Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Serious problems with Windows 7


  • This topic is locked This topic is locked
15 replies to this topic

#1 shma

shma

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 08 May 2015 - 07:21 PM

Hi, I have been experiencing some severe problems with the operating system and believe it may be due to malware, although a scan with AVG turned up nothing. Among the many problems I have encountered:

 

- Accessing 'System'  from the control panel causes windows explorer to crash.

- Windows Photo Viewer crashes on startup with the error "COM Surrogate has stopped working"

- The gaming program Steam crashes on startup.

- A factory installed diagnostic package called "Hardware Diagnostic Tools" by Publisher PC-Doctor, Inc. crashes on start-up.

-  Playing youtube videos in Firefox crashes the plug-in container along with Firefox itself.

 

 

The first problem I encountered was in chrome where the video  would cut out on youtube, while the audio continued. I am now experiencing this issue on my laptop which makes me suspect the issue is a virus or some malware that migrated from my pc to my laptop.

 

FRST.txt is below. Please note that my previous anti-malware software was Bitdefender, which was no longer functioning after these problems started. Note also that I disabled AVG along with all other programs directly before running FRST. It is normally running.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Peter (administrator) on PAUSE on 08-05-2015 19:23:27
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available profiles: Peter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [3331944 2009-12-03] (Symantec Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-10] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [PCDrProfiler] => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [89584 2010-01-19] (PC-Doctor, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-13] (Valve Corporation)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5127304 2014-11-20] (Plex, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Google Update] => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Driver Detective] => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\FIREPL~1.SCR
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {A65DF084-072B-42E3-8835-FC56A54E9651} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {A65DF084-072B-42E3-8835-FC56A54E9651} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=HPDTDF&PC=HPDTDF&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {33CB8A43-F152-4AF2-B0F6-301056A88AC1} URL = http://www.altavista.com/web/results?itag=ody&q={searchTerms}&kgs=1&kls=0
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {A65DF084-072B-42E3-8835-FC56A54E9651} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
DPF: HKLM-x32 {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default
FF DefaultSearchEngine.US: Google
FF Homepage: google.ca
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/O1DPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\IMDb.xml [2008-07-23]
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\webster.xml [2008-07-23]
FF Extension: Canadian English Dictionary - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\en-CA@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: Dictionnaires français - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: HerpDerp - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\jid0-Iix25kwA6rvhf6Tw5M2NpHRlXvo@jetpack [2012-02-07]
FF Extension: Forecastfox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-10-31]
FF Extension: ColorfulTabs - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-06]
FF Extension: All-in-One Gestures - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-05-26]
FF Extension: Memory Fox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2011-11-27]
FF Extension: Color toggle - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\background@toggle.wtf.xpi [2011-06-01]
FF Extension: DivX Web Player - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-07-11]
FF Extension: Memory Restart - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\memoryrestart@teamextension.com.xpi [2011-09-25]
FF Extension: Restart Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\restart@restart.org.xpi [2011-06-01]
FF Extension: Rotate Image - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\rotateimage@minisystems.de.xpi [2012-06-05]
FF Extension: Google Translator for Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\translator@zoli.bod.xpi [2012-04-05]
FF Extension: Copy As Plain Text - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1a5dabbd-0e74-41da-b532-a364bb552cab}.xpi [2012-06-21]
FF Extension: Nuke Anything Enhanced - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2011-06-01]
FF Extension: oldbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}.xpi [2011-06-01]
FF Extension: Boomerang for GMail - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2011-09-25]
FF Extension: YouTube High Definition - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-09]
FF Extension: Hide Tabbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}.xpi [2011-06-01]
FF Extension: Showcase - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-06-01]
FF Extension: Modify Headers - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-01-15]
FF Extension: CoolPreviews - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2011-06-17]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-01]
FF Extension: Download Statusbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-10-27]
FF Extension: Greasemonkey - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: GmailTeX - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{f17a9732-1eaa-4383-a590-afa38cf9c22a}.xpi [2012-02-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-03-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-09]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-26]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-28]
CHR Extension: (Dynamite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\djoedchmhkmbnkggjnbachnpikkabfhk [2013-10-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-09]
CHR Extension: (HTTPS Everywhere) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-06-25]
CHR Extension: (Bookmark Manager) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (ModHeader) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2014-11-20]
CHR Extension: (Mymail-Crypt for Gmail™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcaobjhdnlpmopmjhijplpjhlplfkhba [2014-11-22]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2015-02-20]
CHR Extension: (Your Quality for YouTube™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfcilgimggemnogfigihdkmapdhhlbph [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-08 19:23 - 2015-05-08 19:24 - 00033100 _____ () C:\Users\Peter\Desktop\FRST.txt
2015-05-08 19:23 - 2015-05-08 19:23 - 00000000 ____D () C:\FRST
2015-05-08 19:21 - 2015-05-08 19:21 - 02102272 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2015-05-08 19:10 - 2015-05-08 19:10 - 05621999 _____ (Swearware) C:\Users\Peter\Desktop\ComboFix.exe
2015-05-08 15:12 - 2015-05-08 15:12 - 00000022 _____ () C:\Windows\S.dirmngr
2015-05-08 15:10 - 2015-05-08 15:10 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-08 14:39 - 2015-05-08 14:44 - 00000000 ____D () C:\Users\Peter\Desktop\HDDScan-3.3
2015-05-08 14:39 - 2015-05-08 14:39 - 03822364 _____ () C:\Users\Peter\Downloads\HDDScan-3.3.zip
2015-05-08 13:39 - 2015-05-08 13:39 - 00000000 ____D () C:\ProgramData\ATI
2015-05-08 13:38 - 2015-05-08 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-05-08 13:37 - 2015-05-08 13:39 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-05-08 12:40 - 2015-05-08 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:40 - 00000000 ____D () C:\Program Files (x86)\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:39 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\GameSave Manager 3
2015-05-08 12:32 - 2015-05-08 12:39 - 00000000 ____D () C:\Program Files (x86)\GamSave
2015-05-08 12:32 - 2015-05-08 12:32 - 00000000 ____D () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0
2015-05-08 12:31 - 2015-05-08 12:31 - 07996936 _____ () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0.zip
2015-05-08 12:10 - 2015-05-08 12:10 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller (1).exe
2015-05-08 11:50 - 2015-05-08 11:50 - 00002628 _____ () C:\Users\Peter\Downloads\legitcheck.hta
2015-05-07 23:14 - 2015-05-07 23:14 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-07 23:14 - 2015-05-07 23:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-07 23:13 - 2015-05-07 23:13 - 06484352 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup505.exe
2015-05-07 20:49 - 2015-05-07 20:49 - 00052689 _____ () C:\Windows\SysWOW64\CCCInstall_201505072049055323.log
2015-05-07 17:59 - 2015-05-07 20:23 - 00035953 _____ () C:\Windows\system32\avgrep.txt
2015-05-07 17:19 - 2015-05-07 17:19 - 00000418 _____ () C:\Users\Peter\Desktop\PAUSE.txt
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2015-05-07 17:17 - 2015-05-07 17:17 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller.exe
2015-05-07 12:33 - 2015-05-07 13:49 - 00000000 ____D () C:\Windows\pss
2015-05-07 08:42 - 2015-05-07 08:42 - 04787658 _____ () C:\Users\Peter\Downloads\Nv2-PC (1).zip
2015-05-07 08:42 - 2013-06-27 12:30 - 10821938 _____ (Adobe Systems, Inc.) C:\Users\Peter\Desktop\Nv2-PC.exe
2015-05-06 22:30 - 2015-05-06 22:30 - 00008799 _____ () C:\Users\Peter\Downloads\Big Eyes (2014) [720p] YIFY - YTS.torrent
2015-05-06 17:17 - 2015-05-06 17:17 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\AVG2015
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\TuneUp Software
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-06 17:15 - 2015-05-06 17:17 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-06 17:15 - 2015-05-06 17:15 - 00000000 ___HD () C:\$AVG
2015-05-06 17:14 - 2015-05-06 17:14 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-06 17:11 - 2015-05-06 17:11 - 00098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 00037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:10 - 2015-05-08 08:44 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-06 17:10 - 2015-05-06 17:19 - 00000000 ____D () C:\Users\Peter\AppData\Local\Avg2015
2015-05-06 17:10 - 2015-05-06 17:10 - 04818760 _____ (AVG Technologies) C:\Users\Peter\Downloads\avg_free_stb_all_5863p1_177.exe
2015-05-06 17:10 - 2015-05-06 17:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\MFAData
2015-05-06 16:56 - 2015-05-06 16:56 - 00204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 00108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 00108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 00093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 00037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 15:05 - 2015-05-06 15:05 - 05008664 _____ (Adobe Systems Inc.) C:\Users\Peter\Downloads\Shockwave_Installer_Slim.exe
2015-05-06 11:15 - 2015-05-08 11:19 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-06 11:15 - 2015-05-06 15:21 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-05-06 11:15 - 2015-05-06 11:15 - 02218504 _____ () C:\Users\Peter\Downloads\instspeedfan451.exe
2015-05-06 11:15 - 2015-05-06 11:15 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2015-05-05 22:35 - 2015-05-07 20:49 - 00000000 ____D () C:\ProgramData\AMD
2015-05-05 22:35 - 2015-05-05 22:35 - 00053564 _____ () C:\Windows\SysWOW64\CCCInstall_201505052235052419.log
2015-05-05 22:35 - 2015-05-05 22:35 - 00000818 _____ () C:\Users\Peter\.recently-used.xbel
2015-05-05 22:32 - 2015-05-05 22:32 - 00018357 _____ () C:\Windows\SysWOW64\CCCInstall_201505052232275689.log
2015-05-05 22:28 - 2015-05-07 21:08 - 00000000 ____D () C:\Program Files\AMD
2015-05-05 22:28 - 2015-05-06 15:21 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-05-05 22:24 - 2015-05-05 22:24 - 00000000 ____D () C:\AMD
2015-05-05 22:18 - 2015-05-05 22:18 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Peter\Downloads\autodetectutility.exe
2015-05-02 20:57 - 2015-05-02 20:57 - 00019732 _____ () C:\Users\Peter\Downloads\A Most Violent Year (2014) [1080p] YIFY - YTS.torrent
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-04-29 00:16 - 2015-04-29 00:16 - 00051403 _____ () C:\Users\Peter\Downloads\Inside Amy Schumer S03E02 720p HDTV x264-FiHTV [eztv]-[rarbg.to].torrent
2015-04-27 17:58 - 2015-04-27 17:58 - 00183333 _____ () C:\Users\Peter\Downloads\longtable.ps
2015-04-27 10:45 - 2015-04-27 10:46 - 00122775 _____ () C:\Users\Peter\Downloads\Mad Men S07E11 720p WEB-DL DD5 1 h 264-NTb [eztv].torrent
2015-04-26 23:46 - 2015-04-26 23:46 - 00029503 _____ () C:\Users\Peter\Downloads\89BA0825F5D8C6E482736CD524302C89BD56B91C.torrent
2015-04-23 02:30 - 2015-04-30 19:28 - 00000000 ____D () C:\Users\Peter\Desktop\New folder
2015-04-23 02:28 - 2015-04-23 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2015-04-22 14:42 - 2015-04-22 14:42 - 00000000 ____D () C:\Program Files (x86)\DriverDetective
2015-04-16 09:41 - 2015-04-16 09:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 03:26 - 2015-04-16 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2015-04-15 09:29 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:29 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:29 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:29 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:29 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:29 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:29 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:29 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:29 - 2015-03-17 01:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:29 - 2015-03-17 01:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:29 - 2015-03-17 01:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:29 - 2015-03-17 01:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:29 - 2015-03-17 01:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 09:29 - 2015-03-17 01:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 09:29 - 2015-03-17 01:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:29 - 2015-03-17 01:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:29 - 2015-03-17 01:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:29 - 2015-03-17 01:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 09:29 - 2015-03-17 01:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 09:29 - 2015-03-17 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:29 - 2015-03-17 01:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:29 - 2015-03-17 01:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:29 - 2015-03-17 01:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 09:29 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 09:29 - 2015-03-17 00:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 09:29 - 2015-03-17 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 09:29 - 2015-03-17 00:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 09:29 - 2015-03-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 09:29 - 2015-03-17 00:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 09:29 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 09:29 - 2015-03-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 09:29 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 09:29 - 2015-03-17 00:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 09:29 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 09:29 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:29 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:29 - 2015-03-16 23:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 09:29 - 2015-03-16 23:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 09:29 - 2015-03-16 23:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:29 - 2015-03-16 23:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:29 - 2015-03-16 23:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:29 - 2015-03-16 23:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:29 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:29 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:29 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:29 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:29 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:29 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:29 - 2015-01-27 19:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 09:28 - 2015-04-01 20:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:28 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 09:28 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:28 - 2015-03-13 00:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:28 - 2015-03-13 00:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:28 - 2015-03-13 00:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:28 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:28 - 2015-03-13 00:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:28 - 2015-03-13 00:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:28 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:28 - 2015-03-13 00:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:28 - 2015-03-13 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:28 - 2015-03-12 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:28 - 2015-03-12 23:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:28 - 2015-03-12 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:28 - 2015-03-12 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:28 - 2015-03-12 23:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:28 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:28 - 2015-03-12 23:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:28 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:28 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:28 - 2015-03-12 23:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:28 - 2015-03-12 23:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:28 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:28 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 09:28 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:28 - 2015-03-12 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:28 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 09:28 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:28 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 09:28 - 2015-03-12 23:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:28 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:28 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:28 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 09:28 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:28 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:28 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 09:28 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:28 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:28 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:28 - 2015-03-12 23:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:28 - 2015-03-12 23:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:28 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:28 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:28 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 09:28 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:28 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:28 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:28 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:28 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:28 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:28 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 09:28 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:28 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:28 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:28 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:28 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:28 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 09:28 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:27 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:27 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:27 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 14:37 - 2015-04-14 14:39 - 00002900 _____ () C:\Windows\system32\lic2.xml7001
2015-04-12 16:03 - 2015-04-12 16:05 - 00000000 ____D () C:\Users\Peter\Documents\Catan
2015-04-12 16:03 - 2015-04-12 16:03 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashRpt
2015-04-09 20:38 - 2015-04-09 20:38 - 00000000 ____D () C:\Users\Peter\AppData\Local\Days of Wonder
2015-04-09 17:23 - 2015-04-09 17:23 - 00000000 ____D () C:\Users\Peter\AppData\Local\tt
2015-04-09 17:23 - 2015-04-09 17:23 - 00000000 ____D () C:\Users\Peter\AppData\Local\Ticket to Ride
2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-04-09 12:47 - 2015-04-09 12:47 - 00000000 ____D () C:\Users\Peter\AppData\Local\PacaPong_2
2015-04-09 12:43 - 2015-04-09 12:44 - 04791520 _____ () C:\Users\Peter\Downloads\pacapong_windows.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-08 19:23 - 2011-06-20 21:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA.job
2015-05-08 19:20 - 2011-08-03 23:36 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps
2015-05-08 18:57 - 2012-10-28 11:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 16:36 - 2010-08-31 18:06 - 00000000 ____D () C:\Program Files\PC-Doctor for Windows
2015-05-08 16:04 - 2010-10-28 20:24 - 00000000 ___RD () C:\Users\Peter\Documents\My Dropbox
2015-05-08 15:46 - 2012-10-28 11:43 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-08 15:46 - 2011-06-01 17:35 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox
2015-05-08 15:46 - 2011-06-01 08:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-08 15:20 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-08 15:20 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-08 15:16 - 2010-08-31 18:04 - 01508320 _____ () C:\Windows\WindowsUpdate.log
2015-05-08 15:11 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 15:11 - 2009-07-14 00:51 - 00108104 _____ () C:\Windows\setupact.log
2015-05-08 15:10 - 2010-08-31 18:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-05-08 14:58 - 2011-05-31 21:54 - 00762015 _____ () C:\Windows\comsetup.log
2015-05-08 14:58 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-05-08 14:53 - 2011-05-31 21:30 - 00000000 ___DC () C:\Users\Peter\AppData\Local\MigWiz
2015-05-08 14:05 - 2011-06-18 15:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-08 13:42 - 2011-06-01 08:53 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe
2015-05-08 13:41 - 2010-09-01 15:41 - 01472970 _____ () C:\Windows\PFRO.log
2015-05-08 12:24 - 2010-09-01 16:38 - 00000000 ____D () C:\ProgramData\Recovery
2015-05-08 00:23 - 2011-06-20 21:33 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core.job
2015-05-07 23:14 - 2011-06-02 00:59 - 00000000 __SHD () C:\Users\Peter\UserData
2015-05-07 21:11 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 20:33 - 2013-04-06 19:48 - 02998272 ___SH () C:\Users\Peter\Desktop\Thumbs.db
2015-05-07 11:29 - 2011-06-01 08:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Azureus
2015-05-06 16:55 - 2015-03-26 21:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\QuickScan
2015-05-06 15:50 - 2014-07-04 10:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 15:21 - 2015-04-05 03:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-06 15:21 - 2015-03-28 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-06 15:21 - 2011-05-31 20:44 - 00000000 ____D () C:\Users\Peter
2015-05-06 15:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-06 15:09 - 2012-10-28 11:45 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-06 15:09 - 2012-10-28 11:45 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-06 15:09 - 2011-05-31 21:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Adobe
2015-05-06 15:05 - 2012-03-11 18:31 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-05-06 15:05 - 2010-08-31 18:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-05 22:36 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconfd
2015-05-05 22:35 - 2012-06-12 15:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\gedit
2015-05-05 22:35 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconf
2015-05-05 12:22 - 2015-03-31 11:31 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPeter
2015-05-05 12:22 - 2015-03-31 11:31 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPeter.job
2015-05-04 10:36 - 2011-06-19 22:20 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-04 10:34 - 2011-06-26 17:07 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HP Support Assistant
2015-05-04 10:34 - 2011-06-01 21:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HpUpdate
2015-04-30 16:12 - 2011-06-01 17:37 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-29 15:35 - 2011-06-01 18:50 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-04-28 20:39 - 2011-06-01 19:11 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Audacity
2015-04-23 02:29 - 2013-12-05 19:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 23:35 - 2014-11-30 01:37 - 00537600 ___SH () C:\Users\Peter\Downloads\Thumbs.db
2015-04-22 11:47 - 2006-01-07 19:15 - 00000000 ____D () C:\Users\Peter\Desktop\Peter
2015-04-21 09:47 - 2011-06-01 18:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mozilla
2015-04-18 13:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 12:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 10:42 - 2013-12-05 20:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-16 09:41 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 03:29 - 2012-07-15 14:45 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 03:26 - 2011-12-30 16:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 03:26 - 2011-12-30 16:30 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 03:25 - 2013-07-14 02:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:07 - 2011-06-01 14:32 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-12 14:03 - 2011-06-01 22:39 - 00000000 ____D () C:\Users\Peter\AppData\Local\PokerStars
2015-04-12 10:40 - 2011-06-01 22:39 - 00000000 ____D () C:\Program Files (x86)\PokerStars
 
==================== Files in the root of some directories =======
 
2013-09-09 23:45 - 2013-09-09 09:21 - 0012005 _____ () C:\Users\Peter\AppData\Roaming\alsoft.ini
2011-09-30 18:32 - 2015-03-19 11:52 - 0000600 _____ () C:\Users\Peter\AppData\Roaming\winscp.rnd
2014-08-15 11:21 - 2015-01-16 00:12 - 0000118 _____ () C:\Users\Peter\AppData\Roaming\wklnhst.dat
2011-06-01 22:14 - 2015-03-20 18:15 - 0020992 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-14 19:39 - 2015-03-30 19:24 - 0000337 _____ () C:\Users\Peter\AppData\Local\Perfmon.PerfmonCfg
2012-05-14 19:34 - 2012-05-14 19:34 - 0007605 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2015-03-26 21:34 - 2015-03-26 21:34 - 0208060 _____ () C:\ProgramData\1427419862.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 0037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 0093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 0108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 0108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:56 - 2015-05-06 16:56 - 0204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2012-08-18 18:49 - 2012-08-18 18:49 - 0440503 _____ () C:\ProgramData\3Q9JXFJB.exe.bmp
2012-08-22 01:20 - 2012-08-22 01:20 - 0413879 _____ () C:\ProgramData\G70w7kgNUEbB.exe.bmp
2012-08-25 01:27 - 2012-08-25 01:28 - 0000007 _____ () C:\ProgramData\listaloca
2012-08-18 18:49 - 2013-02-08 11:55 - 0000103 _____ () C:\ProgramData\sdr.bmp
 
Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\Peter\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Peter\AppData\Local\Temp\bridj.dll17448355053715635.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll1933992219987325560.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2011372874903842094.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2438450984470698667.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2591073386824399366.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2750448959252189434.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2958403484058655365.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2989761531168164854.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3514691040469514676.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3518102183032623507.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3541871984646899227.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3911444151003038714.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4614161230828589307.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4815904876593855711.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll482847068807808523.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4922495424451544140.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4962585399402728104.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll5721273794854736775.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6031051082099965263.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6389553170129437983.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll648223337722104155.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6698973804997224963.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6770733952919679620.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6933641139762648828.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll7676835182860092643.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll7735090175524622817.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8019775728301494611.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8624048623552993268.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8721338440817114949.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8722688121404471466.dll
C:\Users\Peter\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Peter\AppData\Local\Temp\DivXSetup.exe
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnormm1.dll
C:\Users\Peter\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Peter\AppData\Local\Temp\mbid.exe
C:\Users\Peter\AppData\Local\Temp\open_htm.exe
C:\Users\Peter\AppData\Local\Temp\Resource.exe
C:\Users\Peter\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Peter\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Peter\AppData\Local\Temp\sfextra.dll
C:\Users\Peter\AppData\Local\Temp\tmd_34017499.exe
C:\Users\Peter\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-04 10:26
 
==================== End Of Log ============================

 

 
 
 

 



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:01 AM

Posted 14 May 2015 - 07:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/575598 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 14 May 2015 - 08:42 AM

I still need help with this problem. Please refer to my first post for details. I do not have an original Windows DVD. I do have a recovery partition, but my only option at this point is to do a factory reset which will wipe the C drive, including all my files.

