Operating System. Please read the following articles for more information.

If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!

 


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:08 AM

Posted 11 May 2015 - 03:40 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users