 

Here are the new FRST files:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 01
Ran by Peter (administrator) on PAUSE on 14-05-2015 09:32:29
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available profiles: Peter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Igor Pavlov) C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe
() C:\Windows\temp\7zS6608.tmp\Setup.exe
() C:\Windows\temp\7zS6608.tmp\AVG-Secure-Search-Update.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [3331944 2009-12-03] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-10] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [PCDrProfiler] => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [89584 2010-01-19] (PC-Doctor, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-13] (Valve Corporation)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5127304 2014-11-20] (Plex, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Google Update] => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Driver Detective] => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\FIREPL~1.SCR
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {A65DF084-072B-42E3-8835-FC56A54E9651} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {A65DF084-072B-42E3-8835-FC56A54E9651} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=HPDTDF&PC=HPDTDF&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {33CB8A43-F152-4AF2-B0F6-301056A88AC1} URL = http://www.altavista.com/web/results?itag=ody&q={searchTerms}&kgs=1&kls=0
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {A65DF084-072B-42E3-8835-FC56A54E9651} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
DPF: HKLM-x32 {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default
FF DefaultSearchEngine.US: Google
FF Homepage: google.ca
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/O1DPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\IMDb.xml [2008-07-23]
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\webster.xml [2008-07-23]
FF Extension: Canadian English Dictionary - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\en-CA@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: Dictionnaires français - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: HerpDerp - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\jid0-Iix25kwA6rvhf6Tw5M2NpHRlXvo@jetpack [2012-02-07]
FF Extension: Forecastfox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-10-31]
FF Extension: ColorfulTabs - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-06]
FF Extension: All-in-One Gestures - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-05-26]
FF Extension: Memory Fox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2011-11-27]
FF Extension: Color toggle - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\background@toggle.wtf.xpi [2011-06-01]
FF Extension: DivX Web Player - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-07-11]
FF Extension: Memory Restart - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\memoryrestart@teamextension.com.xpi [2011-09-25]
FF Extension: Restart Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\restart@restart.org.xpi [2011-06-01]
FF Extension: Rotate Image - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\rotateimage@minisystems.de.xpi [2012-06-05]
FF Extension: Google Translator for Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\translator@zoli.bod.xpi [2012-04-05]
FF Extension: Copy As Plain Text - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1a5dabbd-0e74-41da-b532-a364bb552cab}.xpi [2012-06-21]
FF Extension: Nuke Anything Enhanced - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2011-06-01]
FF Extension: oldbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}.xpi [2011-06-01]
FF Extension: Boomerang for GMail - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2011-09-25]
FF Extension: YouTube High Definition - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-09]
FF Extension: Hide Tabbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}.xpi [2011-06-01]
FF Extension: Showcase - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-06-01]
FF Extension: Modify Headers - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-01-15]
FF Extension: CoolPreviews - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2011-06-17]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-01]
FF Extension: Download Statusbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-10-27]
FF Extension: Greasemonkey - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: GmailTeX - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{f17a9732-1eaa-4383-a590-afa38cf9c22a}.xpi [2012-02-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-03-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-09]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-26]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-28]
CHR Extension: (Dynamite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\djoedchmhkmbnkggjnbachnpikkabfhk [2013-10-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-09]
CHR Extension: (HTTPS Everywhere) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-06-25]
CHR Extension: (Bookmark Manager) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (ModHeader) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2014-11-20]
CHR Extension: (Mymail-Crypt for Gmail™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcaobjhdnlpmopmjhijplpjhlplfkhba [2014-11-22]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2015-02-20]
CHR Extension: (Your Quality for YouTube™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfcilgimggemnogfigihdkmapdhhlbph [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-14 09:32 - 2015-05-14 09:33 - 00033857 _____ () C:\Users\Peter\Desktop\FRST.txt.txt
2015-05-14 09:32 - 2015-05-14 09:32 - 00003058 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0415av_RUN
2015-05-14 09:32 - 2015-05-14 09:32 - 00000000 ____D () C:\Users\Peter\Desktop\FRST-OlderVersion
2015-05-13 13:38 - 2015-05-13 13:38 - 00000022 _____ () C:\Windows\S.dirmngr
2015-05-13 11:36 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:36 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:27 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 11:27 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 11:27 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 11:27 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 11:27 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 11:27 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 11:27 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 11:27 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 11:27 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 11:27 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 11:27 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 11:27 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 11:27 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 11:27 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 11:27 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 11:27 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 11:27 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 11:27 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 11:27 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 11:27 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 11:27 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 11:27 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 11:27 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 11:27 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 11:27 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 11:27 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 11:27 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 11:27 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 11:27 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 11:27 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 11:27 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 11:27 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 11:27 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 11:27 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 11:27 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 11:27 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 11:27 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 11:27 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 11:27 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 11:27 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 11:27 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 11:27 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 11:27 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 11:27 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 11:27 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 11:27 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 11:27 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 11:27 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 11:27 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 11:27 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 11:27 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 11:27 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 11:27 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 11:27 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 11:27 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 11:27 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 11:27 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 11:27 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 11:27 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 11:27 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 11:27 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 11:27 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 11:27 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 11:27 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 11:27 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 11:26 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 11:26 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 11:26 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 11:26 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 11:26 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 11:26 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 11:26 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 11:26 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 11:26 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 11:26 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 11:26 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 11:26 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 11:26 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 11:26 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 11:26 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 11:26 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 11:26 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 11:26 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 11:26 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 11:26 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 11:26 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 11:26 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 11:26 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 11:25 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 11:25 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 11:25 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 11:25 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 11:25 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 11:25 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 11:25 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 11:25 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 11:25 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:57 - 2015-05-12 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2015-05-11 10:09 - 2015-05-11 10:09 - 00035115 _____ () C:\Users\Peter\Downloads\946D9BA768CA48667163EF7B8759ABAB8684E297.torrent
2015-05-08 19:23 - 2015-05-14 09:32 - 00000000 ____D () C:\FRST
2015-05-08 19:21 - 2015-05-14 09:32 - 02105856 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2015-05-08 19:10 - 2015-05-08 19:10 - 05621999 _____ (Swearware) C:\Users\Peter\Desktop\ComboFix.exe
2015-05-08 15:10 - 2015-05-08 15:10 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-08 14:39 - 2015-05-08 14:44 - 00000000 ____D () C:\Users\Peter\Desktop\HDDScan-3.3
2015-05-08 14:39 - 2015-05-08 14:39 - 03822364 _____ () C:\Users\Peter\Downloads\HDDScan-3.3.zip
2015-05-08 13:39 - 2015-05-08 13:39 - 00000000 ____D () C:\ProgramData\ATI
2015-05-08 13:38 - 2015-05-08 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-05-08 13:37 - 2015-05-08 13:39 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-05-08 12:40 - 2015-05-08 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:40 - 00000000 ____D () C:\Program Files (x86)\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:39 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\GameSave Manager 3
2015-05-08 12:32 - 2015-05-08 12:39 - 00000000 ____D () C:\Program Files (x86)\GamSave
2015-05-08 12:32 - 2015-05-08 12:32 - 00000000 ____D () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0
2015-05-08 12:31 - 2015-05-08 12:31 - 07996936 _____ () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0.zip
2015-05-08 12:10 - 2015-05-08 12:10 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller (1).exe
2015-05-08 11:50 - 2015-05-08 11:50 - 00002628 _____ () C:\Users\Peter\Downloads\legitcheck.hta
2015-05-07 23:14 - 2015-05-07 23:14 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-07 23:14 - 2015-05-07 23:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-07 23:13 - 2015-05-07 23:13 - 06484352 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup505.exe
2015-05-07 20:49 - 2015-05-07 20:49 - 00052689 _____ () C:\Windows\SysWOW64\CCCInstall_201505072049055323.log
2015-05-07 17:59 - 2015-05-07 20:23 - 00035953 _____ () C:\Windows\system32\avgrep.txt
2015-05-07 17:19 - 2015-05-07 17:19 - 00000418 _____ () C:\Users\Peter\Desktop\PAUSE.txt
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2015-05-07 17:17 - 2015-05-07 17:17 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller.exe
2015-05-07 12:33 - 2015-05-07 13:49 - 00000000 ____D () C:\Windows\pss
2015-05-07 08:42 - 2015-05-07 08:42 - 04787658 _____ () C:\Users\Peter\Downloads\Nv2-PC (1).zip
2015-05-07 08:42 - 2013-06-27 12:30 - 10821938 _____ (Adobe Systems, Inc.) C:\Users\Peter\Desktop\Nv2-PC.exe
2015-05-06 22:30 - 2015-05-06 22:30 - 00008799 _____ () C:\Users\Peter\Downloads\Big Eyes (2014) [720p] YIFY - YTS.torrent
2015-05-06 17:17 - 2015-05-06 17:17 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\AVG2015
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\TuneUp Software
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-06 17:15 - 2015-05-06 17:17 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-06 17:15 - 2015-05-06 17:15 - 00000000 ___HD () C:\$AVG
2015-05-06 17:14 - 2015-05-06 17:14 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-06 17:11 - 2015-05-06 17:11 - 00098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 00037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:10 - 2015-05-14 09:31 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-06 17:10 - 2015-05-06 17:19 - 00000000 ____D () C:\Users\Peter\AppData\Local\Avg2015
2015-05-06 17:10 - 2015-05-06 17:10 - 04818760 _____ (AVG Technologies) C:\Users\Peter\Downloads\avg_free_stb_all_5863p1_177.exe
2015-05-06 17:10 - 2015-05-06 17:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\MFAData
2015-05-06 16:56 - 2015-05-06 16:56 - 00204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 00108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 00108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 00093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 00037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 15:05 - 2015-05-06 15:05 - 05008664 _____ (Adobe Systems Inc.) C:\Users\Peter\Downloads\Shockwave_Installer_Slim.exe
2015-05-06 11:15 - 2015-05-09 09:24 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-06 11:15 - 2015-05-06 15:21 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-05-06 11:15 - 2015-05-06 11:15 - 02218504 _____ () C:\Users\Peter\Downloads\instspeedfan451.exe
2015-05-06 11:15 - 2015-05-06 11:15 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2015-05-05 22:35 - 2015-05-07 20:49 - 00000000 ____D () C:\ProgramData\AMD
2015-05-05 22:35 - 2015-05-05 22:35 - 00053564 _____ () C:\Windows\SysWOW64\CCCInstall_201505052235052419.log
2015-05-05 22:35 - 2015-05-05 22:35 - 00000818 _____ () C:\Users\Peter\.recently-used.xbel
2015-05-05 22:32 - 2015-05-05 22:32 - 00018357 _____ () C:\Windows\SysWOW64\CCCInstall_201505052232275689.log
2015-05-05 22:28 - 2015-05-07 21:08 - 00000000 ____D () C:\Program Files\AMD
2015-05-05 22:28 - 2015-05-06 15:21 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-05-05 22:24 - 2015-05-05 22:24 - 00000000 ____D () C:\AMD
2015-05-05 22:18 - 2015-05-05 22:18 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Peter\Downloads\autodetectutility.exe
2015-05-02 20:57 - 2015-05-02 20:57 - 00019732 _____ () C:\Users\Peter\Downloads\A Most Violent Year (2014) [1080p] YIFY - YTS.torrent
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-04-29 00:16 - 2015-04-29 00:16 - 00051403 _____ () C:\Users\Peter\Downloads\Inside Amy Schumer S03E02 720p HDTV x264-FiHTV [eztv]-[rarbg.to].torrent
2015-04-27 17:58 - 2015-04-27 17:58 - 00183333 _____ () C:\Users\Peter\Downloads\longtable.ps
2015-04-27 10:45 - 2015-04-27 10:46 - 00122775 _____ () C:\Users\Peter\Downloads\Mad Men S07E11 720p WEB-DL DD5 1 h 264-NTb [eztv].torrent
2015-04-26 23:46 - 2015-04-26 23:46 - 00029503 _____ () C:\Users\Peter\Downloads\89BA0825F5D8C6E482736CD524302C89BD56B91C.torrent
2015-04-23 02:30 - 2015-04-30 19:28 - 00000000 ____D () C:\Users\Peter\Desktop\New folder
2015-04-23 02:28 - 2015-04-23 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2015-04-22 14:42 - 2015-04-22 14:42 - 00000000 ____D () C:\Program Files (x86)\DriverDetective
2015-04-16 09:41 - 2015-04-16 09:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 03:26 - 2015-04-16 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2015-04-15 09:29 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:29 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:29 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:29 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:29 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:29 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:29 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:29 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:29 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:29 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:29 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:29 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:29 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:29 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:29 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:29 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:29 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:29 - 2015-01-27 19:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 09:28 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:27 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:27 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:27 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 14:37 - 2015-04-14 14:39 - 00002900 _____ () C:\Windows\system32\lic2.xml7001
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-14 09:28 - 2012-10-28 11:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-14 09:28 - 2011-06-20 21:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA.job
2015-05-14 09:27 - 2012-10-28 11:43 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 09:27 - 2010-08-31 18:04 - 01181008 _____ () C:\Windows\WindowsUpdate.log
2015-05-14 00:27 - 2010-10-28 20:24 - 00000000 ___RD () C:\Users\Peter\Documents\My Dropbox
2015-05-14 00:23 - 2011-06-20 21:33 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core.job
2015-05-14 00:05 - 2011-08-03 23:36 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps
2015-05-13 19:35 - 2015-03-31 11:31 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPeter
2015-05-13 19:35 - 2015-03-31 11:31 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPeter.job
2015-05-13 14:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-05-13 13:48 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 13:48 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 13:47 - 2011-06-01 17:35 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox
2015-05-13 13:46 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 13:44 - 2011-06-01 08:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-13 13:38 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 13:38 - 2009-07-14 00:51 - 00108440 _____ () C:\Windows\setupact.log
2015-05-13 13:38 - 2009-07-14 00:45 - 00392008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 13:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 13:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:33 - 2012-08-04 11:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 13:33 - 2012-08-04 11:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 11:52 - 2013-07-14 02:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 11:40 - 2011-06-01 14:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 11:36 - 2012-08-04 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 00:02 - 2011-06-01 19:11 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Audacity
2015-05-12 17:58 - 2010-08-31 18:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-12 17:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 17:52 - 2010-08-31 18:03 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-12 17:52 - 2010-08-31 18:01 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-05-12 17:50 - 2009-07-24 21:45 - 00000000 ____D () C:\swsetup
2015-05-12 17:47 - 2011-06-01 17:37 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 17:40 - 2011-06-01 08:53 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe
2015-05-12 17:39 - 2010-09-01 15:41 - 01473308 _____ () C:\Windows\PFRO.log
2015-05-11 10:42 - 2011-06-01 08:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Azureus
2015-05-09 23:47 - 2015-01-14 01:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-09 23:46 - 2012-08-12 11:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-09 20:04 - 2011-06-01 22:14 - 00019968 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-08 16:36 - 2010-08-31 18:06 - 00000000 ____D () C:\Program Files\PC-Doctor for Windows
2015-05-08 15:10 - 2010-08-31 18:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-05-08 14:58 - 2011-05-31 21:54 - 00762015 _____ () C:\Windows\comsetup.log
2015-05-08 14:58 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-05-08 14:53 - 2011-05-31 21:30 - 00000000 ___DC () C:\Users\Peter\AppData\Local\MigWiz
2015-05-08 14:05 - 2011-06-18 15:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-08 12:24 - 2010-09-01 16:38 - 00000000 ____D () C:\ProgramData\Recovery
2015-05-07 23:14 - 2011-06-02 00:59 - 00000000 __SHD () C:\Users\Peter\UserData
2015-05-07 20:33 - 2013-04-06 19:48 - 02998272 ___SH () C:\Users\Peter\Desktop\Thumbs.db
2015-05-06 16:55 - 2015-03-26 21:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\QuickScan
2015-05-06 15:50 - 2014-07-04 10:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 15:21 - 2015-04-05 03:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-06 15:21 - 2015-03-28 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-06 15:21 - 2011-05-31 20:44 - 00000000 ____D () C:\Users\Peter
2015-05-06 15:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-06 15:09 - 2012-10-28 11:45 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-06 15:09 - 2012-10-28 11:45 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-06 15:09 - 2011-05-31 21:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Adobe
2015-05-06 15:05 - 2012-03-11 18:31 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-05-06 15:05 - 2010-08-31 18:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-05 22:36 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconfd
2015-05-05 22:35 - 2012-06-12 15:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\gedit
2015-05-05 22:35 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconf
2015-05-04 10:36 - 2011-06-19 22:20 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-04 10:34 - 2011-06-26 17:07 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HP Support Assistant
2015-05-04 10:34 - 2011-06-01 21:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HpUpdate
2015-04-29 15:35 - 2011-06-01 18:50 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-04-23 02:29 - 2013-12-05 19:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 23:35 - 2014-11-30 01:37 - 00537600 ___SH () C:\Users\Peter\Downloads\Thumbs.db
2015-04-22 11:47 - 2006-01-07 19:15 - 00000000 ____D () C:\Users\Peter\Desktop\Peter
2015-04-21 09:47 - 2011-06-01 18:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mozilla
2015-04-18 13:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 10:42 - 2013-12-05 20:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-16 09:41 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 03:29 - 2012-07-15 14:45 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 03:26 - 2011-12-30 16:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 03:26 - 2011-12-30 16:30 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2013-09-09 23:45 - 2013-09-09 09:21 - 0012005 _____ () C:\Users\Peter\AppData\Roaming\alsoft.ini
2011-09-30 18:32 - 2015-03-19 11:52 - 0000600 _____ () C:\Users\Peter\AppData\Roaming\winscp.rnd
2014-08-15 11:21 - 2015-01-16 00:12 - 0000118 _____ () C:\Users\Peter\AppData\Roaming\wklnhst.dat
2011-06-01 22:14 - 2015-05-09 20:04 - 0019968 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-14 19:39 - 2015-03-30 19:24 - 0000337 _____ () C:\Users\Peter\AppData\Local\Perfmon.PerfmonCfg
2012-05-14 19:34 - 2012-05-14 19:34 - 0007605 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2015-03-26 21:34 - 2015-03-26 21:34 - 0208060 _____ () C:\ProgramData\1427419862.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 0037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 0093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 0108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 0108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:56 - 2015-05-06 16:56 - 0204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2012-08-18 18:49 - 2012-08-18 18:49 - 0440503 _____ () C:\ProgramData\3Q9JXFJB.exe.bmp
2012-08-22 01:20 - 2012-08-22 01:20 - 0413879 _____ () C:\ProgramData\G70w7kgNUEbB.exe.bmp
2012-08-25 01:27 - 2012-08-25 01:28 - 0000007 _____ () C:\ProgramData\listaloca
2012-08-18 18:49 - 2013-02-08 11:55 - 0000103 _____ () C:\ProgramData\sdr.bmp
 
Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\Peter\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Peter\AppData\Local\Temp\bridj.dll17448355053715635.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll1933992219987325560.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2011372874903842094.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2438450984470698667.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2591073386824399366.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2750448959252189434.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2958403484058655365.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2989761531168164854.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3514691040469514676.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3518102183032623507.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3541871984646899227.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3911444151003038714.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4614161230828589307.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4815904876593855711.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll482847068807808523.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4922495424451544140.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4962585399402728104.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll5721273794854736775.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6031051082099965263.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6389553170129437983.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll648223337722104155.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6698973804997224963.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6770733952919679620.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6933641139762648828.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll7676835182860092643.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll7735090175524622817.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8019775728301494611.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8624048623552993268.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8721338440817114949.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8722688121404471466.dll
C:\Users\Peter\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Peter\AppData\Local\Temp\DivXSetup.exe
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbax8aj.dll
C:\Users\Peter\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Peter\AppData\Local\Temp\mbid.exe
C:\Users\Peter\AppData\Local\Temp\open_htm.exe
C:\Users\Peter\AppData\Local\Temp\Resource.exe
C:\Users\Peter\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Peter\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Peter\AppData\Local\Temp\sfextra.dll
C:\Users\Peter\AppData\Local\Temp\tmd_34017499.exe
C:\Users\Peter\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-04 10:26
 
==================== End Of Log ============================
 
 

 

 



#4 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 14 May 2015 - 08:43 AM

Here is the new addition.txt file stored as an attachment .

Attached Files



#5 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:01 PM

Posted 15 May 2015 - 03:17 AM

:welcome:

Hello shma,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 15 May 2015 - 10:39 PM

Hi Jo, thank you for your help. Here are the log files for Security Check, MBAR and AdwCleaner, in that order. MBAR found no malware. With respect to the AdwCleaner report, the folders " ...AppData\Roaming\pdfforge" and 

"...\Desktop\Save" are innocuous and I wish to keep them.
 
Checkup.txt
 
 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2015   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 TikiOne Steam Cleaner   
 Java 8 Update 31  
 Java version 32-bit out of Date! 
 Adobe Reader XI  
 Mozilla Firefox (37.0.2) 
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.152) 
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
MBAR Log:
 

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
 
Database version:
  main:    v2015.05.15.05
  rootkit: v2015.05.14.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Peter :: PAUSE [administrator]
 
15/05/2015 5:13:42 PM
mbar-log-2015-05-15 (17-13-42).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 406497
Time elapsed: 31 minute(s), 4 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)

 

AdwCleaner[R0].txt

 

# AdwCleaner v4.204 - Logfile created 15/05/2015 at 23:30:34
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Peter - PAUSE
# Running from : C:\Users\Peter\Desktop\adwcleaner_4.204.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Folder Found : C:\Users\Peter\AppData\Roaming\pdfforge
Folder Found : C:\Users\Peter\Desktop\Save
Folder Found : C:\Users\Peter\Documents\Video Converter
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A65DF084-072B-42E3-8835-FC56A54E9651}
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A65DF084-072B-42E3-8835-FC56A54E9651}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Driver Detective]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17801
 
 
-\\ Mozilla Firefox v37.0.2 (x86 en-US)
 
[mrjyhhsz.default] - Line Found : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,restart%40restart.org:0.5,rotateimage%40minisystems.de:0.1.3.2,translator%40zoli.bod:2.1.0.3,%7B1a5dabbd-0e74-41da-b532-a364bb[...]
[mrjyhhsz.default] - Line Found : user_pref("extensions.xpiState", "{\"app-profile\":{\"background@toggle.wtf\":{\"d\":\"C:\\\\Users\\\\Peter\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mrjyhhsz.default\\\\extensions\\\[...]
 
-\\ Google Chrome v42.0.2311.152
 
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [2791 bytes] - [15/05/2015 23:30:34]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2850 bytes] ##########
 
Thank you for your help.


#7 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:01 PM

Posted 16 May 2015 - 01:37 AM

Hello shma,

when you ran AdwCleaner again, check the folders " ...AppData\Roaming\pdfforge" and
"...\Desktop\Save" that you wish to keep them.
Case of a problem you can re-install the programs later!

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run the Farbar Recovery Scan Tool again.
  • Double-click to run FSRT / FSRT64. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 16 May 2015 - 02:06 PM

Hi Jo, I have run through all the programs and the problems still remain. Is it possible that the issues could be due to a corrupted registry and not malware?

 

Here are the logs:

 

AdwCleaner:

 

 # AdwCleaner v4.204 - Logfile created 16/05/2015 at 14:25:55

# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Peter - PAUSE
# Running from : C:\Users\Peter\Desktop\adwcleaner_4.204.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[x] Not Deleted : C:\Users\Peter\AppData\Roaming\pdfforge
[x] Not Deleted : C:\Users\Peter\Desktop\Save
Folder Deleted : C:\Users\Peter\Documents\Video Converter
File Deleted : C:\END
File Deleted : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Driver Detective]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A65DF084-072B-42E3-8835-FC56A54E9651}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A65DF084-072B-42E3-8835-FC56A54E9651}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17801
 
 
-\\ Mozilla Firefox v37.0.2 (x86 en-US)
 
[mrjyhhsz.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,restart%40restart.org:0.5,rotateimage%40minisystems.de:0.1.3.2,translator%40zoli.bod:2.1.0.3,%7B1a5dabbd-0e74-41da-b532-a364bb[...]
[mrjyhhsz.default\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-profile\":{\"background@toggle.wtf\":{\"d\":\"C:\\\\Users\\\\Peter\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mrjyhhsz.default\\\\extensions\\\[...]
 
-\\ Google Chrome v42.0.2311.152
 
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [2945 bytes] - [15/05/2015 23:30:34]
AdwCleaner[R1].txt - [3004 bytes] - [16/05/2015 14:23:12]
AdwCleaner[S0].txt - [2887 bytes] - [16/05/2015 14:25:55]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2946  bytes] ##########
 
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.2 (05.15.2015:1)
OS: Windows 7 Home Premium x64
Ran by Peter on 16/05/2015 at 14:41:43.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A65DF084-072B-42E3-8835-FC56A54E9651}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Peter\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsfreak.com_0.localstorage
Successfully deleted: [File] C:\Users\Peter\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsfreak.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Peter\appdata\local\google\chrome\user data\default\local storage\http_www.metrolyrics.com_0.localstorage
Successfully deleted: [File] C:\Users\Peter\appdata\local\google\chrome\user data\default\local storage\http_www.metrolyrics.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Peter\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Peter\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Peter\appdata\local\{13C1AB14-2E0E-4CCB-95FB-04030E9A6813}
Successfully deleted: [Empty Folder] C:\Users\Peter\appdata\local\{3A34F927-B377-44F7-8936-13A7D7E71CDA}
Successfully deleted: [Empty Folder] C:\Users\Peter\appdata\local\{850F0E0E-FF3D-4689-9310-755675431D88}
Successfully deleted: [Empty Folder] C:\Users\Peter\appdata\local\{B61EE01B-443A-498B-BCF0-EB93396E5618}
Successfully deleted: [Empty Folder] C:\Users\Peter\appdata\local\{E1EDD9FB-9BE1-4543-893A-2DFAFF680173}
Successfully deleted: [Folder] C:\Users\Peter\AppData\Roaming\pdfforge
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Peter\AppData\Roaming\mozilla\firefox\profiles\mrjyhhsz.default\minidumps [77 files]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/05/2015 at 14:46:00.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02

Ran by Peter (administrator) on PAUSE on 16-05-2015 14:56:09
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available profiles: Peter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [3331944 2009-12-03] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-10] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [PCDrProfiler] => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [89584 2010-01-19] (PC-Doctor, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-14] (Valve Corporation)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5127304 2014-11-20] (Plex, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Google Update] => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\FIREPL~1.SCR
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {33CB8A43-F152-4AF2-B0F6-301056A88AC1} URL = http://www.altavista.com/web/results?itag=ody&q={searchTerms}&kgs=1&kls=0
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
DPF: HKLM-x32 {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default
FF DefaultSearchEngine.US: Google
FF Homepage: google.ca
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/O1DPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\IMDb.xml [2008-07-23]
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\webster.xml [2008-07-23]
FF Extension: Canadian English Dictionary - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\en-CA@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: Dictionnaires français - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: HerpDerp - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\jid0-Iix25kwA6rvhf6Tw5M2NpHRlXvo@jetpack [2012-02-07]
FF Extension: Forecastfox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-10-31]
FF Extension: ColorfulTabs - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-06]
FF Extension: All-in-One Gestures - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-05-26]
FF Extension: Memory Fox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2011-11-27]
FF Extension: Color toggle - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\background@toggle.wtf.xpi [2011-06-01]
FF Extension: DivX Web Player - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-07-11]
FF Extension: Memory Restart - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\memoryrestart@teamextension.com.xpi [2011-09-25]
FF Extension: Restart Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\restart@restart.org.xpi [2011-06-01]
FF Extension: Rotate Image - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\rotateimage@minisystems.de.xpi [2012-06-05]
FF Extension: Google Translator for Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\translator@zoli.bod.xpi [2012-04-05]
FF Extension: Copy As Plain Text - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1a5dabbd-0e74-41da-b532-a364bb552cab}.xpi [2012-06-21]
FF Extension: Nuke Anything Enhanced - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2011-06-01]
FF Extension: oldbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}.xpi [2011-06-01]
FF Extension: Boomerang for GMail - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2011-09-25]
FF Extension: YouTube High Definition - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-09]
FF Extension: Hide Tabbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}.xpi [2011-06-01]
FF Extension: Showcase - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-06-01]
FF Extension: Modify Headers - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-01-15]
FF Extension: CoolPreviews - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2011-06-17]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-01]
FF Extension: Download Statusbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-10-27]
FF Extension: Greasemonkey - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: GmailTeX - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{f17a9732-1eaa-4383-a590-afa38cf9c22a}.xpi [2012-02-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-03-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-09]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-26]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-28]
CHR Extension: (Dynamite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\djoedchmhkmbnkggjnbachnpikkabfhk [2013-10-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-09]
CHR Extension: (HTTPS Everywhere) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-06-25]
CHR Extension: (Bookmark Manager) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (ModHeader) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2014-11-20]
CHR Extension: (Mymail-Crypt for Gmail™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcaobjhdnlpmopmjhijplpjhlplfkhba [2014-11-22]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2015-02-20]
CHR Extension: (Your Quality for YouTube™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfcilgimggemnogfigihdkmapdhhlbph [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
S2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-16 14:56 - 2015-05-16 14:57 - 00030321 _____ () C:\Users\Peter\Desktop\FRST.txt
2015-05-16 14:54 - 2015-05-16 14:54 - 00000000 ____D () C:\Users\Peter\Desktop\FRST-OlderVersion
2015-05-16 14:46 - 2015-05-16 14:46 - 00002828 _____ () C:\Users\Peter\Desktop\JRT.txt
2015-05-16 14:41 - 2015-05-16 14:41 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PAUSE-Windows-7-Home-Premium-(64-bit).dat
2015-05-16 14:41 - 2015-05-16 14:41 - 00000000 ____D () C:\RegBackup
2015-05-16 14:38 - 2015-05-16 14:39 - 02719698 _____ (Thisisu) C:\Users\Peter\Desktop\JRT.exe
2015-05-15 23:30 - 2015-05-16 14:26 - 00000000 ____D () C:\AdwCleaner
2015-05-15 23:29 - 2015-05-15 23:29 - 02209792 _____ () C:\Users\Peter\Desktop\adwcleaner_4.204.exe
2015-05-15 17:13 - 2015-05-15 17:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-15 17:12 - 2015-05-15 17:49 - 00000000 ____D () C:\Users\Peter\Desktop\mbar
2015-05-15 17:10 - 2015-05-15 17:10 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Peter\Downloads\mbar-1.09.1.1004.exe
2015-05-15 11:30 - 2015-05-15 11:30 - 00000884 _____ () C:\Users\Peter\Desktop\checkup.txt
2015-05-15 10:47 - 2015-05-15 10:47 - 00852630 _____ () C:\Users\Peter\Desktop\SecurityCheck.exe
2015-05-14 09:32 - 2015-05-14 09:32 - 00003058 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0415av_RUN
2015-05-13 13:38 - 2015-05-16 14:27 - 00000022 _____ () C:\Windows\S.dirmngr
2015-05-13 11:36 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:36 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:27 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 11:27 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 11:27 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 11:27 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 11:27 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 11:27 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 11:27 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 11:27 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 11:27 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 11:27 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 11:27 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 11:27 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 11:27 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 11:27 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 11:27 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 11:27 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 11:27 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 11:27 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 11:27 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 11:27 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 11:27 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 11:27 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 11:27 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 11:27 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 11:27 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 11:27 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 11:27 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 11:27 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 11:27 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 11:27 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 11:27 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 11:27 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 11:27 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 11:27 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 11:27 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 11:27 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 11:27 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 11:27 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 11:27 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 11:27 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 11:27 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 11:27 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 11:27 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 11:27 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 11:27 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 11:27 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 11:27 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 11:27 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 11:27 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 11:27 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 11:27 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 11:27 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 11:27 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 11:27 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 11:27 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 11:27 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 11:27 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 11:27 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 11:27 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 11:27 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 11:27 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 11:27 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 11:27 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 11:27 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 11:27 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 11:26 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 11:26 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 11:26 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 11:26 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 11:26 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 11:26 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 11:26 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 11:26 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 11:26 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 11:26 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 11:26 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 11:26 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 11:26 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 11:26 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 11:26 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 11:26 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 11:26 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 11:26 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 11:26 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 11:26 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 11:26 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 11:26 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 11:26 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 11:25 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 11:25 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 11:25 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 11:25 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 11:25 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 11:25 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 11:25 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 11:25 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 11:25 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:57 - 2015-05-12 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2015-05-08 19:23 - 2015-05-16 14:56 - 00000000 ____D () C:\FRST
2015-05-08 19:21 - 2015-05-16 14:54 - 02107392 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2015-05-08 19:10 - 2015-05-08 19:10 - 05621999 _____ (Swearware) C:\Users\Peter\Desktop\ComboFix.exe
2015-05-08 15:10 - 2015-05-08 15:10 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-08 14:39 - 2015-05-08 14:44 - 00000000 ____D () C:\Users\Peter\Desktop\HDDScan-3.3
2015-05-08 14:39 - 2015-05-08 14:39 - 03822364 _____ () C:\Users\Peter\Downloads\HDDScan-3.3.zip
2015-05-08 13:39 - 2015-05-08 13:39 - 00000000 ____D () C:\ProgramData\ATI
2015-05-08 13:38 - 2015-05-08 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-05-08 13:37 - 2015-05-08 13:39 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-05-08 12:40 - 2015-05-08 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:40 - 00000000 ____D () C:\Program Files (x86)\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:39 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\GameSave Manager 3
2015-05-08 12:32 - 2015-05-08 12:39 - 00000000 ____D () C:\Program Files (x86)\GamSave
2015-05-08 12:32 - 2015-05-08 12:32 - 00000000 ____D () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0
2015-05-08 12:31 - 2015-05-08 12:31 - 07996936 _____ () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0.zip
2015-05-08 12:10 - 2015-05-08 12:10 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller (1).exe
2015-05-08 11:50 - 2015-05-08 11:50 - 00002628 _____ () C:\Users\Peter\Downloads\legitcheck.hta
2015-05-07 23:14 - 2015-05-07 23:14 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-07 23:14 - 2015-05-07 23:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-07 23:13 - 2015-05-07 23:13 - 06484352 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup505.exe
2015-05-07 20:49 - 2015-05-07 20:49 - 00052689 _____ () C:\Windows\SysWOW64\CCCInstall_201505072049055323.log
2015-05-07 17:59 - 2015-05-07 20:23 - 00035953 _____ () C:\Windows\system32\avgrep.txt
2015-05-07 17:19 - 2015-05-07 17:19 - 00000418 _____ () C:\Users\Peter\Desktop\PAUSE.txt
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2015-05-07 17:17 - 2015-05-07 17:17 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller.exe
2015-05-07 12:33 - 2015-05-07 13:49 - 00000000 ____D () C:\Windows\pss
2015-05-07 08:42 - 2015-05-07 08:42 - 04787658 _____ () C:\Users\Peter\Downloads\Nv2-PC (1).zip
2015-05-07 08:42 - 2013-06-27 12:30 - 10821938 _____ (Adobe Systems, Inc.) C:\Users\Peter\Desktop\Nv2-PC.exe
2015-05-06 17:17 - 2015-05-06 17:17 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\AVG2015
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\TuneUp Software
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-06 17:15 - 2015-05-06 17:17 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-06 17:15 - 2015-05-06 17:15 - 00000000 ___HD () C:\$AVG
2015-05-06 17:14 - 2015-05-06 17:14 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-06 17:11 - 2015-05-06 17:11 - 00098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 00037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:10 - 2015-05-16 14:33 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-06 17:10 - 2015-05-06 17:19 - 00000000 ____D () C:\Users\Peter\AppData\Local\Avg2015
2015-05-06 17:10 - 2015-05-06 17:10 - 04818760 _____ (AVG Technologies) C:\Users\Peter\Downloads\avg_free_stb_all_5863p1_177.exe
2015-05-06 17:10 - 2015-05-06 17:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\MFAData
2015-05-06 16:56 - 2015-05-06 16:56 - 00204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 00108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 00108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 00093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 00037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 15:05 - 2015-05-06 15:05 - 05008664 _____ (Adobe Systems Inc.) C:\Users\Peter\Downloads\Shockwave_Installer_Slim.exe
2015-05-06 11:15 - 2015-05-09 09:24 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-06 11:15 - 2015-05-06 15:21 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-05-06 11:15 - 2015-05-06 11:15 - 02218504 _____ () C:\Users\Peter\Downloads\instspeedfan451.exe
2015-05-06 11:15 - 2015-05-06 11:15 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2015-05-05 22:35 - 2015-05-07 20:49 - 00000000 ____D () C:\ProgramData\AMD
2015-05-05 22:35 - 2015-05-05 22:35 - 00053564 _____ () C:\Windows\SysWOW64\CCCInstall_201505052235052419.log
2015-05-05 22:35 - 2015-05-05 22:35 - 00000818 _____ () C:\Users\Peter\.recently-used.xbel
2015-05-05 22:32 - 2015-05-05 22:32 - 00018357 _____ () C:\Windows\SysWOW64\CCCInstall_201505052232275689.log
2015-05-05 22:28 - 2015-05-07 21:08 - 00000000 ____D () C:\Program Files\AMD
2015-05-05 22:28 - 2015-05-06 15:21 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-05-05 22:24 - 2015-05-05 22:24 - 00000000 ____D () C:\AMD
2015-05-05 22:18 - 2015-05-05 22:18 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Peter\Downloads\autodetectutility.exe
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-04-27 17:58 - 2015-04-27 17:58 - 00183333 _____ () C:\Users\Peter\Downloads\longtable.ps
2015-04-23 02:30 - 2015-04-30 19:28 - 00000000 ____D () C:\Users\Peter\Desktop\New folder
2015-04-23 02:28 - 2015-04-23 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2015-04-22 14:42 - 2015-04-22 14:42 - 00000000 ____D () C:\Program Files (x86)\DriverDetective
2015-04-16 09:41 - 2015-04-16 09:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 03:26 - 2015-04-16 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-16 14:57 - 2012-10-28 11:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 14:53 - 2011-08-03 23:36 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps
2015-05-16 14:41 - 2010-10-28 20:24 - 00000000 ___RD () C:\Users\Peter\Documents\My Dropbox
2015-05-16 14:39 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-16 14:39 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-16 14:36 - 2010-08-31 18:04 - 01239780 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 14:32 - 2011-06-01 08:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-16 14:31 - 2011-06-01 17:35 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox
2015-05-16 14:31 - 2011-06-01 08:53 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe
2015-05-16 14:30 - 2012-10-28 11:43 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-16 14:27 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 14:27 - 2009-07-14 00:51 - 00108496 _____ () C:\Windows\setupact.log
2015-05-16 14:22 - 2011-06-20 21:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA.job
2015-05-15 17:16 - 2011-06-20 21:33 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core.job
2015-05-15 17:13 - 2014-07-04 10:08 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-15 17:12 - 2014-07-04 10:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-15 17:11 - 2011-06-20 21:33 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA
2015-05-15 17:11 - 2011-06-20 21:33 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core
2015-05-15 10:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-14 09:43 - 2013-04-06 19:48 - 02998272 ___SH () C:\Users\Peter\Desktop\Thumbs.db
2015-05-13 19:35 - 2015-03-31 11:31 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPeter
2015-05-13 19:35 - 2015-03-31 11:31 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPeter.job
2015-05-13 14:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-05-13 13:46 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 13:38 - 2009-07-14 00:45 - 00392008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 13:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 13:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:33 - 2012-08-04 11:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 13:33 - 2012-08-04 11:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 11:52 - 2013-07-14 02:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 11:40 - 2011-06-01 14:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 11:36 - 2012-08-04 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 00:02 - 2011-06-01 19:11 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Audacity
2015-05-12 17:58 - 2010-08-31 18:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-12 17:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 17:52 - 2010-08-31 18:03 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-12 17:52 - 2010-08-31 18:01 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-05-12 17:50 - 2009-07-24 21:45 - 00000000 ____D () C:\swsetup
2015-05-12 17:47 - 2011-06-01 17:37 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 17:39 - 2010-09-01 15:41 - 01473308 _____ () C:\Windows\PFRO.log
2015-05-11 10:42 - 2011-06-01 08:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Azureus
2015-05-09 23:47 - 2015-01-14 01:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-09 23:46 - 2012-08-12 11:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-09 20:04 - 2011-06-01 22:14 - 00019968 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-08 16:36 - 2010-08-31 18:06 - 00000000 ____D () C:\Program Files\PC-Doctor for Windows
2015-05-08 15:10 - 2010-08-31 18:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-05-08 14:58 - 2011-05-31 21:54 - 00762015 _____ () C:\Windows\comsetup.log
2015-05-08 14:58 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-05-08 14:53 - 2011-05-31 21:30 - 00000000 ___DC () C:\Users\Peter\AppData\Local\MigWiz
2015-05-08 14:05 - 2011-06-18 15:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-08 12:24 - 2010-09-01 16:38 - 00000000 ____D () C:\ProgramData\Recovery
2015-05-07 23:14 - 2011-06-02 00:59 - 00000000 __SHD () C:\Users\Peter\UserData
2015-05-06 16:55 - 2015-03-26 21:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\QuickScan
2015-05-06 15:21 - 2015-04-05 03:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-06 15:21 - 2015-03-28 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-06 15:21 - 2011-05-31 20:44 - 00000000 ____D () C:\Users\Peter
2015-05-06 15:09 - 2012-10-28 11:45 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-06 15:09 - 2012-10-28 11:45 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-06 15:09 - 2011-05-31 21:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Adobe
2015-05-06 15:05 - 2012-03-11 18:31 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-05-06 15:05 - 2010-08-31 18:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-05 22:36 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconfd
2015-05-05 22:35 - 2012-06-12 15:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\gedit
2015-05-05 22:35 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconf
2015-05-04 10:36 - 2011-06-19 22:20 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-04 10:34 - 2011-06-26 17:07 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HP Support Assistant
2015-05-04 10:34 - 2011-06-01 21:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HpUpdate
2015-04-29 15:35 - 2011-06-01 18:50 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-04-23 02:29 - 2013-12-05 19:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 23:35 - 2014-11-30 01:37 - 00537600 ___SH () C:\Users\Peter\Downloads\Thumbs.db
2015-04-22 11:47 - 2006-01-07 19:15 - 00000000 ____D () C:\Users\Peter\Desktop\Peter
2015-04-21 09:47 - 2011-06-01 18:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mozilla
2015-04-18 13:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 10:42 - 2013-12-05 20:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-16 09:41 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 03:29 - 2012-07-15 14:45 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 03:26 - 2011-12-30 16:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 03:26 - 2011-12-30 16:30 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2013-09-09 23:45 - 2013-09-09 09:21 - 0012005 _____ () C:\Users\Peter\AppData\Roaming\alsoft.ini
2011-09-30 18:32 - 2015-03-19 11:52 - 0000600 _____ () C:\Users\Peter\AppData\Roaming\winscp.rnd
2014-08-15 11:21 - 2015-01-16 00:12 - 0000118 _____ () C:\Users\Peter\AppData\Roaming\wklnhst.dat
2011-06-01 22:14 - 2015-05-09 20:04 - 0019968 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-14 19:39 - 2015-03-30 19:24 - 0000337 _____ () C:\Users\Peter\AppData\Local\Perfmon.PerfmonCfg
2012-05-14 19:34 - 2012-05-14 19:34 - 0007605 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2015-03-26 21:34 - 2015-03-26 21:34 - 0208060 _____ () C:\ProgramData\1427419862.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 0037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 0093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 0108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 0108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:56 - 2015-05-06 16:56 - 0204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2012-08-18 18:49 - 2012-08-18 18:49 - 0440503 _____ () C:\ProgramData\3Q9JXFJB.exe.bmp
2012-08-22 01:20 - 2012-08-22 01:20 - 0413879 _____ () C:\ProgramData\G70w7kgNUEbB.exe.bmp
2012-08-25 01:27 - 2012-08-25 01:28 - 0000007 _____ () C:\ProgramData\listaloca
2012-08-18 18:49 - 2013-02-08 11:55 - 0000103 _____ () C:\ProgramData\sdr.bmp
 
Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\Peter\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Peter\AppData\Local\Temp\bridj.dll17448355053715635.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll1933992219987325560.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2011372874903842094.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2438450984470698667.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2591073386824399366.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2750448959252189434.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2958403484058655365.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll2989761531168164854.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3514691040469514676.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3518102183032623507.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3541871984646899227.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll3911444151003038714.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4614161230828589307.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4815904876593855711.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll482847068807808523.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4922495424451544140.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll4962585399402728104.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll5721273794854736775.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6031051082099965263.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6389553170129437983.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll648223337722104155.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6698973804997224963.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6770733952919679620.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll6933641139762648828.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll7676835182860092643.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll7735090175524622817.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8019775728301494611.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8624048623552993268.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8721338440817114949.dll
C:\Users\Peter\AppData\Local\Temp\bridj.dll8722688121404471466.dll
C:\Users\Peter\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Peter\AppData\Local\Temp\DivXSetup.exe
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3u6da_.dll
C:\Users\Peter\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Peter\AppData\Local\Temp\mbid.exe
C:\Users\Peter\AppData\Local\Temp\open_htm.exe
C:\Users\Peter\AppData\Local\Temp\Quarantine.exe
C:\Users\Peter\AppData\Local\Temp\Resource.exe
C:\Users\Peter\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Peter\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Peter\AppData\Local\Temp\sfextra.dll
C:\Users\Peter\AppData\Local\Temp\sqlite3.dll
C:\Users\Peter\AppData\Local\Temp\tmd_34017499.exe
C:\Users\Peter\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 16:38
 
==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Peter at 2015-05-16 14:57:35
Running from C:\Users\Peter\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2948383268-4287108767-1354885317-500 - Administrator - Disabled)
Guest (S-1-5-21-2948383268-4287108767-1354885317-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2948383268-4287108767-1354885317-1002 - Limited - Enabled)
Peter (S-1-5-21-2948383268-4287108767-1354885317-1000 - Administrator - Enabled) => C:\Users\Peter
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AaAaAA!!! - A Reckless Disregard for Gravity (HKLM-x32\...\Steam App 15520) (Version:  - Dejobaan Games)
AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (HKLM-x32\...\Steam App 15560) (Version:  - )
Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AES Crypt (HKLM\...\{F83B33CD-1422-448A-82DC-26D174F49189}) (Version: 3.08 - Packetizer, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
And Yet It Moves (HKLM-x32\...\Steam App 18700) (Version:  - Broken Rules)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atom Zombie Smasher  (HKLM-x32\...\Steam App 55040) (Version:  - )
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.4.7200 - )
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
Back to the Future: Ep 1 - It's About Time (HKLM-x32\...\Steam App 31290) (Version:  - Telltale Games)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios Ltd.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - Amanita Design)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Capsized (HKLM-x32\...\Steam App 95300) (Version:  - Alientrap Games Inc)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - )
Catan (HKLM-x32\...\Steam App 239410) (Version:  - United Soft Media)
ccc-core-static (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
ChaosPro (HKLM-x32\...\ChaosPro 4.0) (Version: 4.0.249 - Martin Pfingstl, http://www.chaospro.de)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Cogs (HKLM-x32\...\Steam App 26500) (Version:  - Lazy 8 Studios)
Combined Community Codec Pack 2010-10-10 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crayon Physics Deluxe (HKLM-x32\...\Steam App 26900) (Version:  - Kloonigames)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Elegy For A Dead World (HKLM-x32\...\Steam App 252290) (Version:  - Dejobaan Games, LLC)
English Country Tune (HKLM-x32\...\Steam App 207570) (Version:  - )
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Fireplace by PES Screen Saver (HKLM-x32\...\Fireplace by PES) (Version:  - )
Fractal (HKLM-x32\...\{3485CDCE-2099-4B10-8E90-2953C5D26A6A}) (Version: 1.1.0 - Cipher Prime Studios, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Audio CD Burner version 1.4.8 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.40.7.WIN.FullTilt.COM - )
Gambit (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Gambit) (Version:  - )
GameSave Manager v3 (HKLM-x32\...\GameSaveManager_v3) (Version: 3.1.442.0 - InsaneMatt)
gedit 2.30.1 (HKLM-x32\...\gedit_is1) (Version: 2.30.1 - GNOME)
GIMP 2.6.12-2 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.02) (Version: 9.02 - Artifex Software Inc.)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)
Hammerfight (HKLM-x32\...\Steam App 41100) (Version:  - KranX Productions)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
Hector: Ep 1 (HKLM-x32\...\Steam App 94600) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.142.0 - ATI Technologies Inc.) Hidden
Ikaruga (HKLM-x32\...\Steam App 253750) (Version:  - Treasure)
Intrusion 2 (HKLM-x32\...\Steam App 214970) (Version:  - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
KLatexFormula 3.2.4 (HKLM-x32\...\KLatexFormula-3.2.4) (Version: 3.2.4 - Philippe Faist <philippe.faist@bluewin.ch>)
L.A. Noire: The Complete Edition (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2610 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2610 - CyberLink Corp.) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version: 4.1.3.2 - The Document Foundation)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - )
LizardTech DjVu Control (autoinstall) (HKLM-x32\...\DjVu) (Version:  - )
LPSolve IDE 5.5.2.0 (HKLM-x32\...\LPSolve IDE_is1) (Version: 5.5.2.0 - Free Software Foundation, Inc.)
Machinarium (HKLM-x32\...\Steam App 40700) (Version:  - Amanita Design)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeChat (HKLM\...\{BD198331-FF8A-4DEB-9F30-A0AC56625A3B}) (Version: 1.40.224.0 - Microsoft)
Microsoft Office Home and Student 60 day trial (HKLM-x32\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-9e75166c-78f6-4d4c-ab0a-27acce5a5efe) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-9e9a58c4-1d1e-4d35-ac50-ff44535fe0c9) (Version:  - Epic Games, Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.34 - Symantec)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.8 - )
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
office Convert Pdf to Jpg Jpeg Tiff Free 6.5 (HKLM-x32\...\office Convert Pdf to Jpg Jpeg Tiff Free_is1) (Version:  - Officeconvert Software, Inc.)
Oil Rush (HKLM-x32\...\Steam App 200390) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Osmos (HKLM-x32\...\Steam App 29180) (Version:  - Hemisphere Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.7.11 - )
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plex Media Server (HKLM-x32\...\{16eca963-68c5-4756-80f9-db9094a4d6f0}) (Version: 0.9.1104 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1104 - Plex, Inc.) Hidden
Poker - Espacejeux (HKLM-x32\...\Poker - Espacejeux ) (Version:  - Boss Media AB)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2704 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2704 - CyberLink Corp.) Hidden
Proteus (HKLM-x32\...\Steam App 219680) (Version:  - )
Psychonauts (HKLM-x32\...\Steam App 3830) (Version:  - Double Fine Productions, Inc.)
Puzzle Agent (HKLM-x32\...\Steam App 31270) (Version:  - Telltale Games)
Puzzle Agent 2 (HKLM-x32\...\Steam App 94590) (Version:  - )
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
Q.U.B.E. (HKLM-x32\...\Steam App 203730) (Version:  - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rampant Logic Postscript Viewer 1.1 (HKLM-x32\...\{39C4C6DE-641B-483F-B875-2AEDF0FB85CA}_is1) (Version:  - Rampant Logic)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Receiver (HKLM-x32\...\Steam App 234190) (Version:  - Wolfire Games)
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revenge of the Titans (HKLM-x32\...\Steam App 93200) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Sam & Max 301: The Penal Zone (HKLM-x32\...\Steam App 31220) (Version:  - Telltale Games)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Small World 2 (HKLM-x32\...\Steam App 235620) (Version:  - Days of Wonder)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Sega)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Spotify) (Version: 0.9.2.18.gcaf36646 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steel Storm: Burning Retribution (HKLM-x32\...\Steam App 96200) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version:  - )
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeXworks 0.4.3 (HKLM-x32\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
The Binding Of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Photographer's Ephemeris (HKLM-x32\...\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1) (Version: 1.1.1 - UNKNOWN)
The Photographer's Ephemeris (x32 Version: 1.1.1 - UNKNOWN) Hidden
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version:  - Days of Wonder)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version:  - Jonathan Lermitage)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version:  - )
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
To the Moon (HKLM-x32\...\To the Moon) (Version: 1.0 - Freebird Games)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - )
Wallace & Gromit Ep 1: Fright of the Bumblebees (HKLM-x32\...\Steam App 31100) (Version:  - Telltale Games)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D Boy)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
09-05-2015 23:43:25 Removed iTunes
10-05-2015 15:42:19 Removed Bonjour
12-05-2015 17:24:55 Removed HP Support Assistant.
12-05-2015 17:30:18 Windows Modules Installer
12-05-2015 17:31:42 Windows Modules Installer
12-05-2015 17:51:10 Installed HP Support Assistant
12-05-2015 17:55:23 Windows Modules Installer
12-05-2015 17:56:44 Windows Modules Installer
13-05-2015 11:33:26 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2013-02-08 12:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0F88CE7C-A0EC-4628-B756-8BA82FAB7846} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {4DD7A0F3-B7D7-44F9-A368-5E5F91938EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {4E8B84FE-381E-400F-A324-97438388866E} - System32\Tasks\{F3FBB1B8-EACE-4D21-A0D0-BB75AD81B87D} => pcalua.exe -a "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOGLVH26\Firefox%20Setup%204.0.1[2].exe" -d C:\Users\Peter\Desktop
Task: {928E3585-85D7-4132-8F10-85AD8C390050} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe [2009-09-24] (Microsoft Corporation)
Task: {9C0B8F9D-F82D-42A2-91C6-6798E69311A2} - System32\Tasks\AVG_SYS_TASK_0415av_RUN => C:\ProgramData\Avg_Update_0415av\AVG-Secure-Search-Update_0415av.exe
Task: {AA1AB9D0-D217-4C5E-8DE9-5FE87F29A921} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AADE8185-DBAD-4226-91FD-D1DB23EB4720} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B42D1A3A-0775-4B3B-925D-08E74E83B065} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {BAF13652-8A08-449B-AFED-1F03C14C9F3A} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {BE8877D4-52CE-4276-84F0-F7191CE4A84C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {C0C137A6-17ED-4E74-9FC4-7B930B252B4D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C245DD1A-F068-4E26-8FB1-8D5B0B0F57BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D4B76A8C-B7F1-4BAA-92B6-F76C803AA3C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-28] (Google Inc.)
Task: {D91D140B-59D4-4019-9D85-30CB2E708C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {E4E0D67A-A2D5-4FCA-95DB-F5EEFE0136C3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {EB40A247-61B8-4371-9B80-BEDE52BDCC40} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2014-08-21] (Hewlett-Packard Company)
Task: {ECCB742C-DEC4-4A1F-B365-8874201FA72C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-28] (Google Inc.)
Task: {F1E495A8-8D71-442B-A66D-D78D2EE0F139} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {F2496D86-7066-41A8-9D4C-BF9642F1F41A} - System32\Tasks\HPCeeScheduleForPeter => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F5F19E5A-E087-4A8B-A595-73EF50BBF9F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {F87B506A-B99C-47D1-A63D-C7358D7B5AF4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {FB7AE8AC-820B-4A67-928C-1D23679385E8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPeter.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-06-01 18:52 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-07-18 17:04 - 2011-07-18 17:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-22 11:31 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Peter\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-22 11:31 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Peter\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-05-14 15:52 - 2015-05-05 00:06 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Peter\Downloads\autodetectutility.exe:BDU
AlternateDataStreams: C:\Users\Peter\Downloads\avg_free_stb_all_5863p1_177.exe:BDU
AlternateDataStreams: C:\Users\Peter\Downloads\instspeedfan451.exe:BDU
AlternateDataStreams: C:\Users\Peter\Downloads\Shockwave_Installer_Slim.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254 - 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{501F0C05-3D97-4A46-B43C-81166CD19EAF}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{6E84D328-0E1F-4D12-A807-8249D9E41D26}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{BA598A71-7563-4927-B102-F80EA043BEDA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{89A79717-2C2C-494E-83D1-C9AB4A8C590D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{C8A2FFE6-A367-45DA-BEAD-CC0A797DA5E9}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{9BF6ABBE-DDD2-4CC3-B092-92EE90067087}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{E63B82C0-06D7-4859-94DE-DEAD061A9A2A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{26EE81B6-FDAB-4728-AA2D-193C8714DD98}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{FEB40FD7-54A2-4A64-91E1-5AD84E14A99F}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{68C64B37-24D8-438A-8B2E-E6AA11D3BC60}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{D9D717B1-0ECA-41C7-9130-5AC3B89BEA56}] => (Allow) LPort=7000
FirewallRules: [{B95B4C1A-FBB7-4F10-A743-5323B3BB9DFA}] => (Allow) LPort=7000
FirewallRules: [{422D9D72-E6E3-4CE9-AB16-654E7B63BBEC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0177C94-A797-4998-916E-06665E685917}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B3675E35-3FFD-4290-BC1D-3D06B4154BE2}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1182637-B92A-4CBA-BF62-DAA9DA0B1A02}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{FD6E309C-AD7F-41AE-B0F5-4E4E251747E1}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{B7625673-DDD0-4A60-93FF-1F94A8189309}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [TCP Query User{4692D4B0-595B-41A8-A3F8-F3CA900B7FEB}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6F55E546-8498-4DD5-B014-E26560B64F8C}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{986D73B9-C832-4AC7-9A19-78C6BB395A98}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{F6B2B996-86D1-4578-B68A-09A4E26E1C5E}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{972C267E-7713-47AA-9938-C7BE56211758}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{04D8B14F-21FC-459A-87A7-DC046B646371}] => (Allow) LPort=2869
FirewallRules: [{2520A708-3E74-4322-9ADD-11FD6E823B93}] => (Allow) LPort=1900
FirewallRules: [{EFFA31A4-3319-49BA-9A3E-0C56A166B4F8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5A273C41-A54A-4C1D-8DC1-FCB7D8792355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe
FirewallRules: [{8C44E036-A815-48F1-9C48-2BD93A3315D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe
FirewallRules: [{1D2F7634-C965-454E-A901-CFE962089BF4}] => (Allow) C:\Users\Peter\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9D488809-2EEA-4C40-A855-4DABD633DF45}] => (Allow) C:\Users\Peter\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{CE09DF72-A9AC-4F2C-9751-C74C8AB33AE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hammerfight\Hammerfight.exe
FirewallRules: [{6ABC98F9-7DAB-4D21-A4B3-0A303D297D20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hammerfight\Hammerfight.exe
FirewallRules: [{0DC07AE7-2D44-4802-A086-5D4A118E6E7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\machinarium\machinarium.exe
FirewallRules: [{F719A091-148E-4D84-A64F-F0270FC6ACBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\machinarium\machinarium.exe
FirewallRules: [{5B5730F6-791C-43E4-890B-FB9D01B05180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crayon physics deluxe\launcher.exe
FirewallRules: [{48C7600A-ECFE-4AED-8C92-3233391BF3E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crayon physics deluxe\launcher.exe
FirewallRules: [{8068AA6A-10E6-4F0C-B143-2F21454CC25F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of goo\WorldOfGoo.exe
FirewallRules: [{D4161CB8-1E38-44F0-8585-E03B3380AECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of goo\WorldOfGoo.exe
FirewallRules: [{01064E20-CC6D-4890-940F-E2E8E6DD630E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\osmos\osmos.exe
FirewallRules: [{696F8076-982F-4A5F-98CE-BF8494AECFEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\osmos\osmos.exe
FirewallRules: [TCP Query User{EC9DBBF6-C690-4B47-9727-9E8CC98925DB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{85232D90-EDC4-435D-AFA0-2D568F436F51}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{AC7725A7-5D28-4964-A34E-7ADBEAB90717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\cogs\cogs.exe
FirewallRules: [{646F058E-D753-43EE-AB5D-9B9A6303E185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\cogs\cogs.exe
FirewallRules: [{6D177E75-421E-4CA6-A59A-B32E29DB2428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{9B62613B-E57B-48BE-8C5B-DA1FBB64E90E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{F8C6F791-F00E-40FC-9029-58B9480EB23C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\SonicGenerations.exe
FirewallRules: [{85F2AE0E-77F7-4362-A044-06BD979C7BAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\SonicGenerations.exe
FirewallRules: [{56321E63-A0F7-4683-897B-19EC91C7C6D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\ConfigurationTool.exe
FirewallRules: [{1ED8F82C-211F-4BF6-B01A-4E84D0DD86D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\ConfigurationTool.exe
FirewallRules: [{C8BC29D3-DE78-49EC-B11A-5D1E023DD482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\revenge of the titans\RevengeOfTheTitans.exe
FirewallRules: [{ECD2AEC5-6426-4CDC-9AAC-4A59BB35166E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\revenge of the titans\RevengeOfTheTitans.exe
FirewallRules: [{C359A5F5-37C4-45A8-91D6-989F57A5AAA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1077F442-A18F-40D6-88A4-98F7DD0F776C}C:\program files (x86)\pidgin\pidgin.exe] => (Block) C:\program files (x86)\pidgin\pidgin.exe
FirewallRules: [UDP Query User{7177C182-D4C5-402B-8177-B20EC00E4888}C:\program files (x86)\pidgin\pidgin.exe] => (Block) C:\program files (x86)\pidgin\pidgin.exe
FirewallRules: [TCP Query User{8B1349D4-2712-42EF-88FD-3A90D3928ECA}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{AC7A49CD-7F4B-49E4-A6F2-F5BD4CF08F0E}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{4E872EBB-C6F9-4FAF-83F3-392350604373}C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe
FirewallRules: [UDP Query User{8711A73E-3BBD-435F-928C-ADF8D7826A8E}C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe
FirewallRules: [{E09B7580-D657-4002-A718-6A3A9B0C39CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\qube\Binaries\Win32\QUBE.exe
FirewallRules: [{2EA2D95B-82A3-42F1-933E-68B45F1A8E35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\qube\Binaries\Win32\QUBE.exe
FirewallRules: [{537C48DC-3DAD-4C22-B9BF-AE770F086234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{8A1907B4-810D-4F22-A562-B2FBEA79B2A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{76D54450-F3D9-47D4-9B64-7070AAA006FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E6E31559-55A0-43B9-BEF8-8D40953012E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{ACB54A1C-5F7B-4E35-9293-BDFF00F886EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{60E7EAC0-8978-48F3-9DC5-C1C7D97B41C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{B113AC50-7457-44C5-BB20-38FE42AD98EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{9A6E14F3-62B5-419A-A67F-2B0ED8FE2DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{FB4A3BC8-C610-43A1-9E7F-6298BAB060B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\steelstorm.exe
FirewallRules: [{69BFB3E4-26D5-493B-9045-19B537AB4EBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\steelstorm.exe
FirewallRules: [{C6A9C472-2B3C-42D8-AD10-E5556E1212B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe
FirewallRules: [{1C3E21E5-2FD2-4A78-9E8B-F3DC9399C2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe
FirewallRules: [{690BC3AF-07C3-4B12-80B1-E1159D974EF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\l.a.noire\LANLauncher.exe
FirewallRules: [{73F3D988-78BB-420E-8687-C70BA8DACA15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\l.a.noire\LANLauncher.exe
FirewallRules: [{91F2448F-D04E-4757-864F-1A71DBBF19A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dear esther\dearesther.exe
FirewallRules: [{0E3AF05F-4AF4-4414-8849-3768DD250495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dear esther\dearesther.exe
FirewallRules: [{157764AE-3910-4DAE-BA40-B20C0ACAE03F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe
FirewallRules: [{F7A3EE7D-B3BC-4289-87A6-79BB8CE953D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe
FirewallRules: [{3EBE6C5F-090B-4129-A4A0-F25BB22160BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\limbo\limbo.exe
FirewallRules: [{E64CE48F-98BB-454D-AD61-13CA52347095}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\limbo\limbo.exe
FirewallRules: [{79E1279A-DD6F-49BD-A6AE-8CC86FDD2CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sega classics\SEGAGenesisClassics.exe
FirewallRules: [{D3BED4C2-A601-47D4-85A4-DC14C6EE451E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sega classics\SEGAGenesisClassics.exe
FirewallRules: [{C2C37532-5245-434C-8F2E-D5689E3CF678}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\trine_launcher.exe
FirewallRules: [{52C526BF-6A9A-4650-8D02-ECECA5287D3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\trine_launcher.exe
FirewallRules: [{B2510FF3-9CAE-4579-8B5C-DA883962C300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bastion\Bastion.exe
FirewallRules: [{B52DB8C6-9B3D-4500-AE9F-6E900493C64E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bastion\Bastion.exe
FirewallRules: [{E0A9F5A6-59F1-42BD-96E7-CA14BC687B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{705E9872-77FE-4C5D-BE96-84F3ADBC3A24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{64D1919E-52B7-4B77-BA95-29E4AA8A48A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{224B23BC-E902-4B2F-BB15-1C2D66951DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{F55B756F-4DA6-4891-8E44-24F3001E8779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Episode 1\Hector101.exe
FirewallRules: [{09326825-2336-413B-A060-0527C8442D8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Episode 1\Hector101.exe
FirewallRules: [{1CB45A08-481C-4747-9E5F-C618380AE4D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent 2\Grickle102.exe
FirewallRules: [{D429F595-1677-4086-9AF6-0D51FE018464}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent 2\Grickle102.exe
FirewallRules: [{05F5668E-65BB-4C2B-A8B5-125B86E75D65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe
FirewallRules: [{6C746F96-1510-49D8-B182-FA2320B1A985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe
FirewallRules: [{C01DD522-1F97-42D1-9F15-1E0E3CCEA807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{C9001DAC-D77B-4646-8D06-D84C64E5004D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{8EB91E52-A789-4A1F-BA40-4E1EC1F9C11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent\Grickle101.exe
FirewallRules: [{B8455C02-86E6-4055-A402-25D5C917755E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent\Grickle101.exe
FirewallRules: [{8F7AD2B1-8BCA-4059-BDA1-90A6F859B353}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sam and Max 301\SamMax301.exe
FirewallRules: [{2A13C7F7-C4A9-48FF-A50A-B7BA9DA235EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sam and Max 301\SamMax301.exe
FirewallRules: [{3CF3DD83-9BB7-425F-99B7-15357649DC02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallace and Gromit Ep1\WallaceGromit101.exe
FirewallRules: [{8CE0E48F-CB86-492D-B7A8-2986459145F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallace and Gromit Ep1\WallaceGromit101.exe
FirewallRules: [{0A0399DE-4C2F-4913-BDB3-271703A0A1B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{973DAEFD-33ED-432C-9CA8-B49096E39C4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{8A9A80F1-77F0-480F-8264-F2E8C90946F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C889D9F3-0D8D-4C8B-AEC6-7E8F83DE7473}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C8239CEF-6E78-4CFA-8911-8EC2AD6E009C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capsized\Capsized.exe
FirewallRules: [{C594626C-6580-4C48-8092-73DD205F69D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capsized\Capsized.exe
FirewallRules: [{F4371905-44F5-4308-ADAF-B143F92EDA9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{22DA661B-E603-4C40-AF38-1BD8283314F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{8DAAB0A4-006E-4907-9D42-74CCA473FF24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intrusion 2\intrusion2.exe
FirewallRules: [{4F3077C1-5A9A-482A-80B1-F5F723B0C872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intrusion 2\intrusion2.exe
FirewallRules: [{450D1D96-48ED-4168-ABBE-59DE51008DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TinyAndBig\tinyandbig.exe
FirewallRules: [{0D88C8F3-A55A-47C3-B823-0AAB2D4775E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TinyAndBig\tinyandbig.exe
FirewallRules: [{10021C6E-810E-48ED-AAD3-0B0CDF5978A3}] => (Allow) C:\Users\Peter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3CF098A1-200D-427B-82F1-9612D92817C2}] => (Allow) C:\Users\Peter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{21511C58-A143-40C9-95BA-38E0E078B82C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{AA18FF54-0AA6-41D5-9E7A-A9501E828E37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{C28A6B37-03CC-43D6-8EA4-9209649A1D74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{C24F0433-F6F6-4755-80E9-592499A8EA24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{1AAD1BE0-1233-440E-B26A-E6A6E69CD361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{1011FE42-B9BB-46D8-B6AB-FEC35FF5A2D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{486E6E01-9F50-4041-A451-3BABE7340BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{93555B09-B6A1-4BCF-8A74-D4E046EB459A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{2BD02401-4669-45F5-971B-7BC3E3CFE128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A6AFE6C4-BDCD-403F-AB9F-C92470B7D341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{46873CC9-3D08-4BE3-A993-9D4B3CFE5965}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oil Rush\launcher_steam.bat
FirewallRules: [{905B613B-EA4F-4445-B298-EFBF65402ACA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oil Rush\launcher_steam.bat
FirewallRules: [{B3D4E866-CEE9-424D-8DEA-B9B6D2FB4977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{088C5430-4966-4387-BB14-D14F574B9FB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{239DACFA-B421-47D4-9ECF-DEE8EA08FC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{221DA49E-1BBB-46F5-A87B-62231B3EFB11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{25FF8CB6-D6DE-44C5-97F3-1A9B857D1D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{A8E3173D-BCC8-43BA-BFE6-F3378583F5A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{06A00467-8C9A-497D-952F-10EE4EE13D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{199DE7E3-419C-4961-A697-87FB709C716B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{32233F3A-CB2D-4E13-AF30-B0DC8731A347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome.exe
FirewallRules: [{F064B9F1-4637-480B-9BBD-FACF66D25C9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome.exe
FirewallRules: [{75BEE23C-27FD-418F-8644-67AD615A78C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{268BE7AA-178C-49F5-9348-E41635D03EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{6E304529-B845-4BCB-A4DF-09268583BC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{8185E49A-B771-4CA8-ABA8-7C521C25E092}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [TCP Query User{16F9307B-5BD8-4A89-BBDD-5A314D74B452}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{FC29F407-A940-4410-BCA5-F78116F4FAA0}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{AC086C5C-EF91-45D2-A52A-840B60AC44F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{39D26B67-C760-4EE3-9446-FBFD48F4CC2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{81B35C6D-902D-412B-8952-32B000C21ECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{55C2E05B-5F02-4269-A86B-46FAF3B6C345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{660BED04-A3F7-4D18-B9C4-F613091E73A4}C:\program files (x86)\plex home theater\plex home theater.exe] => (Allow) C:\program files (x86)\plex home theater\plex home theater.exe
FirewallRules: [UDP Query User{6B0E2D8E-89C7-4AAC-B33C-48BB90D2066A}C:\program files (x86)\plex home theater\plex home theater.exe] => (Allow) C:\program files (x86)\plex home theater\plex home theater.exe
FirewallRules: [{F439FFDE-D21B-483B-91E9-3551AC412784}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2F2CB35F-B920-417E-BFB9-17B2B7361344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8EC4B592-B90B-40CC-B5E4-885E93BAD90F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe
FirewallRules: [{6CDF4578-DB49-4DB6-8A96-2343AB513E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe
FirewallRules: [{6EB8061C-842B-474E-A5F3-60A178B1F285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{50534EB5-C0DF-4B6B-8F9C-4539FFA9C798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D7E225BA-852C-40B8-A838-56A1915E71BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F67C4387-72D2-4CC2-B573-6750ACCB355D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1EDC187D-EF1E-4A20-BBC9-CE3485EE29EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{4468D44B-8AD6-4E82-8ACF-533AD26C5E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{BDDE5606-906B-49DE-A9F4-BCE21B829A26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{7D4CAABA-549E-42DD-9049-D67482A7B43A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{C12A2F4B-EC56-4DC8-8A04-23F401DC7F4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D46EB859-2D1C-4B07-B9BA-A41216AD679D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{64A14097-880C-489B-8F08-B74D3772BED9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{CF9E1575-3886-44FF-841C-9E7BE1F29B63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8785C405-C7A2-4781-B365-68BC3ED83E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{78F1A644-9248-420F-8F4C-7BF8AD3C5045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{26071C2A-DD56-48B4-B5C9-1A0CA53C2B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2446DCA9-257A-4CF5-9FD8-50E2F7A48526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{884C0D55-AE60-4EEF-8DA0-42298D968538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{683747C5-AB16-40D5-ADAF-EF913A4F0D75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C9C82C7B-92E6-4779-9652-C7DA00AFB5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2D0C0647-4420-4BC6-BBAA-9C9D436E8838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{AE429EF3-6ED3-448B-9ECE-FD23D529B3F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BD8FF2E9-C579-4544-8E8C-346366803F45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{DDD0EF8E-CB2A-4065-A722-C0FF5FD5A591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1B3AE1AA-9BA9-46E2-8366-F38149F3DDDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C60E3906-6482-440D-9B5B-3E3D340BD17A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7EFF4EAE-9DFB-431E-B543-82A7B5EA8B6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{42EC6781-8AA6-4897-8987-9572BFDFAFDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{09CF74AA-73EB-4971-9BE1-3225886B6FEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{CA5D1415-3049-4138-B2DF-94EB1717B10D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{6F2032E5-3D09-47E1-AAA1-042A1FA3F448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{97C241D6-D0D5-4902-8E39-CC863DFC3AEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{83823976-CF9B-4FF8-8EF7-BA64B048FB12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{70E3B109-97D1-429E-924E-4B678F4D3A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{8CE17779-8717-4407-99FA-81A14042305A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{BD8316EE-5A3D-4160-8348-5E4A9C5E07A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{408F3827-F922-415D-9A55-216A329EBECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{B5196823-A46D-4300-8920-D1CEB23AE81D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{A55285E9-CA45-4A9A-B734-5660AF0E7689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4B8809D0-6891-4F4D-8E5F-DB0E42D25F7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D79806FE-A0F3-4DB5-BD54-C15B443A9010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{575B7859-F2AB-471F-B73A-2BF87BC0A421}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{509E82C0-C499-4374-88E0-C2C70FEEC134}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{B2955985-009F-4890-A4BB-A4E8EA9DEA7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{6E331E7A-B88A-49CB-B243-E0D583312510}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{A235009B-9C2E-4699-B378-8B0378F60175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{395816D8-F9A6-4BA3-8A1F-8EC5943D1CED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{662E6834-BFA0-447D-B5FF-6DCF0DF022EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{81126081-0A0B-4F69-BEE6-5F98FEAA4F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{15734349-FAE2-40EC-AF55-C23902D08878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{FC2CC6A8-C1E4-4228-A430-8457614E89B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3E941089-A9E0-410B-87ED-5900BF61C3B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E80E87F0-AADE-4D3A-B2AE-2799FE161B6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B22FBF26-CFEE-4F65-9A0E-98FB0215503E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D431F6D1-1BA9-43F5-9A91-547EE1CE38F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{ED421EFB-7BDA-4ED0-BCAA-DD5A41C47833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{EDA90B45-1A5F-499D-907F-39129195969F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{57DB0720-AED5-496D-8B50-501C0BEBF58A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bittriprunner2\runner2.exe
FirewallRules: [{F253598D-71F8-4566-BD85-BEC29DD98775}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bittriprunner2\runner2.exe
FirewallRules: [{DCD4829E-02C9-4DD4-A305-2F2E73C629EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{16B2881A-90F9-4439-8AE2-55D303563FA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{A855A93F-AE34-468D-845D-C0F5AD17ACD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F6334D4C-AB25-4814-AA4B-F845EAA4DEA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1C219A35-F924-471A-972C-EAB5BBD69BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\SteamLauncher.exe
FirewallRules: [{A4BFD9BE-5D82-4314-ADF4-C257F4002F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\SteamLauncher.exe
FirewallRules: [{6142541D-533A-4D1E-B5AF-1A8695DAB163}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Botanicula\Botanicula.exe
FirewallRules: [{21040C72-26FB-4EBF-93DC-4382D2A4FEC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Botanicula\Botanicula.exe
FirewallRules: [{85A7AF7A-CDB6-4AE3-8DD8-7AE071941CE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\braid\braid.exe
FirewallRules: [{35B57290-1945-47DB-96D6-40A189FE2651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\braid\braid.exe
FirewallRules: [{59042924-796D-4F88-B378-E8D527188CBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{C7EBA62D-3028-4559-9214-9CF8952D4DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{169CECAD-4B2D-4662-BA49-4C9E7128E35D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{64DF5258-2EB4-4B3F-8082-3EF2DEDE2230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{58A50821-9123-41DF-8346-AD40DB281721}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C94BE445-43EE-4EE5-B43A-7B8A605E9BA2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51A08203-AD38-439B-8BA5-4656F9933850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Receiver\Receiver.exe
FirewallRules: [{08AC485A-5E24-44AA-8BEA-0EB116758E1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Receiver\Receiver.exe
FirewallRules: [{09100281-BF1A-483F-952E-3EAA04866B90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome_DirectToRift.exe
FirewallRules: [{ABA3F75C-1C01-4A99-B0D5-26622683BDAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome_DirectToRift.exe
FirewallRules: [{52F89FAF-A252-4AF9-96F3-A243388BF7F1}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{0B51D510-FD16-4BA2-8067-11A9846052AE}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{862984A6-3A92-4346-BE93-F34722B28EF3}] => (Allow) C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [{0B9A5544-72B9-49F0-9BA5-874BFCB50AE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{84A7219D-ED7C-4CFB-B915-4490A7DC2762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{D301F82A-9E09-43BB-B6CB-67150C1AD749}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{84DD6C37-C702-4D16-9C1F-30B6E738754B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{6AABEA52-4484-439A-8EA7-30C55D477865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElegyForADeadWorld\Elegy.exe
FirewallRules: [{7EA7216B-1278-4F6A-A226-1FE520A8123E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElegyForADeadWorld\Elegy.exe
FirewallRules: [{74869DCA-D09F-4215-9A3F-FA2145A19CBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_gold\THIEF.EXE
FirewallRules: [{2245CA41-D96C-4120-89B3-4EE20AA43136}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_gold\THIEF.EXE
FirewallRules: [{2297132D-B153-44D9-BFB7-2EE5E23476BF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3ACA1737-6337-40A6-A121-B44F55D8667B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DE91550-C486-4B3C-B4E9-A31647ED2634}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\Catan.exe
FirewallRules: [{3F871A7B-AC91-4A1C-9B72-566525D4F286}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\Catan.exe
FirewallRules: [{6700D101-210A-450C-B8E9-8DAA239413D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\CatanEdit.exe
FirewallRules: [{33574749-6B23-46C7-B3B7-C758796BD5AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\CatanEdit.exe
FirewallRules: [{41E710A3-CA3A-45BD-9EB8-ABBE70BD6DC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{E263344D-B4B4-4447-A039-CEB54194BA98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{69981E99-64B4-4A81-B152-80CFDEF24E66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{D1A2B0B9-30C2-4F0A-8D79-28EFA725C4C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{FA2E928D-6177-4822-8CA8-26E33F2E2238}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{78077739-0A6A-464E-8465-1286D8D54B22}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{1852F306-68DF-4BF0-BFC7-43A130F21BCA}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{8DEDCA2C-2290-4E01-BAB6-6E936B7C66A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{3AEBE91F-2E21-4B04-951E-DFFE99E3C296}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{0516D4BD-53A1-4347-B4CE-24F944B64A22}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A76D8FC7-D109-4BE0-810F-E620F28893A7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{3A7F87D0-4530-447A-94B2-292979D6836E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{04BDD35A-9B36-4A1E-B9A5-48B34A68F10D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{57D6EA5E-7312-42B4-8433-BD6E6FCFEB86}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8FCEA87B-5485-4905-A791-6CEBB07A2143}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{F8805577-BD20-4977-B921-B4C5A64F7B46}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{DD3AE237-9A99-4DB3-90B5-C66E272E879A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B6F38703-A794-465C-A4C7-EE71BEEA2669}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/16/2015 02:53:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x165c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/16/2015 02:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x13a8
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/16/2015 02:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Nv2-PC.exe, version: 11.1.102.55, time stamp: 0x4eaf85a8
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8808
Exception code: 0xc0000005
Fault offset: 0x000332d0
Faulting process id: 0x1508
Faulting application start time: 0xNv2-PC.exe0
Faulting application path: Nv2-PC.exe1
Faulting module path: Nv2-PC.exe2
Report Id: Nv2-PC.exe3
 
Error: (05/15/2015 11:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x45c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/14/2015 00:05:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Nv2-PC.exe, version: 11.1.102.55, time stamp: 0x4eaf85a8
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8808
Exception code: 0xc0000005
Fault offset: 0x00033e34
Faulting process id: 0xd84
Faulting application start time: 0xNv2-PC.exe0
Faulting application path: Nv2-PC.exe1
Faulting module path: Nv2-PC.exe2
Report Id: Nv2-PC.exe3
 
Error: (05/13/2015 04:03:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPSF.exe, version: 7.7.34.34, time stamp: 0x53f66fe0
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x126c
Faulting application start time: 0xHPSF.exe0
Faulting application path: HPSF.exe1
Faulting module path: HPSF.exe2
Report Id: HPSF.exe3
 
Error: (05/13/2015 03:44:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPSF.exe, version: 7.7.34.34, time stamp: 0x53f66fe0
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x5b0
Faulting application start time: 0xHPSF.exe0
Faulting application path: HPSF.exe1
Faulting module path: HPSF.exe2
Report Id: HPSF.exe3
 
Error: (05/13/2015 01:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x3c4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (05/13/2015 01:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0xd04
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/12/2015 06:00:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b864
Exception code: 0xc0000374
Fault offset: 0x00000000000bf922
Faulting process id: 0x12ac
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
 
System errors:
=============
Error: (05/16/2015 02:42:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Architect Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Architect Helper Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DirMngr service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/16/2015 02:53:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22165c01d090098e57e90fC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dllcd51b496-fbfc-11e4-83b1-7071bc452443
 
Error: (05/16/2015 02:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc2213a801d09006f7169c55C:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll36687ac5-fbfa-11e4-83b1-7071bc452443
 
Error: (05/16/2015 02:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nv2-PC.exe11.1.102.554eaf85a8ntdll.dll6.1.7601.18839553e8808c0000005000332d0150801d09006a0a052fdC:\Users\Peter\Desktop\Nv2-PC.exeC:\Windows\SysWOW64\ntdll.dlle2e74e15-fbf9-11e4-83b1-7071bc452443
 
Error: (05/15/2015 11:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc2245c01d08f89171a600aC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll5569f3b6-fb7c-11e4-aa6e-7071bc452443
 
Error: (05/14/2015 00:05:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nv2-PC.exe11.1.102.554eaf85a8ntdll.dll6.1.7601.18839553e8808c000000500033e34d8401d08dfb37653bd8C:\Users\Peter\Desktop\Nv2-PC.exeC:\Windows\SysWOW64\ntdll.dll76aaf2ee-f9ee-11e4-aa6e-7071bc452443
 
Error: (05/13/2015 04:03:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPSF.exe7.7.34.3453f66fe0ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22126c01d08db7d5f81993C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeC:\Windows\SYSTEM32\ntdll.dll1583190b-f9ab-11e4-aa6e-7071bc452443
 
Error: (05/13/2015 03:44:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPSF.exe7.7.34.3453f66fe0ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc225b001d08db5288f7f4eC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeC:\Windows\SYSTEM32\ntdll.dll68a48e95-f9a8-11e4-aa6e-7071bc452443
 
Error: (05/13/2015 01:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc223c401d08da465070ab8C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll62617eb7-f998-11e4-aa6e-7071bc452443
 
Error: (05/13/2015 01:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22d0401d08da4af4ebb18C:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dllf2e2cfc6-f997-11e4-aa6e-7071bc452443
 
Error: (05/12/2015 06:00:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.187985507b864c000037400000000000bf92212ac01d08cff14bb555bC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll52a82562-f8f2-11e4-a47a-7071bc452443
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-08 11:10:44.201
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-08 11:10:44.108
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 40%
Total physical RAM: 6143.18 MB
Available physical RAM: 3663.55 MB
Total Pagefile: 12284.57 MB
Available Pagefile: 9338.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.04 GB) (Free:232.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.37 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3E57528F)
Partition 1: (Active) - (Size=106 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#9 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:01 PM

Posted 16 May 2015 - 02:35 PM

Hello shma,

it is too early to say if it is malware or not!
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt

 
start
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {33CB8A43-F152-4AF2-B0F6-301056A88AC1} URL = http://www.altavista.com/web/results?itag=ody&q={searchTerms}&kgs=1&kls=0
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.


***


FRST / FSRT64: run it again.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 16 May 2015 - 03:01 PM

Hi Jo, the script has cleared my browser history. Please let me know in the future if any script will do this. 

 

Here are the logs you requested:

 

Fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by Peter at 2015-05-16 15:39:40 Run:1
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available profiles: Peter)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000 -> {33CB8A43-F152-4AF2-B0F6-301056A88AC1} URL = http://www.altavista.com/web/results?itag=ody&q={searchTerms}&kgs=1&kls=0
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33CB8A43-F152-4AF2-B0F6-301056A88AC1}" => Key deleted successfully.
HKCR\CLSID\{33CB8A43-F152-4AF2-B0F6-301056A88AC1} => Key not found. 
EmptyTemp: => Removed 6.9 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 15:44:57 ====
 
FRST
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Peter (administrator) on PAUSE on 16-05-2015 15:50:41
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available profiles: Peter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [3331944 2009-12-03] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-10] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [PCDrProfiler] => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [89584 2010-01-19] (PC-Doctor, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-14] (Valve Corporation)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5127304 2014-11-20] (Plex, Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Run: [Google Update] => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\FIREPL~1.SCR
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {CCF9D996-4464-4C72-B5ED-589F32081CA9} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
DPF: HKLM-x32 {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default
FF DefaultSearchEngine.US: Google
FF Homepage: google.ca
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @talk.google.com/O1DPlugin -> C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2948383268-4287108767-1354885317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Peter\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\IMDb.xml [2008-07-23]
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\searchplugins\webster.xml [2008-07-23]
FF Extension: Canadian English Dictionary - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\en-CA@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: Dictionnaires français - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2015-03-15]
FF Extension: HerpDerp - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\jid0-Iix25kwA6rvhf6Tw5M2NpHRlXvo@jetpack [2012-02-07]
FF Extension: Forecastfox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-10-31]
FF Extension: ColorfulTabs - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-06]
FF Extension: All-in-One Gestures - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-05-26]
FF Extension: Memory Fox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2011-11-27]
FF Extension: Color toggle - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\background@toggle.wtf.xpi [2011-06-01]
FF Extension: DivX Web Player - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-07-11]
FF Extension: Memory Restart - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\memoryrestart@teamextension.com.xpi [2011-09-25]
FF Extension: Restart Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\restart@restart.org.xpi [2011-06-01]
FF Extension: Rotate Image - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\rotateimage@minisystems.de.xpi [2012-06-05]
FF Extension: Google Translator for Firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\translator@zoli.bod.xpi [2012-04-05]
FF Extension: Copy As Plain Text - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1a5dabbd-0e74-41da-b532-a364bb552cab}.xpi [2012-06-21]
FF Extension: Nuke Anything Enhanced - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2011-06-01]
FF Extension: oldbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}.xpi [2011-06-01]
FF Extension: Boomerang for GMail - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2011-09-25]
FF Extension: YouTube High Definition - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-09]
FF Extension: Hide Tabbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}.xpi [2011-06-01]
FF Extension: Showcase - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-06-01]
FF Extension: Modify Headers - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-01-15]
FF Extension: CoolPreviews - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2011-06-17]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-01]
FF Extension: Download Statusbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-10-27]
FF Extension: Greasemonkey - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: GmailTeX - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\Extensions\{f17a9732-1eaa-4383-a590-afa38cf9c22a}.xpi [2012-02-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-03-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-09]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-26]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-28]
CHR Extension: (Dynamite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\djoedchmhkmbnkggjnbachnpikkabfhk [2013-10-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-09]
CHR Extension: (HTTPS Everywhere) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-06-25]
CHR Extension: (Bookmark Manager) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (ModHeader) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2014-11-20]
CHR Extension: (Mymail-Crypt for Gmail™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcaobjhdnlpmopmjhijplpjhlplfkhba [2014-11-22]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2015-02-20]
CHR Extension: (Your Quality for YouTube™) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfcilgimggemnogfigihdkmapdhhlbph [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-16 15:50 - 2015-05-16 15:53 - 00029243 _____ () C:\Users\Peter\Desktop\FRST.txt
2015-05-16 15:21 - 2015-05-16 15:22 - 00019491 _____ () C:\Users\Peter\Downloads\The Immigrant (2013) [1080p] YIFY - YTS.torrent
2015-05-16 14:54 - 2015-05-16 14:54 - 00000000 ____D () C:\Users\Peter\Desktop\FRST-OlderVersion
2015-05-16 14:41 - 2015-05-16 14:41 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PAUSE-Windows-7-Home-Premium-(64-bit).dat
2015-05-16 14:41 - 2015-05-16 14:41 - 00000000 ____D () C:\RegBackup
2015-05-16 14:38 - 2015-05-16 14:39 - 02719698 _____ (Thisisu) C:\Users\Peter\Desktop\JRT.exe
2015-05-15 23:30 - 2015-05-16 14:26 - 00000000 ____D () C:\AdwCleaner
2015-05-15 23:29 - 2015-05-15 23:29 - 02209792 _____ () C:\Users\Peter\Desktop\adwcleaner_4.204.exe
2015-05-15 17:13 - 2015-05-15 17:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-15 17:12 - 2015-05-15 17:49 - 00000000 ____D () C:\Users\Peter\Desktop\mbar
2015-05-15 17:10 - 2015-05-15 17:10 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Peter\Downloads\mbar-1.09.1.1004.exe
2015-05-15 11:30 - 2015-05-15 11:30 - 00000884 _____ () C:\Users\Peter\Desktop\checkup.txt
2015-05-15 10:47 - 2015-05-15 10:47 - 00852630 _____ () C:\Users\Peter\Desktop\SecurityCheck.exe
2015-05-14 09:32 - 2015-05-14 09:32 - 00003058 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0415av_RUN
2015-05-13 13:38 - 2015-05-16 15:46 - 00000022 _____ () C:\Windows\S.dirmngr
2015-05-13 11:36 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:36 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:27 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 11:27 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 11:27 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 11:27 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 11:27 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 11:27 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 11:27 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 11:27 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 11:27 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 11:27 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 11:27 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 11:27 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 11:27 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 11:27 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 11:27 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 11:27 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 11:27 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 11:27 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 11:27 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 11:27 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 11:27 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 11:27 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 11:27 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 11:27 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 11:27 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 11:27 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 11:27 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 11:27 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 11:27 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 11:27 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 11:27 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 11:27 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 11:27 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 11:27 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 11:27 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 11:27 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 11:27 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 11:27 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 11:27 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 11:27 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 11:27 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 11:27 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 11:27 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 11:27 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 11:27 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 11:27 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 11:27 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 11:27 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 11:27 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 11:27 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 11:27 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 11:27 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 11:27 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 11:27 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 11:27 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 11:27 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 11:27 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 11:27 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 11:27 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 11:27 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 11:27 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 11:27 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 11:27 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 11:27 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 11:27 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 11:26 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 11:26 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 11:26 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 11:26 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 11:26 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 11:26 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 11:26 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 11:26 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 11:26 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 11:26 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 11:26 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 11:26 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 11:26 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 11:26 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 11:26 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 11:26 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 11:26 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 11:26 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 11:26 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 11:26 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 11:26 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 11:26 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 11:26 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 11:26 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 11:26 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 11:26 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 11:26 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 11:26 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 11:26 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 11:26 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 11:25 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 11:25 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 11:25 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 11:25 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 11:25 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 11:25 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 11:25 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 11:25 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 11:25 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 11:25 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:57 - 2015-05-12 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2015-05-08 19:23 - 2015-05-16 15:50 - 00000000 ____D () C:\FRST
2015-05-08 19:21 - 2015-05-16 14:54 - 02107392 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2015-05-08 19:10 - 2015-05-08 19:10 - 05621999 _____ (Swearware) C:\Users\Peter\Desktop\ComboFix.exe
2015-05-08 15:10 - 2015-05-08 15:10 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-08 14:39 - 2015-05-08 14:44 - 00000000 ____D () C:\Users\Peter\Desktop\HDDScan-3.3
2015-05-08 14:39 - 2015-05-08 14:39 - 03822364 _____ () C:\Users\Peter\Downloads\HDDScan-3.3.zip
2015-05-08 13:39 - 2015-05-08 13:39 - 00000000 ____D () C:\ProgramData\ATI
2015-05-08 13:38 - 2015-05-08 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-05-08 13:37 - 2015-05-08 13:39 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-05-08 12:40 - 2015-05-08 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:40 - 00000000 ____D () C:\Program Files (x86)\GameSave Manager v3
2015-05-08 12:39 - 2015-05-08 12:39 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\GameSave Manager 3
2015-05-08 12:32 - 2015-05-08 12:39 - 00000000 ____D () C:\Program Files (x86)\GamSave
2015-05-08 12:32 - 2015-05-08 12:32 - 00000000 ____D () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0
2015-05-08 12:31 - 2015-05-08 12:31 - 07996936 _____ () C:\Users\Peter\Downloads\gs_mngr_v3.1.442.0.zip
2015-05-08 12:10 - 2015-05-08 12:10 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller (1).exe
2015-05-08 11:50 - 2015-05-08 11:50 - 00002628 _____ () C:\Users\Peter\Downloads\legitcheck.hta
2015-05-07 23:14 - 2015-05-07 23:14 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-07 23:14 - 2015-05-07 23:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-07 23:13 - 2015-05-07 23:13 - 06484352 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup505.exe
2015-05-07 20:49 - 2015-05-07 20:49 - 00052689 _____ () C:\Windows\SysWOW64\CCCInstall_201505072049055323.log
2015-05-07 17:59 - 2015-05-07 20:23 - 00035953 _____ () C:\Windows\system32\avgrep.txt
2015-05-07 17:19 - 2015-05-07 17:19 - 00000418 _____ () C:\Users\Peter\Desktop\PAUSE.txt
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-05-07 17:18 - 2015-05-07 17:18 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2015-05-07 17:17 - 2015-05-07 17:17 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Peter\Downloads\KeyFinderInstaller.exe
2015-05-07 12:33 - 2015-05-07 13:49 - 00000000 ____D () C:\Windows\pss
2015-05-07 08:42 - 2015-05-07 08:42 - 04787658 _____ () C:\Users\Peter\Downloads\Nv2-PC (1).zip
2015-05-07 08:42 - 2013-06-27 12:30 - 10821938 _____ (Adobe Systems, Inc.) C:\Users\Peter\Desktop\Nv2-PC.exe
2015-05-06 17:17 - 2015-05-06 17:17 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\AVG2015
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\TuneUp Software
2015-05-06 17:16 - 2015-05-06 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-06 17:15 - 2015-05-06 17:17 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-06 17:15 - 2015-05-06 17:15 - 00000000 ___HD () C:\$AVG
2015-05-06 17:14 - 2015-05-06 17:14 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-06 17:11 - 2015-05-06 17:11 - 00098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 00037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:10 - 2015-05-16 14:33 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-06 17:10 - 2015-05-06 17:19 - 00000000 ____D () C:\Users\Peter\AppData\Local\Avg2015
2015-05-06 17:10 - 2015-05-06 17:10 - 04818760 _____ (AVG Technologies) C:\Users\Peter\Downloads\avg_free_stb_all_5863p1_177.exe
2015-05-06 17:10 - 2015-05-06 17:10 - 00000000 ____D () C:\Users\Peter\AppData\Local\MFAData
2015-05-06 16:56 - 2015-05-06 16:56 - 00204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 00033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 00108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 00108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 00093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 00037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 00037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 15:05 - 2015-05-06 15:05 - 05008664 _____ (Adobe Systems Inc.) C:\Users\Peter\Downloads\Shockwave_Installer_Slim.exe
2015-05-06 11:15 - 2015-05-09 09:24 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-06 11:15 - 2015-05-06 15:21 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-05-06 11:15 - 2015-05-06 11:15 - 02218504 _____ () C:\Users\Peter\Downloads\instspeedfan451.exe
2015-05-06 11:15 - 2015-05-06 11:15 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2015-05-05 22:35 - 2015-05-07 20:49 - 00000000 ____D () C:\ProgramData\AMD
2015-05-05 22:35 - 2015-05-05 22:35 - 00053564 _____ () C:\Windows\SysWOW64\CCCInstall_201505052235052419.log
2015-05-05 22:35 - 2015-05-05 22:35 - 00000818 _____ () C:\Users\Peter\.recently-used.xbel
2015-05-05 22:32 - 2015-05-05 22:32 - 00018357 _____ () C:\Windows\SysWOW64\CCCInstall_201505052232275689.log
2015-05-05 22:28 - 2015-05-07 21:08 - 00000000 ____D () C:\Program Files\AMD
2015-05-05 22:28 - 2015-05-06 15:21 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-05-05 22:24 - 2015-05-05 22:24 - 00000000 ____D () C:\AMD
2015-05-05 22:18 - 2015-05-05 22:18 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Peter\Downloads\autodetectutility.exe
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-04-27 17:58 - 2015-04-27 17:58 - 00183333 _____ () C:\Users\Peter\Downloads\longtable.ps
2015-04-23 02:30 - 2015-04-30 19:28 - 00000000 ____D () C:\Users\Peter\Desktop\New folder
2015-04-23 02:28 - 2015-04-23 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2015-04-22 14:42 - 2015-04-22 14:42 - 00000000 ____D () C:\Program Files (x86)\DriverDetective
2015-04-16 09:41 - 2015-04-16 09:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 03:26 - 2015-04-16 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-16 15:53 - 2010-08-31 18:04 - 01245021 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 15:49 - 2011-06-01 17:35 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox
2015-05-16 15:49 - 2010-10-28 20:24 - 00000000 ___RD () C:\Users\Peter\Documents\My Dropbox
2015-05-16 15:47 - 2013-04-06 19:48 - 02998272 ___SH () C:\Users\Peter\Desktop\Thumbs.db
2015-05-16 15:46 - 2012-10-28 11:43 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-16 15:46 - 2011-06-01 08:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-16 15:46 - 2010-09-01 15:41 - 01473878 _____ () C:\Windows\PFRO.log
2015-05-16 15:46 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 15:46 - 2009-07-14 00:51 - 00108552 _____ () C:\Windows\setupact.log
2015-05-16 15:26 - 2011-08-03 23:36 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps
2015-05-16 15:26 - 2011-06-01 08:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Azureus
2015-05-16 15:16 - 2011-06-20 21:33 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA.job
2015-05-16 14:57 - 2012-10-28 11:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 14:39 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-16 14:39 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-16 14:31 - 2011-06-01 08:53 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe
2015-05-15 17:16 - 2011-06-20 21:33 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core.job
2015-05-15 17:13 - 2014-07-04 10:08 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-15 17:12 - 2014-07-04 10:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-15 17:11 - 2011-06-20 21:33 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA
2015-05-15 17:11 - 2011-06-20 21:33 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core
2015-05-15 10:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-13 19:35 - 2015-03-31 11:31 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPeter
2015-05-13 19:35 - 2015-03-31 11:31 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPeter.job
2015-05-13 14:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-05-13 13:46 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 13:38 - 2009-07-14 00:45 - 00392008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 13:34 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 13:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:33 - 2012-08-04 11:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 13:33 - 2012-08-04 11:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 11:52 - 2013-07-14 02:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 11:40 - 2011-06-01 14:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 11:36 - 2012-08-04 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 00:02 - 2011-06-01 19:11 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Audacity
2015-05-12 17:58 - 2010-08-31 18:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-12 17:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 17:52 - 2010-08-31 18:03 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-12 17:52 - 2010-08-31 18:01 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-05-12 17:50 - 2009-07-24 21:45 - 00000000 ____D () C:\swsetup
2015-05-12 17:47 - 2011-06-01 17:37 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-09 23:47 - 2015-01-14 01:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-09 23:46 - 2012-08-12 11:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-09 20:04 - 2011-06-01 22:14 - 00019968 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-08 16:36 - 2010-08-31 18:06 - 00000000 ____D () C:\Program Files\PC-Doctor for Windows
2015-05-08 15:10 - 2010-08-31 18:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-05-08 14:58 - 2011-05-31 21:54 - 00762015 _____ () C:\Windows\comsetup.log
2015-05-08 14:58 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-05-08 14:53 - 2011-05-31 21:30 - 00000000 ___DC () C:\Users\Peter\AppData\Local\MigWiz
2015-05-08 14:05 - 2011-06-18 15:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-08 12:24 - 2010-09-01 16:38 - 00000000 ____D () C:\ProgramData\Recovery
2015-05-07 23:14 - 2011-06-02 00:59 - 00000000 __SHD () C:\Users\Peter\UserData
2015-05-06 16:55 - 2015-03-26 21:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\QuickScan
2015-05-06 15:21 - 2015-04-05 03:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-06 15:21 - 2015-03-28 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-06 15:21 - 2011-05-31 20:44 - 00000000 ____D () C:\Users\Peter
2015-05-06 15:09 - 2012-10-28 11:45 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-06 15:09 - 2012-10-28 11:45 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-06 15:09 - 2011-05-31 21:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Adobe
2015-05-06 15:05 - 2012-03-11 18:31 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-05-06 15:05 - 2010-08-31 18:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-05 22:36 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconfd
2015-05-05 22:35 - 2012-06-12 15:53 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\gedit
2015-05-05 22:35 - 2012-06-12 15:52 - 00000000 ____D () C:\Users\Peter\.gconf
2015-05-04 10:36 - 2011-06-19 22:20 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-04 10:34 - 2011-06-26 17:07 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HP Support Assistant
2015-05-04 10:34 - 2011-06-01 21:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\HpUpdate
2015-04-29 15:35 - 2011-06-01 18:50 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-04-23 02:29 - 2013-12-05 19:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 23:35 - 2014-11-30 01:37 - 00537600 ___SH () C:\Users\Peter\Downloads\Thumbs.db
2015-04-22 11:47 - 2006-01-07 19:15 - 00000000 ____D () C:\Users\Peter\Desktop\Peter
2015-04-21 09:47 - 2011-06-01 18:20 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mozilla
2015-04-18 13:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 10:42 - 2013-12-05 20:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-16 09:41 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 03:29 - 2012-07-15 14:45 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 03:26 - 2011-12-30 16:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 03:26 - 2011-12-30 16:30 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2013-09-09 23:45 - 2013-09-09 09:21 - 0012005 _____ () C:\Users\Peter\AppData\Roaming\alsoft.ini
2011-09-30 18:32 - 2015-03-19 11:52 - 0000600 _____ () C:\Users\Peter\AppData\Roaming\winscp.rnd
2014-08-15 11:21 - 2015-01-16 00:12 - 0000118 _____ () C:\Users\Peter\AppData\Roaming\wklnhst.dat
2011-06-01 22:14 - 2015-05-09 20:04 - 0019968 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-14 19:39 - 2015-03-30 19:24 - 0000337 _____ () C:\Users\Peter\AppData\Local\Perfmon.PerfmonCfg
2012-05-14 19:34 - 2012-05-14 19:34 - 0007605 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2015-03-26 21:34 - 2015-03-26 21:34 - 0208060 _____ () C:\ProgramData\1427419862.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0037823 _____ () C:\ProgramData\1430944625.bdinstall.bin
2015-05-06 16:37 - 2015-05-06 16:37 - 0177041 _____ () C:\ProgramData\1430944628.bdinstall.bin
2015-05-06 16:46 - 2015-05-06 16:46 - 0037605 _____ () C:\ProgramData\1430945204.bdinstall.bin
2015-05-06 16:47 - 2015-05-06 16:47 - 0093642 _____ () C:\ProgramData\1430945206.bdinstall.bin
2015-05-06 16:48 - 2015-05-06 16:48 - 0108948 _____ () C:\ProgramData\1430945312.bdinstall.bin
2015-05-06 16:50 - 2015-05-06 16:50 - 0108617 _____ () C:\ProgramData\1430945375.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0108262 _____ () C:\ProgramData\1430945621.bdinstall.bin
2015-05-06 16:54 - 2015-05-06 16:54 - 0033277 _____ () C:\ProgramData\1430945673.bdinstall.bin
2015-05-06 16:56 - 2015-05-06 16:56 - 0204285 _____ () C:\ProgramData\1430945688.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0037823 _____ () C:\ProgramData\1430946687.bdinstall.bin
2015-05-06 17:11 - 2015-05-06 17:11 - 0098114 _____ () C:\ProgramData\1430946690.bdinstall.bin
2012-08-18 18:49 - 2012-08-18 18:49 - 0440503 _____ () C:\ProgramData\3Q9JXFJB.exe.bmp
2012-08-22 01:20 - 2012-08-22 01:20 - 0413879 _____ () C:\ProgramData\G70w7kgNUEbB.exe.bmp
2012-08-25 01:27 - 2012-08-25 01:28 - 0000007 _____ () C:\ProgramData\listaloca
2012-08-18 18:49 - 2013-02-08 11:55 - 0000103 _____ () C:\ProgramData\sdr.bmp
 
Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3lj7ta.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 16:38
 
==================== End Of Log ============================
 
Addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Peter at 2015-05-16 15:54:26
Running from C:\Users\Peter\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2948383268-4287108767-1354885317-500 - Administrator - Disabled)
Guest (S-1-5-21-2948383268-4287108767-1354885317-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2948383268-4287108767-1354885317-1002 - Limited - Enabled)
Peter (S-1-5-21-2948383268-4287108767-1354885317-1000 - Administrator - Enabled) => C:\Users\Peter
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AaAaAA!!! - A Reckless Disregard for Gravity (HKLM-x32\...\Steam App 15520) (Version:  - Dejobaan Games)
AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (HKLM-x32\...\Steam App 15560) (Version:  - )
Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AES Crypt (HKLM\...\{F83B33CD-1422-448A-82DC-26D174F49189}) (Version: 3.08 - Packetizer, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
And Yet It Moves (HKLM-x32\...\Steam App 18700) (Version:  - Broken Rules)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atom Zombie Smasher  (HKLM-x32\...\Steam App 55040) (Version:  - )
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.4.7200 - )
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )
Back to the Future: Ep 1 - It's About Time (HKLM-x32\...\Steam App 31290) (Version:  - Telltale Games)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios Ltd.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - Amanita Design)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Capsized (HKLM-x32\...\Steam App 95300) (Version:  - Alientrap Games Inc)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - )
Catan (HKLM-x32\...\Steam App 239410) (Version:  - United Soft Media)
ccc-core-static (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
ChaosPro (HKLM-x32\...\ChaosPro 4.0) (Version: 4.0.249 - Martin Pfingstl, http://www.chaospro.de)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Cogs (HKLM-x32\...\Steam App 26500) (Version:  - Lazy 8 Studios)
Combined Community Codec Pack 2010-10-10 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crayon Physics Deluxe (HKLM-x32\...\Steam App 26900) (Version:  - Kloonigames)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Elegy For A Dead World (HKLM-x32\...\Steam App 252290) (Version:  - Dejobaan Games, LLC)
English Country Tune (HKLM-x32\...\Steam App 207570) (Version:  - )
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Fireplace by PES Screen Saver (HKLM-x32\...\Fireplace by PES) (Version:  - )
Fractal (HKLM-x32\...\{3485CDCE-2099-4B10-8E90-2953C5D26A6A}) (Version: 1.1.0 - Cipher Prime Studios, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Audio CD Burner version 1.4.8 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.40.7.WIN.FullTilt.COM - )
Gambit (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Gambit) (Version:  - )
GameSave Manager v3 (HKLM-x32\...\GameSaveManager_v3) (Version: 3.1.442.0 - InsaneMatt)
gedit 2.30.1 (HKLM-x32\...\gedit_is1) (Version: 2.30.1 - GNOME)
GIMP 2.6.12-2 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.02) (Version: 9.02 - Artifex Software Inc.)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)
Hammerfight (HKLM-x32\...\Steam App 41100) (Version:  - KranX Productions)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
Hector: Ep 1 (HKLM-x32\...\Steam App 94600) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.142.0 - ATI Technologies Inc.) Hidden
Ikaruga (HKLM-x32\...\Steam App 253750) (Version:  - Treasure)
Intrusion 2 (HKLM-x32\...\Steam App 214970) (Version:  - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
KLatexFormula 3.2.4 (HKLM-x32\...\KLatexFormula-3.2.4) (Version: 3.2.4 - Philippe Faist <philippe.faist@bluewin.ch>)
L.A. Noire: The Complete Edition (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2610 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2610 - CyberLink Corp.) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version: 4.1.3.2 - The Document Foundation)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - )
LizardTech DjVu Control (autoinstall) (HKLM-x32\...\DjVu) (Version:  - )
LPSolve IDE 5.5.2.0 (HKLM-x32\...\LPSolve IDE_is1) (Version: 5.5.2.0 - Free Software Foundation, Inc.)
Machinarium (HKLM-x32\...\Steam App 40700) (Version:  - Amanita Design)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeChat (HKLM\...\{BD198331-FF8A-4DEB-9F30-A0AC56625A3B}) (Version: 1.40.224.0 - Microsoft)
Microsoft Office Home and Student 60 day trial (HKLM-x32\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-9e75166c-78f6-4d4c-ab0a-27acce5a5efe) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-9e9a58c4-1d1e-4d35-ac50-ff44535fe0c9) (Version:  - Epic Games, Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.34 - Symantec)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.8 - )
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
office Convert Pdf to Jpg Jpeg Tiff Free 6.5 (HKLM-x32\...\office Convert Pdf to Jpg Jpeg Tiff Free_is1) (Version:  - Officeconvert Software, Inc.)
Oil Rush (HKLM-x32\...\Steam App 200390) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Osmos (HKLM-x32\...\Steam App 29180) (Version:  - Hemisphere Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.7.11 - )
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plex Media Server (HKLM-x32\...\{16eca963-68c5-4756-80f9-db9094a4d6f0}) (Version: 0.9.1104 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1104 - Plex, Inc.) Hidden
Poker - Espacejeux (HKLM-x32\...\Poker - Espacejeux ) (Version:  - Boss Media AB)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2704 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2704 - CyberLink Corp.) Hidden
Proteus (HKLM-x32\...\Steam App 219680) (Version:  - )
Psychonauts (HKLM-x32\...\Steam App 3830) (Version:  - Double Fine Productions, Inc.)
Puzzle Agent (HKLM-x32\...\Steam App 31270) (Version:  - Telltale Games)
Puzzle Agent 2 (HKLM-x32\...\Steam App 94590) (Version:  - )
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
Q.U.B.E. (HKLM-x32\...\Steam App 203730) (Version:  - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rampant Logic Postscript Viewer 1.1 (HKLM-x32\...\{39C4C6DE-641B-483F-B875-2AEDF0FB85CA}_is1) (Version:  - Rampant Logic)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Receiver (HKLM-x32\...\Steam App 234190) (Version:  - Wolfire Games)
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revenge of the Titans (HKLM-x32\...\Steam App 93200) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Sam & Max 301: The Penal Zone (HKLM-x32\...\Steam App 31220) (Version:  - Telltale Games)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Small World 2 (HKLM-x32\...\Steam App 235620) (Version:  - Days of Wonder)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Sega)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\Spotify) (Version: 0.9.2.18.gcaf36646 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steel Storm: Burning Retribution (HKLM-x32\...\Steam App 96200) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version:  - )
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeXworks 0.4.3 (HKLM-x32\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
The Binding Of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Photographer's Ephemeris (HKLM-x32\...\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1) (Version: 1.1.1 - UNKNOWN)
The Photographer's Ephemeris (x32 Version: 1.1.1 - UNKNOWN) Hidden
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version:  - Days of Wonder)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version:  - Jonathan Lermitage)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version:  - )
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
To the Moon (HKLM-x32\...\To the Moon) (Version: 1.0 - Freebird Games)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - )
Wallace & Gromit Ep 1: Fright of the Bumblebees (HKLM-x32\...\Steam App 31100) (Version:  - Telltale Games)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D Boy)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2948383268-4287108767-1354885317-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Peter\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
09-05-2015 23:43:25 Removed iTunes
10-05-2015 15:42:19 Removed Bonjour
12-05-2015 17:24:55 Removed HP Support Assistant.
12-05-2015 17:30:18 Windows Modules Installer
12-05-2015 17:31:42 Windows Modules Installer
12-05-2015 17:51:10 Installed HP Support Assistant
12-05-2015 17:55:23 Windows Modules Installer
12-05-2015 17:56:44 Windows Modules Installer
13-05-2015 11:33:26 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2013-02-08 12:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0F88CE7C-A0EC-4628-B756-8BA82FAB7846} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {4DD7A0F3-B7D7-44F9-A368-5E5F91938EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {4E8B84FE-381E-400F-A324-97438388866E} - System32\Tasks\{F3FBB1B8-EACE-4D21-A0D0-BB75AD81B87D} => pcalua.exe -a "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOGLVH26\Firefox%20Setup%204.0.1[2].exe" -d C:\Users\Peter\Desktop
Task: {928E3585-85D7-4132-8F10-85AD8C390050} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe [2009-09-24] (Microsoft Corporation)
Task: {9C0B8F9D-F82D-42A2-91C6-6798E69311A2} - System32\Tasks\AVG_SYS_TASK_0415av_RUN => C:\ProgramData\Avg_Update_0415av\AVG-Secure-Search-Update_0415av.exe
Task: {AA1AB9D0-D217-4C5E-8DE9-5FE87F29A921} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AADE8185-DBAD-4226-91FD-D1DB23EB4720} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B42D1A3A-0775-4B3B-925D-08E74E83B065} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {BAF13652-8A08-449B-AFED-1F03C14C9F3A} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {BE8877D4-52CE-4276-84F0-F7191CE4A84C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {C0C137A6-17ED-4E74-9FC4-7B930B252B4D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C245DD1A-F068-4E26-8FB1-8D5B0B0F57BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D4B76A8C-B7F1-4BAA-92B6-F76C803AA3C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-28] (Google Inc.)
Task: {D91D140B-59D4-4019-9D85-30CB2E708C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {E4E0D67A-A2D5-4FCA-95DB-F5EEFE0136C3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {EB40A247-61B8-4371-9B80-BEDE52BDCC40} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2014-08-21] (Hewlett-Packard Company)
Task: {ECCB742C-DEC4-4A1F-B365-8874201FA72C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-28] (Google Inc.)
Task: {F1E495A8-8D71-442B-A66D-D78D2EE0F139} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {F2496D86-7066-41A8-9D4C-BF9642F1F41A} - System32\Tasks\HPCeeScheduleForPeter => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F5F19E5A-E087-4A8B-A595-73EF50BBF9F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {F87B506A-B99C-47D1-A63D-C7358D7B5AF4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {FB7AE8AC-820B-4A67-928C-1D23679385E8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000Core.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2948383268-4287108767-1354885317-1000UA.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPeter.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-09-03 07:07 - 2014-09-03 07:07 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-08-28 20:23 - 2013-08-28 20:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-03 06:53 - 2014-09-03 06:53 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-09-03 06:48 - 2014-09-03 06:48 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-09-03 06:41 - 2014-09-03 06:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-09-03 06:53 - 2014-09-03 06:53 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-09-03 06:56 - 2014-09-03 06:56 - 00742400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 01883272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2015-05-16 15:48 - 2015-05-16 15:48 - 00043008 _____ () c:\users\peter\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3lj7ta.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00750080 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00047616 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00865280 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00200704 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00010240 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00726016 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00010240 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-08-28 20:25 - 2013-08-28 20:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-11-20 12:56 - 2014-11-20 12:56 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-11-20 12:55 - 2014-11-20 12:55 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-11-20 12:56 - 2014-11-20 12:56 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-11-20 12:55 - 2014-11-20 12:55 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Peter\Downloads\autodetectutility.exe:BDU
AlternateDataStreams: C:\Users\Peter\Downloads\avg_free_stb_all_5863p1_177.exe:BDU
AlternateDataStreams: C:\Users\Peter\Downloads\instspeedfan451.exe:BDU
AlternateDataStreams: C:\Users\Peter\Downloads\Shockwave_Installer_Slim.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2948383268-4287108767-1354885317-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254 - 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{501F0C05-3D97-4A46-B43C-81166CD19EAF}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{6E84D328-0E1F-4D12-A807-8249D9E41D26}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{BA598A71-7563-4927-B102-F80EA043BEDA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{89A79717-2C2C-494E-83D1-C9AB4A8C590D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{C8A2FFE6-A367-45DA-BEAD-CC0A797DA5E9}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{9BF6ABBE-DDD2-4CC3-B092-92EE90067087}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{E63B82C0-06D7-4859-94DE-DEAD061A9A2A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{26EE81B6-FDAB-4728-AA2D-193C8714DD98}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{FEB40FD7-54A2-4A64-91E1-5AD84E14A99F}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{68C64B37-24D8-438A-8B2E-E6AA11D3BC60}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{D9D717B1-0ECA-41C7-9130-5AC3B89BEA56}] => (Allow) LPort=7000
FirewallRules: [{B95B4C1A-FBB7-4F10-A743-5323B3BB9DFA}] => (Allow) LPort=7000
FirewallRules: [{422D9D72-E6E3-4CE9-AB16-654E7B63BBEC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0177C94-A797-4998-916E-06665E685917}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B3675E35-3FFD-4290-BC1D-3D06B4154BE2}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1182637-B92A-4CBA-BF62-DAA9DA0B1A02}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{FD6E309C-AD7F-41AE-B0F5-4E4E251747E1}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{B7625673-DDD0-4A60-93FF-1F94A8189309}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [TCP Query User{4692D4B0-595B-41A8-A3F8-F3CA900B7FEB}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6F55E546-8498-4DD5-B014-E26560B64F8C}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{986D73B9-C832-4AC7-9A19-78C6BB395A98}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{F6B2B996-86D1-4578-B68A-09A4E26E1C5E}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{972C267E-7713-47AA-9938-C7BE56211758}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{04D8B14F-21FC-459A-87A7-DC046B646371}] => (Allow) LPort=2869
FirewallRules: [{2520A708-3E74-4322-9ADD-11FD6E823B93}] => (Allow) LPort=1900
FirewallRules: [{EFFA31A4-3319-49BA-9A3E-0C56A166B4F8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5A273C41-A54A-4C1D-8DC1-FCB7D8792355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe
FirewallRules: [{8C44E036-A815-48F1-9C48-2BD93A3315D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe
FirewallRules: [{1D2F7634-C965-454E-A901-CFE962089BF4}] => (Allow) C:\Users\Peter\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9D488809-2EEA-4C40-A855-4DABD633DF45}] => (Allow) C:\Users\Peter\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{CE09DF72-A9AC-4F2C-9751-C74C8AB33AE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hammerfight\Hammerfight.exe
FirewallRules: [{6ABC98F9-7DAB-4D21-A4B3-0A303D297D20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hammerfight\Hammerfight.exe
FirewallRules: [{0DC07AE7-2D44-4802-A086-5D4A118E6E7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\machinarium\machinarium.exe
FirewallRules: [{F719A091-148E-4D84-A64F-F0270FC6ACBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\machinarium\machinarium.exe
FirewallRules: [{5B5730F6-791C-43E4-890B-FB9D01B05180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crayon physics deluxe\launcher.exe
FirewallRules: [{48C7600A-ECFE-4AED-8C92-3233391BF3E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crayon physics deluxe\launcher.exe
FirewallRules: [{8068AA6A-10E6-4F0C-B143-2F21454CC25F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of goo\WorldOfGoo.exe
FirewallRules: [{D4161CB8-1E38-44F0-8585-E03B3380AECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of goo\WorldOfGoo.exe
FirewallRules: [{01064E20-CC6D-4890-940F-E2E8E6DD630E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\osmos\osmos.exe
FirewallRules: [{696F8076-982F-4A5F-98CE-BF8494AECFEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\osmos\osmos.exe
FirewallRules: [TCP Query User{EC9DBBF6-C690-4B47-9727-9E8CC98925DB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{85232D90-EDC4-435D-AFA0-2D568F436F51}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{AC7725A7-5D28-4964-A34E-7ADBEAB90717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\cogs\cogs.exe
FirewallRules: [{646F058E-D753-43EE-AB5D-9B9A6303E185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\cogs\cogs.exe
FirewallRules: [{6D177E75-421E-4CA6-A59A-B32E29DB2428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{9B62613B-E57B-48BE-8C5B-DA1FBB64E90E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{F8C6F791-F00E-40FC-9029-58B9480EB23C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\SonicGenerations.exe
FirewallRules: [{85F2AE0E-77F7-4362-A044-06BD979C7BAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\SonicGenerations.exe
FirewallRules: [{56321E63-A0F7-4683-897B-19EC91C7C6D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\ConfigurationTool.exe
FirewallRules: [{1ED8F82C-211F-4BF6-B01A-4E84D0DD86D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sonic generations\ConfigurationTool.exe
FirewallRules: [{C8BC29D3-DE78-49EC-B11A-5D1E023DD482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\revenge of the titans\RevengeOfTheTitans.exe
FirewallRules: [{ECD2AEC5-6426-4CDC-9AAC-4A59BB35166E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\revenge of the titans\RevengeOfTheTitans.exe
FirewallRules: [{C359A5F5-37C4-45A8-91D6-989F57A5AAA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1077F442-A18F-40D6-88A4-98F7DD0F776C}C:\program files (x86)\pidgin\pidgin.exe] => (Block) C:\program files (x86)\pidgin\pidgin.exe
FirewallRules: [UDP Query User{7177C182-D4C5-402B-8177-B20EC00E4888}C:\program files (x86)\pidgin\pidgin.exe] => (Block) C:\program files (x86)\pidgin\pidgin.exe
FirewallRules: [TCP Query User{8B1349D4-2712-42EF-88FD-3A90D3928ECA}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{AC7A49CD-7F4B-49E4-A6F2-F5BD4CF08F0E}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{4E872EBB-C6F9-4FAF-83F3-392350604373}C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe
FirewallRules: [UDP Query User{8711A73E-3BBD-435F-928C-ADF8D7826A8E}C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\peter\appdata\local\google\google talk plugin\googletalkplugin.exe
FirewallRules: [{E09B7580-D657-4002-A718-6A3A9B0C39CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\qube\Binaries\Win32\QUBE.exe
FirewallRules: [{2EA2D95B-82A3-42F1-933E-68B45F1A8E35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\qube\Binaries\Win32\QUBE.exe
FirewallRules: [{537C48DC-3DAD-4C22-B9BF-AE770F086234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{8A1907B4-810D-4F22-A562-B2FBEA79B2A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{76D54450-F3D9-47D4-9B64-7070AAA006FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E6E31559-55A0-43B9-BEF8-8D40953012E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{ACB54A1C-5F7B-4E35-9293-BDFF00F886EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{60E7EAC0-8978-48F3-9DC5-C1C7D97B41C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{B113AC50-7457-44C5-BB20-38FE42AD98EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{9A6E14F3-62B5-419A-A67F-2B0ED8FE2DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{FB4A3BC8-C610-43A1-9E7F-6298BAB060B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\steelstorm.exe
FirewallRules: [{69BFB3E4-26D5-493B-9045-19B537AB4EBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\steelstorm.exe
FirewallRules: [{C6A9C472-2B3C-42D8-AD10-E5556E1212B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe
FirewallRules: [{1C3E21E5-2FD2-4A78-9E8B-F3DC9399C2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe
FirewallRules: [{690BC3AF-07C3-4B12-80B1-E1159D974EF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\l.a.noire\LANLauncher.exe
FirewallRules: [{73F3D988-78BB-420E-8687-C70BA8DACA15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\l.a.noire\LANLauncher.exe
FirewallRules: [{91F2448F-D04E-4757-864F-1A71DBBF19A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dear esther\dearesther.exe
FirewallRules: [{0E3AF05F-4AF4-4414-8849-3768DD250495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dear esther\dearesther.exe
FirewallRules: [{157764AE-3910-4DAE-BA40-B20C0ACAE03F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe
FirewallRules: [{F7A3EE7D-B3BC-4289-87A6-79BB8CE953D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe
FirewallRules: [{3EBE6C5F-090B-4129-A4A0-F25BB22160BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\limbo\limbo.exe
FirewallRules: [{E64CE48F-98BB-454D-AD61-13CA52347095}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\limbo\limbo.exe
FirewallRules: [{79E1279A-DD6F-49BD-A6AE-8CC86FDD2CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sega classics\SEGAGenesisClassics.exe
FirewallRules: [{D3BED4C2-A601-47D4-85A4-DC14C6EE451E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sega classics\SEGAGenesisClassics.exe
FirewallRules: [{C2C37532-5245-434C-8F2E-D5689E3CF678}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\trine_launcher.exe
FirewallRules: [{52C526BF-6A9A-4650-8D02-ECECA5287D3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\trine_launcher.exe
FirewallRules: [{B2510FF3-9CAE-4579-8B5C-DA883962C300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bastion\Bastion.exe
FirewallRules: [{B52DB8C6-9B3D-4500-AE9F-6E900493C64E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bastion\Bastion.exe
FirewallRules: [{E0A9F5A6-59F1-42BD-96E7-CA14BC687B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{705E9872-77FE-4C5D-BE96-84F3ADBC3A24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{64D1919E-52B7-4B77-BA95-29E4AA8A48A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{224B23BC-E902-4B2F-BB15-1C2D66951DFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{F55B756F-4DA6-4891-8E44-24F3001E8779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Episode 1\Hector101.exe
FirewallRules: [{09326825-2336-413B-A060-0527C8442D8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Episode 1\Hector101.exe
FirewallRules: [{1CB45A08-481C-4747-9E5F-C618380AE4D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent 2\Grickle102.exe
FirewallRules: [{D429F595-1677-4086-9AF6-0D51FE018464}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent 2\Grickle102.exe
FirewallRules: [{05F5668E-65BB-4C2B-A8B5-125B86E75D65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe
FirewallRules: [{6C746F96-1510-49D8-B182-FA2320B1A985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe
FirewallRules: [{C01DD522-1F97-42D1-9F15-1E0E3CCEA807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{C9001DAC-D77B-4646-8D06-D84C64E5004D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{8EB91E52-A789-4A1F-BA40-4E1EC1F9C11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent\Grickle101.exe
FirewallRules: [{B8455C02-86E6-4055-A402-25D5C917755E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Agent\Grickle101.exe
FirewallRules: [{8F7AD2B1-8BCA-4059-BDA1-90A6F859B353}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sam and Max 301\SamMax301.exe
FirewallRules: [{2A13C7F7-C4A9-48FF-A50A-B7BA9DA235EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sam and Max 301\SamMax301.exe
FirewallRules: [{3CF3DD83-9BB7-425F-99B7-15357649DC02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallace and Gromit Ep1\WallaceGromit101.exe
FirewallRules: [{8CE0E48F-CB86-492D-B7A8-2986459145F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallace and Gromit Ep1\WallaceGromit101.exe
FirewallRules: [{0A0399DE-4C2F-4913-BDB3-271703A0A1B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{973DAEFD-33ED-432C-9CA8-B49096E39C4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{8A9A80F1-77F0-480F-8264-F2E8C90946F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C889D9F3-0D8D-4C8B-AEC6-7E8F83DE7473}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C8239CEF-6E78-4CFA-8911-8EC2AD6E009C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capsized\Capsized.exe
FirewallRules: [{C594626C-6580-4C48-8092-73DD205F69D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capsized\Capsized.exe
FirewallRules: [{F4371905-44F5-4308-ADAF-B143F92EDA9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{22DA661B-E603-4C40-AF38-1BD8283314F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{8DAAB0A4-006E-4907-9D42-74CCA473FF24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intrusion 2\intrusion2.exe
FirewallRules: [{4F3077C1-5A9A-482A-80B1-F5F723B0C872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intrusion 2\intrusion2.exe
FirewallRules: [{450D1D96-48ED-4168-ABBE-59DE51008DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TinyAndBig\tinyandbig.exe
FirewallRules: [{0D88C8F3-A55A-47C3-B823-0AAB2D4775E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TinyAndBig\tinyandbig.exe
FirewallRules: [{10021C6E-810E-48ED-AAD3-0B0CDF5978A3}] => (Allow) C:\Users\Peter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3CF098A1-200D-427B-82F1-9612D92817C2}] => (Allow) C:\Users\Peter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{21511C58-A143-40C9-95BA-38E0E078B82C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{AA18FF54-0AA6-41D5-9E7A-A9501E828E37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{C28A6B37-03CC-43D6-8EA4-9209649A1D74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{C24F0433-F6F6-4755-80E9-592499A8EA24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{1AAD1BE0-1233-440E-B26A-E6A6E69CD361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{1011FE42-B9BB-46D8-B6AB-FEC35FF5A2D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{486E6E01-9F50-4041-A451-3BABE7340BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{93555B09-B6A1-4BCF-8A74-D4E046EB459A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{2BD02401-4669-45F5-971B-7BC3E3CFE128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A6AFE6C4-BDCD-403F-AB9F-C92470B7D341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{46873CC9-3D08-4BE3-A993-9D4B3CFE5965}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oil Rush\launcher_steam.bat
FirewallRules: [{905B613B-EA4F-4445-B298-EFBF65402ACA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oil Rush\launcher_steam.bat
FirewallRules: [{B3D4E866-CEE9-424D-8DEA-B9B6D2FB4977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{088C5430-4966-4387-BB14-D14F574B9FB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{239DACFA-B421-47D4-9ECF-DEE8EA08FC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{221DA49E-1BBB-46F5-A87B-62231B3EFB11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{25FF8CB6-D6DE-44C5-97F3-1A9B857D1D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{A8E3173D-BCC8-43BA-BFE6-F3378583F5A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{06A00467-8C9A-497D-952F-10EE4EE13D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{199DE7E3-419C-4961-A697-87FB709C716B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{32233F3A-CB2D-4E13-AF30-B0DC8731A347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome.exe
FirewallRules: [{F064B9F1-4637-480B-9BBD-FACF66D25C9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome.exe
FirewallRules: [{75BEE23C-27FD-418F-8644-67AD615A78C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{268BE7AA-178C-49F5-9348-E41635D03EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{6E304529-B845-4BCB-A4DF-09268583BC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{8185E49A-B771-4CA8-ABA8-7C521C25E092}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [TCP Query User{16F9307B-5BD8-4A89-BBDD-5A314D74B452}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{FC29F407-A940-4410-BCA5-F78116F4FAA0}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{AC086C5C-EF91-45D2-A52A-840B60AC44F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{39D26B67-C760-4EE3-9446-FBFD48F4CC2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{81B35C6D-902D-412B-8952-32B000C21ECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{55C2E05B-5F02-4269-A86B-46FAF3B6C345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{660BED04-A3F7-4D18-B9C4-F613091E73A4}C:\program files (x86)\plex home theater\plex home theater.exe] => (Allow) C:\program files (x86)\plex home theater\plex home theater.exe
FirewallRules: [UDP Query User{6B0E2D8E-89C7-4AAC-B33C-48BB90D2066A}C:\program files (x86)\plex home theater\plex home theater.exe] => (Allow) C:\program files (x86)\plex home theater\plex home theater.exe
FirewallRules: [{F439FFDE-D21B-483B-91E9-3551AC412784}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2F2CB35F-B920-417E-BFB9-17B2B7361344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8EC4B592-B90B-40CC-B5E4-885E93BAD90F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe
FirewallRules: [{6CDF4578-DB49-4DB6-8A96-2343AB513E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe
FirewallRules: [{6EB8061C-842B-474E-A5F3-60A178B1F285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{50534EB5-C0DF-4B6B-8F9C-4539FFA9C798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D7E225BA-852C-40B8-A838-56A1915E71BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F67C4387-72D2-4CC2-B573-6750ACCB355D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1EDC187D-EF1E-4A20-BBC9-CE3485EE29EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{4468D44B-8AD6-4E82-8ACF-533AD26C5E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{BDDE5606-906B-49DE-A9F4-BCE21B829A26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{7D4CAABA-549E-42DD-9049-D67482A7B43A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Proteus\Proteus.exe
FirewallRules: [{C12A2F4B-EC56-4DC8-8A04-23F401DC7F4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D46EB859-2D1C-4B07-B9BA-A41216AD679D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{64A14097-880C-489B-8F08-B74D3772BED9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{CF9E1575-3886-44FF-841C-9E7BE1F29B63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{8785C405-C7A2-4781-B365-68BC3ED83E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{78F1A644-9248-420F-8F4C-7BF8AD3C5045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{26071C2A-DD56-48B4-B5C9-1A0CA53C2B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2446DCA9-257A-4CF5-9FD8-50E2F7A48526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{884C0D55-AE60-4EEF-8DA0-42298D968538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{683747C5-AB16-40D5-ADAF-EF913A4F0D75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C9C82C7B-92E6-4779-9652-C7DA00AFB5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2D0C0647-4420-4BC6-BBAA-9C9D436E8838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{AE429EF3-6ED3-448B-9ECE-FD23D529B3F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BD8FF2E9-C579-4544-8E8C-346366803F45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{DDD0EF8E-CB2A-4065-A722-C0FF5FD5A591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1B3AE1AA-9BA9-46E2-8366-F38149F3DDDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C60E3906-6482-440D-9B5B-3E3D340BD17A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{7EFF4EAE-9DFB-431E-B543-82A7B5EA8B6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{42EC6781-8AA6-4897-8987-9572BFDFAFDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{09CF74AA-73EB-4971-9BE1-3225886B6FEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{CA5D1415-3049-4138-B2DF-94EB1717B10D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{6F2032E5-3D09-47E1-AAA1-042A1FA3F448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{97C241D6-D0D5-4902-8E39-CC863DFC3AEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{83823976-CF9B-4FF8-8EF7-BA64B048FB12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{70E3B109-97D1-429E-924E-4B678F4D3A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{8CE17779-8717-4407-99FA-81A14042305A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{BD8316EE-5A3D-4160-8348-5E4A9C5E07A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{408F3827-F922-415D-9A55-216A329EBECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{B5196823-A46D-4300-8920-D1CEB23AE81D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{A55285E9-CA45-4A9A-B734-5660AF0E7689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4B8809D0-6891-4F4D-8E5F-DB0E42D25F7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D79806FE-A0F3-4DB5-BD54-C15B443A9010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{575B7859-F2AB-471F-B73A-2BF87BC0A421}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{509E82C0-C499-4374-88E0-C2C70FEEC134}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{B2955985-009F-4890-A4BB-A4E8EA9DEA7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{6E331E7A-B88A-49CB-B243-E0D583312510}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{A235009B-9C2E-4699-B378-8B0378F60175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{395816D8-F9A6-4BA3-8A1F-8EC5943D1CED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{662E6834-BFA0-447D-B5FF-6DCF0DF022EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{81126081-0A0B-4F69-BEE6-5F98FEAA4F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{15734349-FAE2-40EC-AF55-C23902D08878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{FC2CC6A8-C1E4-4228-A430-8457614E89B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3E941089-A9E0-410B-87ED-5900BF61C3B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E80E87F0-AADE-4D3A-B2AE-2799FE161B6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{B22FBF26-CFEE-4F65-9A0E-98FB0215503E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D431F6D1-1BA9-43F5-9A91-547EE1CE38F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{ED421EFB-7BDA-4ED0-BCAA-DD5A41C47833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{EDA90B45-1A5F-499D-907F-39129195969F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{57DB0720-AED5-496D-8B50-501C0BEBF58A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bittriprunner2\runner2.exe
FirewallRules: [{F253598D-71F8-4566-BD85-BEC29DD98775}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bittriprunner2\runner2.exe
FirewallRules: [{DCD4829E-02C9-4DD4-A305-2F2E73C629EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{16B2881A-90F9-4439-8AE2-55D303563FA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{A855A93F-AE34-468D-845D-C0F5AD17ACD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F6334D4C-AB25-4814-AA4B-F845EAA4DEA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1C219A35-F924-471A-972C-EAB5BBD69BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\SteamLauncher.exe
FirewallRules: [{A4BFD9BE-5D82-4314-ADF4-C257F4002F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\SteamLauncher.exe
FirewallRules: [{6142541D-533A-4D1E-B5AF-1A8695DAB163}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Botanicula\Botanicula.exe
FirewallRules: [{21040C72-26FB-4EBF-93DC-4382D2A4FEC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Botanicula\Botanicula.exe
FirewallRules: [{85A7AF7A-CDB6-4AE3-8DD8-7AE071941CE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\braid\braid.exe
FirewallRules: [{35B57290-1945-47DB-96D6-40A189FE2651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\braid\braid.exe
FirewallRules: [{59042924-796D-4F88-B378-E8D527188CBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{C7EBA62D-3028-4559-9214-9CF8952D4DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{169CECAD-4B2D-4662-BA49-4C9E7128E35D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{64DF5258-2EB4-4B3F-8082-3EF2DEDE2230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{58A50821-9123-41DF-8346-AD40DB281721}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C94BE445-43EE-4EE5-B43A-7B8A605E9BA2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51A08203-AD38-439B-8BA5-4656F9933850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Receiver\Receiver.exe
FirewallRules: [{08AC485A-5E24-44AA-8BEA-0EB116758E1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Receiver\Receiver.exe
FirewallRules: [{09100281-BF1A-483F-952E-3EAA04866B90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome_DirectToRift.exe
FirewallRules: [{ABA3F75C-1C01-4A99-B0D5-26622683BDAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\awesome\Awesome_DirectToRift.exe
FirewallRules: [{52F89FAF-A252-4AF9-96F3-A243388BF7F1}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{0B51D510-FD16-4BA2-8067-11A9846052AE}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{862984A6-3A92-4346-BE93-F34722B28EF3}] => (Allow) C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\mrjyhhsz.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [{0B9A5544-72B9-49F0-9BA5-874BFCB50AE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{84A7219D-ED7C-4CFB-B915-4490A7DC2762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{D301F82A-9E09-43BB-B6CB-67150C1AD749}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{84DD6C37-C702-4D16-9C1F-30B6E738754B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{6AABEA52-4484-439A-8EA7-30C55D477865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElegyForADeadWorld\Elegy.exe
FirewallRules: [{7EA7216B-1278-4F6A-A226-1FE520A8123E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElegyForADeadWorld\Elegy.exe
FirewallRules: [{74869DCA-D09F-4215-9A3F-FA2145A19CBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_gold\THIEF.EXE
FirewallRules: [{2245CA41-D96C-4120-89B3-4EE20AA43136}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thief_gold\THIEF.EXE
FirewallRules: [{2297132D-B153-44D9-BFB7-2EE5E23476BF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3ACA1737-6337-40A6-A121-B44F55D8667B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DE91550-C486-4B3C-B4E9-A31647ED2634}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\Catan.exe
FirewallRules: [{3F871A7B-AC91-4A1C-9B72-566525D4F286}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\Catan.exe
FirewallRules: [{6700D101-210A-450C-B8E9-8DAA239413D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\CatanEdit.exe
FirewallRules: [{33574749-6B23-46C7-B3B7-C758796BD5AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan\bin\Release\CatanEdit.exe
FirewallRules: [{41E710A3-CA3A-45BD-9EB8-ABBE70BD6DC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{E263344D-B4B4-4447-A039-CEB54194BA98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{69981E99-64B4-4A81-B152-80CFDEF24E66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{D1A2B0B9-30C2-4F0A-8D79-28EFA725C4C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{FA2E928D-6177-4822-8CA8-26E33F2E2238}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{78077739-0A6A-464E-8465-1286D8D54B22}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{1852F306-68DF-4BF0-BFC7-43A130F21BCA}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{8DEDCA2C-2290-4E01-BAB6-6E936B7C66A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{3AEBE91F-2E21-4B04-951E-DFFE99E3C296}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{0516D4BD-53A1-4347-B4CE-24F944B64A22}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A76D8FC7-D109-4BE0-810F-E620F28893A7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{3A7F87D0-4530-447A-94B2-292979D6836E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{04BDD35A-9B36-4A1E-B9A5-48B34A68F10D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{57D6EA5E-7312-42B4-8433-BD6E6FCFEB86}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8FCEA87B-5485-4905-A791-6CEBB07A2143}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{F8805577-BD20-4977-B921-B4C5A64F7B46}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{DD3AE237-9A99-4DB3-90B5-C66E272E879A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B6F38703-A794-465C-A4C7-EE71BEEA2669}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/16/2015 03:26:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfodirect.p5x, version: 6.0.5418.27, time stamp: 0x4b55fdaf
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x14cc
Faulting application start time: 0xpcdrsysinfodirect.p5x0
Faulting application path: pcdrsysinfodirect.p5x1
Faulting module path: pcdrsysinfodirect.p5x2
Report Id: pcdrsysinfodirect.p5x3
 
Error: (05/16/2015 03:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0xbf4
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/16/2015 03:01:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0xee0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (05/16/2015 03:01:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0xe14
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/16/2015 02:53:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x165c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/16/2015 02:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x13a8
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/16/2015 02:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Nv2-PC.exe, version: 11.1.102.55, time stamp: 0x4eaf85a8
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8808
Exception code: 0xc0000005
Fault offset: 0x000332d0
Faulting process id: 0x1508
Faulting application start time: 0xNv2-PC.exe0
Faulting application path: Nv2-PC.exe1
Faulting module path: Nv2-PC.exe2
Report Id: Nv2-PC.exe3
 
Error: (05/15/2015 11:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x45c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
 
Error: (05/14/2015 00:05:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Nv2-PC.exe, version: 11.1.102.55, time stamp: 0x4eaf85a8
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8808
Exception code: 0xc0000005
Fault offset: 0x00033e34
Faulting process id: 0xd84
Faulting application start time: 0xNv2-PC.exe0
Faulting application path: Nv2-PC.exe1
Faulting module path: Nv2-PC.exe2
Report Id: Nv2-PC.exe3
 
Error: (05/13/2015 04:03:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPSF.exe, version: 7.7.34.34, time stamp: 0x53f66fe0
Faulting module name: ntdll.dll, version: 6.1.7601.18839, time stamp: 0x553e8bfa
Exception code: 0xc0000374
Fault offset: 0x00000000000bfc22
Faulting process id: 0x126c
Faulting application start time: 0xHPSF.exe0
Faulting application path: HPSF.exe1
Faulting module path: HPSF.exe2
Report Id: HPSF.exe3
 
 
System errors:
=============
Error: (05/16/2015 02:42:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Architect Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Architect Helper Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DirMngr service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (05/16/2015 02:42:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/16/2015 02:42:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/16/2015 03:26:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcdrsysinfodirect.p5x6.0.5418.274b55fdafntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc2214cc01d0900e2eaa658fC:\Program Files\PC-Doctor for Windows\pcdrsysinfodirect.p5xC:\Windows\SYSTEM32\ntdll.dll6deb9a5d-fc01-11e4-83b1-7071bc452443
 
Error: (05/16/2015 03:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22bf401d0900de6fecc3cC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll292985ac-fc01-11e4-83b1-7071bc452443
 
Error: (05/16/2015 03:01:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22ee001d090064a6cafe2C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllf0b700a7-fbfd-11e4-83b1-7071bc452443
 
Error: (05/16/2015 03:01:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22e1401d0900aaeab415aC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dlleca6e76c-fbfd-11e4-83b1-7071bc452443
 
Error: (05/16/2015 02:53:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22165c01d090098e57e90fC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dllcd51b496-fbfc-11e4-83b1-7071bc452443
 
Error: (05/16/2015 02:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc2213a801d09006f7169c55C:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll36687ac5-fbfa-11e4-83b1-7071bc452443
 
Error: (05/16/2015 02:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nv2-PC.exe11.1.102.554eaf85a8ntdll.dll6.1.7601.18839553e8808c0000005000332d0150801d09006a0a052fdC:\Users\Peter\Desktop\Nv2-PC.exeC:\Windows\SysWOW64\ntdll.dlle2e74e15-fbf9-11e4-83b1-7071bc452443
 
Error: (05/15/2015 11:33:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc2245c01d08f89171a600aC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll5569f3b6-fb7c-11e4-aa6e-7071bc452443
 
Error: (05/14/2015 00:05:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nv2-PC.exe11.1.102.554eaf85a8ntdll.dll6.1.7601.18839553e8808c000000500033e34d8401d08dfb37653bd8C:\Users\Peter\Desktop\Nv2-PC.exeC:\Windows\SysWOW64\ntdll.dll76aaf2ee-f9ee-11e4-aa6e-7071bc452443
 
Error: (05/13/2015 04:03:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPSF.exe7.7.34.3453f66fe0ntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22126c01d08db7d5f81993C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeC:\Windows\SYSTEM32\ntdll.dll1583190b-f9ab-11e4-aa6e-7071bc452443
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-08 11:10:44.201
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-08 11:10:44.108
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 6143.18 MB
Available physical RAM: 3358.18 MB
Total Pagefile: 12284.57 MB
Available Pagefile: 9701.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.04 GB) (Free:237.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.37 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3E57528F)
Partition 1: (Active) - (Size=106 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#11 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:01 PM

Posted 16 May 2015 - 03:15 PM

Hello shma,

The command EmptyTemp: => Removed 6.9 GB temporary data.

We remove temp files (incl. browser history) always when running a script , because they can contain malware.


Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Under "Java Platform, Standard Edition"...click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-8u**-windows-i586.exe or Windows x64: jre-8u**-windows-x64.exe) and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8u25-windows-i586.exe (or jre-8u25-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

---


Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs: (Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 17 May 2015 - 08:19 AM

Hi Jo, sorry for the late reply, the scans took a while to complete and it was late when the finished.

 

Please note that when I tried to access the Java settings, the program crashed. However, after I closed Java, I was able to restart it and access the settings properly. I have not had any problems accessing 'Configure Java' since then.

 

MBAM did not find any threats, while ESET found a few potential threats.

 

I am attaching the log files. Please note that ESET quarantined the files by default.

Attached Files



#13 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:01 PM

Posted 17 May 2015 - 08:30 AM

Download ComboFix from the following location:
Link

* IMPORTANT- Save ComboFix.exe to your Desktop
 

***


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link:
How to Disable your Security Programs


***


Double click on combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Enable your antivirus!
 

***


Please download Farbar Service Scanner and run it on the computer with the issue.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure "Include All Files" option remains checked.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

***


Do you still have problems with your Windows 7 ?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 shma

shma
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 17 May 2015 - 09:00 AM

Hi Jo, I still have the same problems. Combofix and FSS log files are included as attachments.

Attached Files



#15 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:01 PM

Posted 17 May 2015 - 09:14 AM

Hello shma,

well done. :)

It Appears That Your Pc Is Now Clean!

Your remaining issues are not malware related, if you need still help, please start a new topic at our MS Windows forum section.
 

***


Clean up:

We used Combofix.
Deactivate your antivirus software once more.
  • Click START then RUN
  • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

    CF-Uninstall.png
Enable your antivirus software.


***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt
 
start
DeleteQuarantine:
end

Run FRST/FRST64 and press the Fix button just once and wait.
no needed to post the log this time.
 

***


Right-click AdwCleaner.exe and select Run As Administrator.
  • Click on the Uninstall button.
  • A window will open, press the Confirm button.
  • AdwCleaner will uninstall now.

***


Clean up with delfix:
  • please download delfix to your desktop.
  • Close all other programms and start delfix.
  • Please check all the boxes and run the tool.
  • delfix will now delete all found traces of our removal process

***


Delete the log files our tools created; they are located at your desktop or at the
"c:\users\{.......}\Downloads" folder.
Highlight them, and press the del or delete key on the keyboard.
You can browse to the location of the file or folder using either My Computer or Windows Explorer.


***


Here are some Preventive tips to reduce the potential for spyware infection in the future:

1. Browse more secure2. Enable Protected Mode in Internet Explorer. This helps Windows Vista, 7 / 8 users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:
  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Make sure you keep your Windows OS current.
  • Windows XP is no longer supported from MS.
    This is a security risk anyway.
  • Windows Vista / 7 users can update via
    Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane).
4. Avoid P2P
  • If you think you're using a "safe" P2P program, only the program is safe, not the data.
  • You will share files from unsafe sources, and these may be infected.
  • Some bad guys use P2P filesharing as an important chanel to spread their wares.
5. Use only one anti-virus software and keep it up-to-date.

6. Firewall
Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

7. Backup regularly
You never know when your PC will become unstable or become so infected that you can't recover it.

8. Use Strong passwords!

9. Email attachments
Do not open any unknown email attachments, which you received without asking for it!


Extra note:
Keep your Browser, Java, pdf Reader and Adobe Flash Up to Date.
Make sure your programs are up to date - because older versions may contain Security Leaks.
To find out what programs need to be updated, please run the Secunia Software Inspector Scan.
https://secunia.com/vulnerability_scanning/personal/


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users